Previous Topic: Implementing CA Compliance Manager for CA Chorus for Security and Compliance ManagementNext Topic: Sample Configuration for Policy Administration

Implementing CA Compliance Manager for CA Chorus for Security and Compliance ManagementConfigure CA LDAP Server and CA Compliance Manager

Configure CA LDAP Server and CA Compliance Manager

The CDT9PCHR job creates and initializes the CA Compliance Manager policy file.

Important! This procedure was completed during installation of CA LDAP Server. If not, use this procedure to configure CA LDAP Server and CA Compliance Manager.

Follow these steps:

  1. Create and initialize the policy file by performing the following substeps:

    Note: The policy file holds the policy statements and policy sets that control component processing for CA Compliance Manager. Create and initialize the policy file before using the CA Compliance Manager and activating its components.

    1. Edit the CDT9PCHR job in your_ldap_hlq.CDT9JCL to conform to your site standards, including changing the CA LDAP Server directory names.
    2. Estimate the amount of space required to store the policy statements and policy sets in the policy file and modify the space parameter in CDT9PCHR, as necessary.
    3. Submit the CDT9PCHR job.

      The job runs and completes. This job may take several minutes to complete.

    4. Check the job output to verify that you successfully created the policy file under the name that you specified in the CDT9PCHR job.

      The policy file is ready for use with CA Compliance Manager.

  2. Update the slapd.conf file to have the appropriate policy file and DB2 table names, including suffix (company name and country code), DB location, DB user, and DB password. If using a Passticket to connect to DB2, omit the DB password and instead specify the DB2 application ID.

    Important! Failure to configure dblocation with the same value as the DDF may result in an authorization error. Failure to configure dbptktapplid with the same value as the LINKNAME value from the DB2 LUNAME results in a Passticket verification error.

    The slapd.conf file now includes the appropriate policy file and DB2 table names.

  3. After you create the policy file and complete the CA Compliance Manager installation and the CA Chorus and CA Chorus for Security and Compliance Management discipline installation, you can use the Administer Compliance Policy quick link in CA Chorus for Security and Compliance Management to define component policy statements and policy sets. We recommend that you regularly back up the policy file by dumping its contents into a data set that you can use later, if necessary, to restore the contents of the current policy file. For backup and restore, use the CDT9PBAC and CDTPRES jobs in your_ldap_hlq.CDT9JCL.

    Note: Default policies for each of the CA Compliance Manager components are automatically installed when the policy file is created and initialized.