Addressing Security Requirements › Define the Started Task User ID for CA LDAP Server
Define the Started Task User ID for CA LDAP Server
The CDT9ACID and CDT9LID jobs create the following security authorizations for CA LDAP Server:
- Permissions to data sets (such as TCP/IP)
- Facility accesses for BPX server and daemon
Important! This should have been completed as part of the CA LDAP Server install. If not, use this procedure to configure CA LDAP Server in accordance with your site specifications. Complete these post-configuration steps before you start the CA LDAP Server Server:
Follow these steps:
- Edit the job to define STC user IDs. Change the HOME in the job to the directory name where you installed LDAP.
- CA ACF2 - CDT9LID in your_ldap_hlq.CDT9JCL
- CA Top Secret - CDT9ACID in your_ldap_hlq.CDT9JCL
- Submit the job.
- Verify the job output.
The STC user IDs are defined for the installation.
- Edit the LDAPR15 STC PROC in your_ldap_hlq.CDT9JCL as follows:
- Change all occurrences of INSTALL_DIR to the path name of the directory that contains the HFS files.
- (If CA Compliance Manager is installed) Change the HLQ argument on the second line to the high-level qualifier of the policy file. Change the VOL argument on the fourth line so that it includes the policy file's VOLSER.
- Uncomment the lines that define the policy and journal files at the end of the proc.
The LDAPR15 STC PROC is updated.
- Copy the LDAPR15 STC PROC from your_ldap_hlq.CDT9JCL into your proclib.
- Update the slapd.env file to add the correct directoryname (PATH and LIBPATH)
The slapd.env file is updated.
- Update the slapd.conf file
Important! For more information on updating these files, see the CA LDAP Server Product Guide and Installation Guide.
- Start the STC using the LDAPR15 job.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|