The CA ACF2 connector is hosted by the Provisioning Server as a server plug-in. The new connector (CA ACF2 v2) is hosted by CA IAM Connector Server. The following table compares feature support in the CA ACF2 and CA ACF2 v2 connectors.
|
Feature |
CA ACF2 Connector (Plugin for Provisioning Server) |
CA ACF2 v2 Connector (New Java connector with CA IAM Connector Server) |
|---|---|---|
|
Explore & Correlate Explore and Correlate is used by the connector to discover objects in the endpoint. |
Yes |
Yes |
|
Provisioning Manager Provisioning Manager is the legacy client of Identity Management. It provides limited access to functionality in the CA ACF2 v2 connector. |
Yes |
No |
|
Fetch Suffix List The "Get Suffixes" feature is not available in CA ACF2 v2 connector. However, as a workaround, you can enter the attributes and click Submit. An error message displays a list of available suffixes at the endpoint. |
Yes |
On Error |
|
Use Logged on Administrator Credentials Legacy mainframe connectors can use logged-in user (Global User) credential to access the endpoint. The CA ACF2 v2 connector uses the endpoint administrator's login credentials to access the endpoint. |
Yes |
No |
|
SSL All communication between the Client and the CA LDAP Server for z/OS can be encrypted using one way SSL (Secure Socket Layers). |
Yes |
Yes |
|
Display System Options On the Provisioning Manager Endpoint screen, the System Options feature tab displays endpoint specific information such as version. For supported v2 connectors, this information is available on the endpoint screen of the Identity Management User Console. |
Yes |
Yes |
|
Account/LID CRUD Account management activities (Create, Read, Update, Delete). |
Yes |
Yes |
|
Rules Read access and ability to add rule lines. |
Provisioning Manager only |
No |
|
Associate Account with Secondary Auth IDs |
Yes |
No |
|
Account Custom Attributes The default connector provides access to commonly used account attributes. However, you may need to manage additional fields as well. With legacy connectors, map the additional attributes to custom attributes in ‘schema_map.txt’ in the following location: <IMPS_HOME>\data\<Connector Name>\schema_map.txt For new connectors, map custom attributes in Connector Xpress. |
Yes |
Yes |
|
Reverse Sync Reverse sync is a process that allows users to take actions on endpoint accounts discovered by the explore and correlate process based on a set of defined policies. |
Yes |
Yes |
|
Multithreading An execution model that provides higher processing efficiency. |
No |
Yes |
|
Password Options The Password Options tab in the Provisioning Manager displays endpoint password information. A similar tab is available in the Identity Management User Console endpoint screen when the relevant mainframe v2 connector supports this feature. |
Yes |
Yes |
|
Password Synch Agent The Password Synch Agent is installed at the endpoint. When the global user is enabled for the password synchronization agent (in the Provisioning Manager Global user screen, Password tab), a password change at the endpoint, using the native tool, can be propagated back to the Global User and to the other endpoint accounts of the same Global User. |
Yes |
No |
|
LDS Wizard LDAP directory services. |
Provisioning Manager only |
No |
|
Import from Identity Management 12.6 to CA GovernanceMinder 12.5 SP8/12.6.1 The connector marks a set of objects and attributes as ‘Interesting to compliance’ for CA GovernanceMinder. CA GovernanceMinder (CA RCM) connects to Identity Management and extracts Users, Account Templates, Provisioning Roles and Resources. |
Yes |
No |
|
Export to Identity Management 12.6 from CA GovernanceMinder 12.5 SP8/12.6.1 CA GovernanceMinder can modify associations on the imported data set. These changes can be pushed to the endpoint through Identity Management. This process is called an export. |
Yes |
No |
|
Copyright © 2013 CA.
All rights reserved.
|
|