|
|
|
When to Perform Exploration and Correlation
Two factors dictate when and how often to run the explore and correlate function. The first factor is based on the amount of activity that takes place in the CA Top Secret security data store outside of CA Identity Manager. Usually, this can follow a predetermined schedule established in your organization. Periodically, the security officer may request certain Identity Manager administrators to perform this function because they have added a key CA Top Secret profile that may be needed for immediate use, or because they are aware of a high volume of changes that may have occurred.
The second factor is whether your organization has implemented the LDAP Directory Services (LDS) option for CA Top Secret security (available in Version 5.3 and above). If you have implemented this option, the requirement to run the explore and correlate function is dramatically decreased because each modification on the z/OS host is automatically propagated into the CA Identity Manager repository, if configured on your mainframe. For those organizations that continue to be z/OS-centric, we recommend the implementation and use of the LDS option.
Note: If running an explore and correlate on multiple TSS directories, you should have RDT2BYTE activated or deactivated on all directories. Your user defined fields on the system with RDT2BYTE inactive will be incorrect if all are not specified.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |