Examice

Exam C2150-609 All QuestionsBrowse all questions from this exam

Question 17

The customer currently maintains all its users in Active Directory. As part of its new IBM Security Access Manager (ISAM) V9.0 deployment, the customer understands it will have to implement the ISAM "Global Sign-on (GSO)" to archive SSO with certain backend applications which do their own authentication and cannot be modified.

Which federated repositories configuration will address the customer requirements?

Use an external ISDS LDAP as the ISAM primary LDAP, federate with the AD and import all AD users into the ISAM TDS.

Configure the AD as the ISAM Primary LDAP, which will create the necessary secauthority= default suffix. Import all users into the ISAM AD.

Use the ISAM embedded LDAP as the Primary LDAP, federate with the AD and configure "basic user", and specify "basic-user-principal-attribute= samAccountName"

Use an external ISDS LDAP as the Primary LDAP, federate with the AD, configure "basic user", specify "basic-user-principal-attribute= samAccountName" and "basic-user-suffix= secauthority=default".

Correct Answer: D

To meet the customer's requirement of maintaining users in Active Directory (AD) and implementing Global Sign-on (GSO) for unmodifiable backend applications, the correct configuration is to use an external IBM Directory Server (ISDS) LDAP as the primary LDAP, federate with AD, configure 'basic user', and specify both 'basic-user-principal-attribute=samAccountName' and 'basic-user-suffix=secauthority=default'. This setup ensures seamless integration and user management without altering the existing backend applications.

Discussion

sweetleifOption: A

It cant be D, basic users are not allowed Global sign-on

examverifiedOption: C

es la c supremoooh

alexgammaroOption: D

I guess the right answer is the letter D.