Connector Guides › Connectors Guide › Connecting to Endpoints › CA Top Secret Connector › Connector-Specific Features › Acquire a CA Top Secret System Using the User Console

Acquire a CA Top Secret System Using the User Console

Acquire the CA Top Secret system before you can administer it with CA Identity Manager.

Follow these steps:

1. Import the role definition file.
2. Select Endpoints, Manage Endpoints, Create Endpoint.
3. Select CA Top Secret from the drop-down list-box on Create a new endpoint of Endpoint Type, and click Ok.
4. In the Endpoint tab, complete the following mandatory fields:

   Endpoint Name

   Specifies the name of the new CA Top Secret endpoint. The endpoint name is the name that appears in the Provisioning Manager. Commas and semi-colons are not allowed.

   Mainframe LDAP IP Address/Machine Name

   Specifies the mainframe LDAP IP Address or machine name of the CA Top Secret.

   Mainframe LDAP Port

   Specifies the Listen Port for the Security Integrator running on the CA Top Secret.

   Mainframe LDAP DN Suffix

   Specifies valid suffixes that are configured for the current CA LDAP Server operations in im naming mode. (See the chapter titled, "CATSS_DN Backend" in the CA LDAP Server for z/OS Administrator Guide for more information on naming mode.)

   Proxy Admin ID

   Allows you to specify an ID that is used to issue the password modifications that are requested through the Workflow. This provides users with the ability to change or reset their passwords if their password has expired and they cannot be authenticated to the system.

   Proxy Admin Password

   The password to the Proxy Admin ID on the CA Top Secret endpoint.

5. Click Submit.

   You are ready to explore and Correlate the endpoint.

6. Click Endpoints, Explore and Correlate Definitions, Create Explore and Correlate Definition to explore the objects that exist on the endpoint.

   The Exploration process finds all CA Top Secret accounts and groups. You can correlate the accounts with global users now or you can correlate them later.

7. Click OK to start a new definition.
8. Complete the Explore and Correlate Tab as follows:
   1. Fill in Explore and Correlate name with a specific name.

      Click Select Container/Endpoint/Explore Method to click a CA-Top Secret endpoint to explore.

   2. Click the Explore/Correlate Actions and perform the following tasks:

      Explore directory for managed objects

      Identifies the objects that are stored on the endpoint and not in the provisioning directory.

      Correlate accounts to users

      Correlates the objects that were found in the explore function with users in the provisioning directory. If the user is found, the object is correlated with the user. However, you can instead select that you want to assign the account to the existing user (the default user) or create the user.

      Update user fields

      If a mapping exists between the object fields and the user fields, the user fields are updated with data from the objects fields.

9. Complete the Recurrence tab if you want to schedule the task execution.
   1. Click Schedule.
   2. Complete the fields for determining the execution time for the task.

      You may prefer to schedule the task to execute overnight to interfere less with routine access of the system.

   Note: This operation requires the client browser to be in the same time zone as the server. For example, if the client time is 10:00 PM on Tuesday and the server time is 7:00 AM, the Explore and Correlate definition does not work.

10. Click Submit.

To use an explore and correlate definition:

1. In a CA Identity Manager environment, click Endpoints, Execute Explore and Correlate.
2. Click an explore and correlate definition to execute.
3. Click Submit.

   Based on the created explore and correlate definition, the user accounts that exist on the endpoint are created or updated in CA Identity Manager.