Oracle® Identity Manager Connector Guide for CA Top Secret Advanced Release 9.0.2 Part Number B32152-01 |
|
|
View PDF |
The Oracle Identity Manager CA Top Secret Advanced Connector provides an interface between CA Top Secret installed on z/OS mainframe and Oracle Identity Manager. The CA Top Secret Advanced Connector functions as a trusted virtual administrator on the targeted platform, performing tasks such as creating login IDs, suspending IDs, changing passwords, and performing other functions that administrators usually perform manually.
The Oracle Identity Manager CA Top Secret Advanced Connector enables provisioning and reconciliation to CA Top Secret security facilities. This chapter discusses the following topics:
The Oracle Identity Manager CA Top Secret Advanced Connector includes the following components:
LDAP Gateway: The LDAP Gateway receives instructions from Oracle Identity Manager in the same way as any LDAP version 3 identity store. These LDAP commands are then converted into native mainframe commands for CA Top Secret and sent to the Provisioning Agent. The response is also native to CA Top Secret, which is then parsed into an LDAP response. After execution, an LDAP-formatted response is returned to the requesting application.
Provisioning Agent: The Provisioning Agent is a mainframe component, receiving native mainframe CA Top Secret provisioning commands from the LDAP Gateway. These requests are processed against the CA Top Secret authentication repository with the response parsed and returned to the LDAP Gateway.
Reconciliation Agent: The Oracle Identity Manager Reconciliation Agent captures native mainframe events using advanced exit technology for seamless reconciliation to Oracle Identity Manager through the LDAP Gateway. The Reconciliation Agent captures events occurring from the TSO logins, command prompt, batch jobs, and other native events in real time. The Reconciliation Agent captures these events and transforms them into notification messages for Oracle Identity Manager through the LDAP Gateway.
Message Transport Layer: The message transport layer enables the exchange of messages between the LDAP Gateway and the Provisioning and Reconciliation Agent. You can use the following messaging protocols for the message transport layer:
In addition, the CA Top Secret Advanced connector is engineered for high-performance environments and transactions.
See Also: For more information on the CA Top Secret Advanced Connector architecture and configuration of the message transport layer, refer to Appendix B, "Connector Architecture" |
The following sections list the functionality available with the Oracle Identity Manager CA Top Secret Advanced Connector.
The Provisioning Agent provides the following functionality:
Change passwords
Reset passwords
Create users
Modify users
Revoke user accounts
Add user to groups
Delete users
Resume user accounts
List users
List groups
List users by groups
List resource profiles by user
Grant user access to datasets
Grant user access to resource profiles
Grant user access to TSO
In addition to English, this release of the connector supports the following languages:
French
Japanese
The files and directories that comprise this connector are compressed in the following ZIP file on the installation media:
Security Applications\CA Top Secret\CA Top Secret Advanced Rev 1.1.0.zip
Extract the contents of this file to the OIM_HOME
directory. The contents of this file are described in brief in the following table:
Files and Directories | Description of Files and Contents |
---|---|
xml\oimTopsConnector.xml |
The XML file that contains component definitions for the connector. |
lib\idm.jar |
The connector JAR file to be deployed on the Oracle Identity Manager system. |
etc\LDAP Gateway\ |
Files required for LDAP Gateway deployment on the Oracle Identity Manager system. |
etc\Provisioning and Reconciliation Connector\Mainframe_TS\ |
Files required for installing the Provisioning Agent and Reconciliation Agent on the mainframe. |
Files in the resources directory:
<connectorName>.properties <connectorName>_fr.properties <connectorName>_ja.properties |
Each of these files contain locale-specific information that is used by the connector. |
Files in the docs directory:
B32152_01.pdf html |
The CA Top Secret Advanced Connector documentation. |