CA Identity Manager
1y ago
23 Views
1 Downloads
3.20 MB
498 Pages
Report/dmca
Download PDF

Transcription

CA Identity Manager Connectors Guide12.6.4

This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred toas the “Documentation”) is for your informational purposes only and is subject to change or withdrawal by CA at any time. ThisDocumentation is proprietary information of CA and may not be copied, transferred, reproduced, disclosed, modified orduplicated, in whole or in part, without the prior written consent of CA.If you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise makeavailable a reasonable number of copies of the Documentation for internal use by you and your employees in connection withthat software, provided that all CA copyright notices and legends are affixed to each reproduced copy.The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicablelicense for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility tocertify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed.TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANYKIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULARPURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE,DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOSTINVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED IN ADVANCE OF THEPOSSIBILITY OF SUCH LOSS OR DAMAGE.The use of any software product referenced in the Documentation is governed by the applicable license agreement and suchlicense agreement is not modified in any way by the terms of this notice.The manufacturer of this Documentation is CA.Provided with “Restricted Rights.” Use, duplication or disclosure by the United States Government is subject to the restrictionsset forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, ortheir successors.Copyright 2014 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong totheir respective companies.

CA Technologies Product ReferencesThis document references the following CA Technologies products: CA CloudMinder Identity Management CA Directory CA Identity Manager CA Identity Governance (formerly CA GovernanceMinder) CA SiteMinder CA User Activity Reporting CA AuthMinder Contact CA TechnologiesContact CA SupportFor your convenience, CA Technologies provides one site where you can access theinformation that you need for your Home Office, Small Business, and Enterprise CATechnologies products. At http://ca.com/support, you can access the followingresources: Online and telephone contact information for technical assistance and customerservices Information about user communities and forums Product and documentation downloads CA Support policies and guidelines Other helpful resources appropriate for your productProviding Feedback About Product DocumentationIf you have comments or questions about CA Technologies product documentation, youcan send a message to techpubs@ca.com.To provide feedback about CA Technologies product documentation, complete ourshort customer survey which is available on the CA Support website athttp://ca.com/docs.

ContentsChapter 1: Endpoints, Connectors, and the Connector Server11Audience . 11Endpoints . 12Connectors . 12What Connectors Can Do . 13Types of Connector . 14Connector Servers . 15Where to Find Documentation for Connectors . 16Chapter 2: Installation17Install CA IAM CS . 17CCS on Windows and UNIX . 18Install Connectors . 19Contents of Downloaded ZIP File for a Connector . 20File Locations . 21Location of the CA IAM CS Files in the Installers . 21Location of the Connector Files in CA IAM CS . 22Default Installation Locations . 22Chapter 3: Managing Connectors25Deploy a Connector . 25Restart a Connector . 26Add a Third-Party Library to a Connector . 27Add a Certificate for a Connector. 28Find the Version of a Connector. 29Customize the Configuration for a Connector . 29Change Pool Settings. 30Chapter 4: Managing CA IAM CS31Log In to CA IAM CS . 31Start and Stop CA IAM CS . 32Logging for CA IAM CS . 32View a Log . 33Configure Logging for CA IAM CS . 34Configure Logging for a Connector . 35Contents 5

Increase the Number of Log Messages Seen . 36Interpreting Log Messages . 37Change the Administrator Password for CA IAM CS . 38Connect to CA IAM CS from JXplorer . 39Find the Version of CA IAM CS . 39Chapter 5: Configuring CA IAM CS41Configuration Files for CA IAM CS . 41server osgi jcs.xml . 42server osgi ad.xml . 43server osgi common.xml . 45server osgi shared.xml . 46server osgi ccs.xml . 46Customize the Configuration for CA IAM CS . 47Retry Configuration . 48Disable FIPS for CA IAM CS . 49Configure CA IAM CS to Work Under Heavy Loads (UNIX Only) . 50Set the TLS Store Certificate Password . 51Java Virtual Machine Memory Errors . 52Edit JVM Memory Options . 53Adjust the Start Parameters for the CA IAM CS Service (Windows Only) . 53Chapter 6: Connecting to Endpoints55CA Access Control Connector . 56Recommended Patch Levels . 56ACC Connector Multi-Threading Support . 57Runtime Environment Settings . 57Connector Specific Features. 63Password Synchronization . 75CA ACF2 Connector . 80CA ACF2 v2 Connector . 80CA Arcot Connector . 80Embedded Entitlements Manager Connector . 81EEM Installation . 81EEM Support for FIPS and IPv6. 81Connector Specific Features. 82Acquire an EEM Server Machine . 82EEM Account Templates . 83EEM Accounts . 83EEM Access Policies. 83EEM Calendars . 846 Connectors Guide

