|
|
|
CA Top Secret provides the ability to synchronize z/OS security information management with LDAP compliant directory managed servers. The LDS component of the CA Top Secret system sends requests via LDAP commands through the Provisioning service and is directed to the LDS backend that is located on a Windows-based PC.
The module that handles LDS processing within CA Identity Manager is named back_lds.dll (dynamic link library) and is intended to augment the functionality provided within CA Identity Manager and the CA Top Secret Security product. The CA Identity Manager LDS backend allows the user of the CA Top Secret for z/OS the ability to interface directly with the Identity Manager database.
When a command is issued on the CA Top Secret system, to add a user, a Global User is created in the local Identity Manager database with the specified password. Additionally, if the user is to be associated with an Identity Manager Role, the Identity Manager inclusion will be generated to associate this user with the desired role or roles.
When a command is issued to the CA Top Secret system to change the password, or any other “mapped” field of a user, a change results in the local Identity Manager database and optionally is propagated to all necessary platforms.
When a command is issued to the CA Top Secret system to delete a user, the Global User is deleted from the local Identity Manager database and any associated inclusions are removed. Depending upon the platform, and Identity Manager settings, this may also result in the deletion of accounts on other platforms.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |