Configuration Guides › Directory Configuration Guide › CA LDAP Server for z/OS › CA LDAP Server r15 for z/OS (RACF) Backend Security Option › Configure Policy Server Registry Entries for RACF

Configure Policy Server Registry Entries for RACF

The CA LDAP Server r15 for z/OS (RACF) contains a different set of objectclasses as compared to other LDAP servers. Before configuring a user directory connection from the Policy Server to the CA LDAP Server, add the RACF objectclasses to the following Policy Server registry entries in the LDAP namespace by substituting the replacement values for the default values below:

registry_entry_home

Specifies the following registry entry location:

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\Ds.

default_value

Specifies the registry entry's default value.

replacement_value

Specifies a new value containing the RACF objectclasses for the registry entry.

• registry_entry_home\ClassFilters

  class_filters_default_value:

  organization,organizationalUnit,groupOfNames,groupOfUniqueNames,group

  class_filters_replacement_value:

  class_filters_default_value,*

• registry_entry_home\GroupClassFilters

  group_class_filters_default_value:

  groupOfNames,groupOfUniqueNames,group

  group_class_filters_replacement_value:

  group_class_filters_default_value,*

• registry_entry_home\PolicyClassFilters

  policy_class_filters_default_value:

  organizationalPerson,inetOrgPerson,organization,organizationalUnit,groupOfNames,groupOfUniqueNames,group

  policy_class_filters_replacement_value:

  policy_class_filters_default_value,*

• registry_entry_home\PolicyResolution

  Add the following RACF objectclasses to this registry entry:

• registry_entry_home\Debug

  In UNIX, add the following RACF objectclass to this registry entry:

Note: The value of this registry key can be changed based on the response time of the CA LDAP Server r15 for z/OS (RACF).