EEM Groups. 84EEM Resource Classes . 84CA DLP Connector . 84CA DLP Connector Management . 84FIPS 140 Configuration . 85CA DLP Connector Specific Features . 87CA SSO Connector for Advanced Policy Server . 98Configuring the CA Single Sign-On Server . 98Using Failover . 101Enable Application Password Propagation . 102PLS Support for FIPS and IPv6 . 103Connector Specific Features. 103Frequently Asked Questions . 105CA Top Secret Connector . 108CA Top Secret v2 Connector . 109Google Apps Connector . 109Platform Support . 109Configure Google Apps Provisioning API Access . 109Configure Password Length . 110Configure NTLM Authentication . 110Google Apps—CAPTCHA Challenge . 111IBM DB2 UDB Connector . 111DB2 UDB Installation . 112DB2 Limitation . 112Connector Specific Features. 113IBM DB2 UDB for z/OS Connector . 118DBZ Endpoint . 118DBZ Account Templates . 121Synchronize an Account from an Account Template . 121DBZ Accounts . 122Create DBZ Accounts . 123DBZ User Property Sheet. 123IBM i5/OS (OS/400) Connector . 124OS/400 Installation. 124OS/400 Support for FIPS and IPv6 . 132Connector Specific Features. 132Kerberos Connector . 139Kerberos Connector Limitations . 139Kerberos Installation and Deployment . 141Connector Specific Features. 154LDA Connector Migration to DYN JNDI . 184Custom Extensions to the LDA Schema. 184Contents 7

Vendor Support . 184How the LDAMigrate Script Migrates the LDA Connector . 185How to Perform the LDA Connector Migration . 188Post Migration Step. 193Connector Xpress Templates . 193Lotus Domino Connector . 195Privileges Required to Connect to Lotus Domino . 195LND Support for FIPS and IPv6 . 196Set Up the Connector for Lotus Domino . 196LND Java Implementation Considerations . 202Connector Specific Features. 204Microsoft Active Directory Connector . 231Microsoft Exchange Connector . 232Microsoft Office 365 . 232Microsoft SQL Server Connector . 232Microsoft Windows Connector . 233Configuring . 233Upgrading the Provisioning Server . 234Installing the Provisioning Agent for Windows Local Users and Groups with setup.exe . 234Configure the CAM and CAFT Service for Windows NT . 234Windows NT Support for FIPS and IPv6 . 240Connector Specific Features. 240Oracle Applications Connector . 248How the Connector Accesses Oracle Applications . 249Oracle Applications Installation and Configurations . 249Oracle Applications Support for FIPS and IPv6. 252Connector Specific Features. 252Oracle Connector . 258Oracle Configuration . 259Required Oracle Administrator Account Privileges . 260Oracle Migration Steps. 261Oracle Support for FIPS and IPv6 . 261Limitations. 261Oracle Etautil Conventions . 262Oracle Account Templates . 262Well-Known Attribute %ENDPOINT DESCRIPTION% . 263PeopleSoft Connector . 263RACF Connector . 263RACF v2 Connector . 263RSA ACE (SecurID) Connector . 264RSA Installation . 264Connector Specific Features. 2678 Connectors Guide

RSA Authentication Manager SecurID 7 Connector . 276Set Up the RSA SecurID 7 Connector . 277Acquire an RSA SecurID 7 Endpoint . 278Upgrade the RSA SecurID 7 Connector . 279Upgrade RSA SecurID 7 Connector After CA Identity Manager Upgrade . 280Connector Specific Features. 280Salesforce.com Connector . 367Enable Communication between the Salesforce.com Connector and Salesforce.com . 368Acquire a Salesforce Endpoint . 368Connector Features . 369Deleting Salesforce.com Accounts . 383SAP R/3 Connector . 383SAP UME Connector . 383Siebel Connector Introduction . 384What the Siebel Connector Lets You Do . 385Siebel Installation . 386Connector Specific Features.

For information about each connector, download the Endpoint Guide for that connector from the Connector Download page. Audience This guide is for administrators of CA IAM CS and CCS, who are responsible for the following tasks: Installing and configuring CA IAM Connector Server (CA IAM CS) Connecting to endpoint systems using CA IAM CS

Related Books

Qualifying Microsoft Training for Software Assurance . - Phoenix TS

Qualifying Microsoft Training for Software Assurance . - Phoenix TS

The Enterprise Identity Solution - adstradata

The Enterprise Identity Solution - adstradata

Identity Management for IBM Cognos 8 with IBM Tivoli Identity Manager

Identity Management for IBM Cognos 8 with IBM Tivoli Identity Manager

IBM Security Identity Manager: Cisco Unified Communications Manager .

IBM Security Identity Manager: Cisco Unified Communications Manager .

WebSphere UNIX Linux

WebSphere UNIX Linux

Dell One Identity Manager — Scalability and Performance

Dell One Identity Manager — Scalability and Performance

Identity Theft: Introduction and Background

Identity Theft: Introduction and Background

Applying Identity Management for your Digital Transformation Journey

Applying Identity Management for your Digital Transformation Journey

Identity Management for Interoperable Health Information Exchanges

Identity Management for Interoperable Health Information Exchanges

The Identity Crisis Security, Privacy and Usability Issues in Identity .

The Identity Crisis Security, Privacy and Usability Issues in Identity .

Oracle Identity Manager Connector Guide for RSA .

Oracle Identity Manager Connector Guide for RSA .

Oracle Identity Governance 11g R2 PS1 - Skin Customization

Oracle Identity Governance 11g R2 PS1 - Skin Customization

PopularTags

Recent Views