Specific Target System Requirements
| System Type | Specific Requirements |
|---|---|
| IBM System i - iSeries - AS/400 | Versions: Version V5R4M0 or newer Services: - Availability of a functional SSL/TLS enabled FTP service on the target LPAR. As the data retrieval may appear to be irresponsive, without providing any progress information, use the following instructions in order to examine the progress. If the data retrieval is cancelled, the objects will remain locked until the processing is finished, therefore the duration will be the same and the information below still applies. Monitoring progress: From a 5250 session, logged on as *SECOFR, issue the following command: DSPFD FILE(EPASDTKLIB/EPASPRFDTA) TYPE(*MBRLIST) The entry "Total records" represents the total number of user profiles processed. When the number will reach the total number of users on the system, the retrieval will be completed. If the retrieval has been cancelled and the operator desires to speed up the process, then the i5/OS job can be manually stopped. Use the following procedure in order to stop it: WRKOBJLCK OBJ(EPASDTKLIB/EPASPRFDTA) OBJTYPE(*FILE) Type option 4 in front of the job entry and confirm with Enter in order to end it. Wait about 30 seconds, then retry the data retrieval operation. Do not end the job without cancelling first the EPAS data retrieval. |
| IBM System z - zSeries - S/390 z/OS RACF | Versions: OS/390 V2R10 or newer, any z/OS version Services: - Availability of a functional, optionally SSL/TLS enabled, MVS native FTP service on the target OR - Availability of a functional, optionally SSL/TLS enabled, MVS TN3270E service and a TSO environment ( IND$FILE). |
| IBM System z - zSeries - S/390 z/VM RACF | Versions: z/VM V6R1 or newer Services: - Availability of a functional, optionally SSL/TLS enabled, MVS TN3270E service ( IND$FILE). |
| Microsoft Active Directory Accounts | Versions: Windows 2003 or newer Services: - The target must not be a read-only domain controller (RODC). - The chosen share must have free space of at least two times the size of the A/D database and system registry. - At least one default administrative share must be enabled. - The WMI service must be started. - The SERVER service must be started. - The VSS service must not be disabled. - Interactive SYSKEY password prompting must be disabled. |
| Microsoft Windows Local Accounts | Versions: Windows Vista or newer Services: - A domain account must be used for EPAS, or UAC must be disabled. - At least one default administrative share must be enabled. - The SERVER service must be started. - The VSS service must not be disabled. - Interactive SYSKEY password prompting must be disabled. |
| MacOS System Accounts | Versions: OSX Lion (10.7.5) or newer Services: - The Remote Login (SSH) service must be enabled. |
| Cisco Accounts | Versions: Cisco IOS / NX-OS / ASA / ISE all current and previous versions. |
| MongoDB System Accounts | Versions: 3.0 and above. All versions which use SCRAM-SHA-1 or SCRAM-SHA-256 password hashes. |
| SAP NetWeaver - ABAP AS | Versions: 6.20 or newer Services: - Each SAP client is audited individually, therefore distinct targets, with separate credentials, must be defined for each client. |
| NetIQ eDirectory | Any user account which is allowed to retrieve passwords in the eDirectory schema should be used. This can be done individually, by using the Allow the following to retrieve passwords option in the password policy definition, within the NetIQ Manager console, for any policy object(s). |