LDAP and MQ SERIES
I'm not wanting to do AUTHENTICATION. IBM's MQ Series is messaging software. A user must have the AUTHORITY to open a queue manager, write a message to a queue, read a message from a queue, etc. The server piece of MQ Series resides on the Linux guest. When a message is sent to the server, MQ Series will check the user id within the message to ensure that the user id has the authority to do certain functions. That user id must exist and that is all MQ is concerned with. It does not care about the password, group id, user id, etc., just that the user id exists. Using MQ commands I have give MQ the information where that ID exist, in this case in a group house on Active Directory. Internally MQ is going to make a security call, whether it be local or to Active Directory via LDAP.
Therefore I want to use LDAP to validate the authority of a user id to be able to carry out certain MQ functions. This user id will NEVER log onto the physical server and be authenticated. Authentication of users who need to administer the physical server will be handled by third party software. I cannot use this third party software with MQ because of licensing problems.