Connector GuidesConnectors GuideConnecting to EndpointsCA Top Secret ConnectorConnector-Specific Features › Acquire a CA Top Secret System Using the Provisioning Manager

Previous Topic: Acquire a CA Top Secret System Using the User Console

Next Topic: Register CA Top Secret Endpoints on Windows
Acquire a CA Top Secret System Using the Provisioning Manager

You must acquire the CA Top Secret system before you can administer it with CA Identity Manager. When acquiring a CA Top Secret system, perform the following steps from the Endpoint Type task view:

  1. Register the server as an endpoint in CA Identity Manager. This phase is performed by adding a new endpoint under the CA Top Secret Endpoint Type in CA Identity Manager.

    Use the CA Top Secret Endpoint property sheet to view or customize a CA Top Secret system. During the registration process, CA Identity Manager identifies the CA Top Secret system you want to administer and gathers information about it.

  2. Explore the objects that exist on the endpoint.

    After registering the server in CA Identity Manager, you can explore its contents. Use the Explore and Correlate Endpoint dialog. The Exploration process finds all CA Top Secret accounts and objects. You can correlate the accounts with global users at this time or you can correlate them later.

  3. Correlate the explored accounts with global users.

    When you correlate accounts, CA Identity Manager creates or links the accounts on an endpoint with global users, as follows:

    1. CA Identity Manager attempts to match the ACID with each existing global user name. If a match is found, CA Identity Manager associates the CA CA‑Top Secret account with the global user. If a match is not found, CA Identity Manager performs the next step.
    2. CA Identity Manager attempts to match the ACID name with each existing global user's full name. If a match is found, CA Identity Manager associates the CA Top Secret account with the global user. If a match is not found, CA Identity Manager performs the next step.
    3. If the Create Global Users as Needed button is checked, CA Identity Manager creates a new global user and then associates the CA Top Secret account with the global user. If the Create Global Users as Needed button is unchecked, CA Identity Manager performs the next step.
    4. CA Identity Manager associates the CA Top Secret account with the [default user] object.

Note: If you are exploring and correlating a very large database, we recommend that you run the Explore, Correlate, and Update steps individually and use the dxtunedb utility to tune the database after each step. This significantly reduces your explore and correlate time.

To accomplish this, follow these steps:

  1. Stop the Provisioning Service and the CA Directory services for etrustadmin.
  2. Run the dxtunedb command to tune the CA Identity Manager database.
  3. Restart the Provisioning Service and CA Directory services for etrustadmin.
  4. Run each step.