This section applies to all connectors. However, it is most likely to be relevant to the mainframe connectors.
Symptom:
In many organizations, some endpoints (such as the mainframe systems) have stricter restrictions on passwords than the corporate password policy.
This conflict causes problems if you create a password that meets the requirements of the Identity Management or CA CloudMinder password policy but is invalid on an endpoint. In this situation, the following problems can occur:
Solution:
To avoid this problem, make one or both of the following changes:
This change forces new users to change their password when they log in to User Console.
This section applies to the plugin CA Top Secret connector.
Symptom:
My CA Top Secret endpoint has CA LDAP Server for z/OS r12. When I attempt to set the Administer MLS attribute on an account, I see the following message:
[LDAP: error code 17 - ettsssm5-mlsadmin: attribute type undefined]
Solution:
This error appears because eTTSSM5-MLSADMIN is supported only in CA LDAP Server for z/OS r14+.
You can avoid this problem in the following ways:
The attribute lets you set the “Administer MLS” privilege with its value as write only.
|
Copyright © 2014 CA.
All rights reserved.
|
|