|
|
|
The RACF connector supports the use of Program Exits which are incorporated as 'Common Exits'. Program Exits provide you with the capability to perform certain actions before or after an account is created, modified or deleted from CA Identity Manager. These exits can be referenced either on the Endpoint property page to execute custom code on a single endpoint, or on the Account Template property page to execute custom code on multiple endpoints. Actions might include native CA DSI Server for z/OS (CA Distributed Security Integration) or CA LDAP Server for z/OS commands in order to modify account privileges or access to resources on the RACF system.
To see a sample program exit, refer to the OS390 subdirectory under the Identity Manager Templates directory.
For more detailed information about how to write program exits, see the Programming Guide for Provisioning.
Note: If you are upgrading from a previous release and use exits, those exits should be reviewed. There is the potential that by using CA LDAP Server for z/OS-specific configuration options, you can remove existing exits. Even if the exits cannot be removed completely, the number of operations they need to perform, might be reduced. A detailed review of the exits will let you determine if they can or should be recoded to use the CA LDAP Server instead of the CA DSI Server. While this is not required, if possible, exits should be migrated to use the CA LDAP Server.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |