Previous Topic: CA ACF2 ConnectorNext Topic: Step 2. Review the CA LDAP Server for z/OS Configuration Options

Connector GuidesConnectors GuideConnecting to EndpointsCA ACF2 ConnectorInstall the CA LDAP Server for z/OS

Install the CA LDAP Server for z/OS

The CA LDAP Server for z/OS provides the communication mechanism for this CA Identity Manager Connector. This product is a free offering from CA and can be downloaded from support.ca.com. Once downloaded, refer to the CA LDAP Server for z/OS Installation Guide for information and instructions on how to install it.

Note: The following steps are required to migrate from a previous version to the new version:

  1. The CA LDAP Server for z/OS must be installed on at least one mainframe system. CA LDAP Server must be configured to communicate to every z/OS system that manages CA Identity Manager. Alternatively, you can install it on every z/OS system which CA Identity Manager manages.
  2. The CA LDAP Server(s) must be configured to have an endpoint entry in Provisioning Manager naming mode for each system. For more information about configuring the CA LDAP Server, see the CA LDAP Server for z/OS Administrator Guide.
  3. After upgrading, update each endpoint and also update the information within the Mainframe LDAP Server section. This information matches up with the IP Address, Port, and suffix of the mainframe LDAP Server.

The existing eTrust_ACF.conf file must be removed from the eTrust_Admin.conf file, or alternatively, remove the contents from the file and make blank.

Once all CA LDAP Server installation steps have been completed and your CA LDAP Server is started, the Server is ready to support administration for this Connector. Some clients may need or want to setup additional configuration options for the CA LDAP Server in order to provide additional functionality for the this Connector. Some examples of this additional functionality are the enable_refresh option (instructs the CA LDAP Server to refresh User Profile data whenever it is changed on a Logon ID using the CA LDAP Server), or the enable_secauth option (provides Secondary Authid maintenance on Logon IDs using the CA LDAP Server).

For more information on all available configuration options, see the chapter titled, "CAACF2_DN Backend" in the CA LDAP Server for z/OS Administrator Guide.