|
|
|
CA Top Secret provides the ability to synchronize z/OS security information management with LDAP compliant directory managed servers. The LDS component of the CA Top Secret system sends requests via LDAP commands through the Provisioning service and is directed to the LDS backend that is located on a Windows-based PC.
The module that handles LDS processing within CA IdentityMinder is named back_lds.dll (dynamic link library) and is intended to augment the functionality provided within CA IdentityMinder and the CA Top Secret Security product. The CA IdentityMinder LDS backend allows the user of the CA Top Secret for z/OS the ability to interface directly with the CA IdentityMinder database.
When a command is issued on the CA Top Secret system, to add a user, a Global User is created in the local CA IdentityMinder database with the specified password. Additionally, if the user is to be associated with a CA IdentityMinder Role, the CA IdentityMinder inclusion will be generated to associate this user with the desired role or roles.
When a command is issued to the CA Top Secret system to change the password, or any other “mapped” field of a user, a change results in the local CA IdentityMinder database and optionally is propagated to all necessary platforms.
When a command is issued to the CA Top Secret system to delete a user, the Global User is deleted from the local CA IdentityMinder database and any associated inclusions are removed. Depending upon the platform, and CA IdentityMinder settings, this may also result in the deletion of accounts on other platforms.
| Copyright © 2013 CA. All rights reserved. |
|