Previous Topic: Error: Endpoint cannot be created in this endpoint type.Next Topic: Configure CA Identity Minder Provisioning Manager for SAM

Enterprise Administration GuideImplementing Shared AccountsSAM Endpoint and Shared Account CreationCreate an EndpointCA Identity Minder Provisioning Connection Information

CA Identity Minder Provisioning Connection Information

The CA Identity Minder provisioning connectors let you manage the CA Identity Minder endpoints you defined in your Provisioning Server. Before you create CA Identity Minder endpoints in SAM, you must create an Identity Manager Provisioning type Connector Server.

Note: For more information about how to create a Connector Server, see the Online Help.

Note:When you configure an CA Identity Minder provisioning connector server, specify the full distinguished name of the etaadmin.

For example:

eTGlobalUserName=etaadmin,eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects,dc=ProvisioningDomainName,dc=eta

CA Identity Minder can enforce a password policy that is different from the one that is configured on the target system. If you enforce a password policy on the target system, SAM changes the user password. However, the user cannot use the password on the endpoint. Verify that the password policy on the target system complies with the SAM password policy. For more information about the CA Identity Minder password policy enforce option, see the CA Identity Minder Administration Guide.

When you create endpoints of this type, provide the following information so that CA ControlMinder Enterprise Management can connect to the endpoint:

Endpoint

Defines the name of the endpoint exactly as you defined it in CA Identity Minder Provisioning Server.

CA ControlMinder Enterprise Management displays the CA Identity Minder endpoint types only after you configure the connection in the Provisioning Server.

Host

Defines the host name of the endpoint. This is the logical name you want to assign to this endpoint. CA ControlMinder Enterprise Management uses this name represent the endpoint in World View.

Advanced

Specifies whether you want to use a privileged administrative account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords. For example, you can specify a privileged domain account that can perform administrative tasks on multiple endpoints.

If you specify this option, SAM does not use the User Login account to perform administrative tasks.

More information:

Configure CA Identity Minder Provisioning Manager for SAM