|
|
|
CA-ACF2 provides the ability to synchronize z/OS security information management with LDAP compliant directory managed servers. The LDS component of the CA-ACF2 system sends requests through LDAP commands to the Provisioning service and is directed to the LDS backend that is located on a Windows based PC.
The module that handles LDS processing within CA IdentityMinder is named back_lds.dll (dynamic link library) and is intended to augment the functionality provided within CA IdentityMinder and the CA ACF2 Security product. The CA IdentityMinder LDS backend allows the user of the CA ACF2 for z/OS the ability to interface directly with the CA IdentityMinder database.
When a command is issued on the CA ACF2 system to add a user, a Global User is created in the local CA IdentityMinder database with the specified password. Additionally, if the user is to be associated with a Provisioning Role, the CA IdentityMinder inclusion will be generated to associate this user with the desired provisioning role(s).
When a command is issued to the CA ACF2 system to change the password, or any other mapped field of a user, a change results in the local CA IdentityMinder database and optionally is propagated to all necessary platforms.
When a command is issued to the CA ACF2 system to delete a user, the Global User is deleted from the local CA IdentityMinder database and any associated inclusions are removed. Depending upon the platform and CA IdentityMinder settings, this may also result in the deletion of accounts on other platforms.
| Copyright © 2013 CA. All rights reserved. |
|