Previous Topic: Securing Communication between ACF2 and CA IAM Connector ServerNext Topic: Ensure that CA IAM Connector Server Is Installed

Identity Management ServiceConnectors GuideConnecting to EndpointsCA Access Control ConnectorCA ACF2 v2 Connector

CA ACF2 v2 Connector

CA ACF2 v2 is a Java connector that is installed with the CA IAM Connector Server. This chapter describes how to connect to a CA ACF2 v2 connector. You can use the CA ACF2 v2 connector to allow the following products to connect to a CA ACF2 endpoint:

In Identity Management, if you are replacing the CA ACF2 connector with the CA ACF2 v2 connector, use the migration tool to migrate account templates and their associations to objects in the CA ACF2 v2 connector. For more information, see Appendix A: How to Migrate Data from the Plug-in Connector section in this guide.

The following diagram shows the tasks that are required to connect to the endpoint, and who does each task.

Diagram showing how to configure ACF2 v2 connector with CA IAM CS to acquire ACF2 endpoint

  1. The mainframe security administrator installs CA LDAP Server on the mainframe, then sets it to use SSL in Server Mode.
  2. The connector server administrator does the following steps:
    1. (If necessary) Install CA IAM Connector Server. For details, search for Install CA IAM CS in the Identity Management bookshelf.
    2. (If necessary) Import the CA LDAP Server certificate into the CA IAM Connector Server keystore.
    3. (If necessary) Map custom attributes.
    4. Integrate the managed endpoints in Identity Management.
    5. For CA CloudMinder, configure the cloud-based CA IAM Connector Server for setting up CA IAM Connector Server on the cloud.
    6. If necessary, the Identity Management administrator migrates data from a CA ACF2 endpoint that used the old plug-in connector. This is described in How to Migrate Data.
  3. The CA product administrators connect to the endpoint in Identity Management or CA CloudMinder.
Install and Configure CA LDAP Server

This procedure is for the mainframe security administrator.

To allow CA IAM Connector Server to communicate with the endpoint, install CA LDAP Server on the mainframe. To keep your data secure, configure CA LDAP Server to use SSL.

For information about CA LDAP Server, use the following links:

Follow these steps:

  1. Install CA LDAP Server.

    Instructions for CA LDAP r15 are in the CA LDAP Installation Guide.

    Instructions for CA LDAP r14, are in the Installation chapter in the CA LDAP Product Guide.

  2. Configure CA LDAP Server to use SSL in Server mode.

    Instructions are in "Client SSL Setup From the Command Line" in the CA LDAP Product Guide for CA LDAP r15 bookshelf.

    These instructions also apply to CA LDAP r14.