Previous Topic: Connector-Specific FeaturesNext Topic: Roles and Policies

Connector GuidesConnectors GuideConnecting to EndpointsCA SSO Connector for Advanced Policy ServerConnector-Specific FeaturesAcquire a CA Single Sign-On Server

Acquire a CA Single Sign-On Server

You must acquire the CA Single Sign-On server before you can administer it with CA IdentityMinder. When acquiring an CA Single Sign-On server, perform the following steps from the Endpoint Type task view:

  1. Register the server as an endpoint in CA IdentityMinder.

    Use the PLS Endpoint property sheet to register an CA Single Sign-On server. During the registration process, CA IdentityMinder identifies the CA Single Sign-On server you want to administer and gathers information about it.

    Note: Ping the node name from the Provisioning Server. If the ping is successful, then you know that CA IdentityMinder will find the PLS node.

  2. Explore the objects that exist in the endpoint.

    After registering the server in CA IdentityMinder, you can explore its contents. Use the Explore and Correlate Endpoint dialog. The Exploration process finds all accounts and groups in the SSO server.. You can correlate the accounts with global users at this time or you can correlate them later.

  3. Correlate the explored accounts with global users.

    When you correlate accounts, CA IdentityMinder creates or links the accounts on an endpoint with global users, as follows:

    1. CA IdentityMinder attempts to match the account name with each existing global user name. If a match is found, CA IdentityMinder associates the PLS account with the global user. If a match is not found, CA IdentityMinder performs the next step.
    2. CA IdentityMinder attempts to match the full name with each existing global user's full name. If a match is found, CA IdentityMinder associates the PLS account with the global user. If a match is not found, CA IdentityMinder performs the next step.
    3. If the Create Global Users as Needed button is checked, CA IdentityMinder creates a new global user and then associates the PLS account with the global user. If the Create Global Users as Needed button is unchecked, CA IdentityMinder performs the next step.
    4. CA IdentityMinder associates the PLS account with the [default user] object.