The table in Compare Three Methods for Connecting to RACF Endpoints shows three connectors. The following table contrasts only the connectors that are available in Identity Management.
The RACF connector is hosted by the Provisioning Server as a server plug-in. The new connector (RACF v2) is hosted by CA IAM Connector Server.
The differences are important if you currently use the old connector and you plan to migrate to the new connector. Use this table to check whether you want to upgrade.
|
Feature |
RACF Connector (Plugin for Provisioning Server) |
RACF v2 Connector (New Java connector with CA IAM Connector Server) |
|---|---|---|
|
Explore & Correlate Explore and Correlate is used by the connector to discover objects in the endpoint. |
Yes |
Yes |
|
Provisioning Manager Provisioning Manager is the legacy client of Identity Management. It provides limited access to the functionalitiy in the RACF v2 connector. |
Yes |
No |
|
Fetch Suffix List "Get Suffixes" feature is not available in RACF v2 connector. Alternatively, when you enter the attributes and submit, an error message is displayed. The error message displays a list of available suffixes at the endpoint. |
Yes |
On Error |
|
Use Logged on Administrator Credentials Legacy mainframe connectors can use logged-in user (Global User) credential to access the endpoint. RACF v2 connector uses the endpoint administrator's login credentials to access the endpoint. |
Yes |
No |
|
SSL All communication between the Client and the CA LDAP Server for z/OS can be encrypted using SSL (Secure Socket Layers). |
Yes |
No |
|
Display System Options The System Options tab in the Provisioning Manager Endpoint screen displays endpoint specific information such as version. For supported v2 connectors, endpoint information is available on the endpoint screen of the Identity Management User Console. |
Yes |
No |
|
Account Create, Read, Update, and Delete |
Yes |
Yes |
|
Assign Group to Account |
Yes |
Yes |
|
Group Create, Read, Update, and Delete |
Yes, in Provisioning Manager only |
No |
|
Account Custom Attributes |
Yes |
Yes |
|
Reverse Sync Reverse sync is a process that allows users to take actions on endpoint accounts discovered by the explore & correlate process based on set of defined policies. |
Yes |
Yes |
|
Multithreading An execution model that provide higher processing efficiency. |
No |
Yes |
|
Password Options On the Provisioning Manager Endpoint screen, the Password Options tab displays endpoint password related information. A similar tab is available in the User Console endpoint screen. It is available if the relevant mainframe 'v2' connector supports this feature. |
No |
No |
|
Password Synch Agent Password Synch Agent is installed at the endpoint. When the Global user is enabled for the password synchronization agent (Available at the Provisioning Manager Global user screen, Password tab), the password change at the endpoint, using the native tool, can be propagated back to the Global User and to the other endpoint accounts of the same Global User. |
No |
No |
|
Import from Identity Management 12.6.2 to CA GovernanceMinder 12.5 SP8, 12.6 SP1 The connector marks a set of objects and attributes as ‘Interesting to compliance’ for the CA GovernanceMinder. CA GovernanceMinder (RCM) connects to Identity Management and extracts Users, Account Templates, Provisioning Roles and Resources. |
Yes |
No |
|
Export from CA GovernanceMinder 12.5 SP8, 12.6 SP1 to Identity Management 12.6.2 CA GovernanceMinder can modify associations on the imported data set. These changes can be pushed to the endpoint through Identity Management. This process is called an export. |
Yes |
No |
|
Copyright © 2013 CA.
All rights reserved.
|
|