サポートと今すぐチャット
サポートとのチャット

Identity Manager 8.2.1 - LDAP Connector for IBM RACF Reference Guide

Initializing and configuring the LDAP connector for IBM RACF

This document describes how to initialize and configure the RACF LDAP connector into an existing One Identity Manager system. This allows a One Identity Manager system to access, read, and update data stored in a RACF database on an IBM mainframe.

Detailed information about this topic

Prerequisites

  • The IBM mainframe must have the IBM Tivoli Directory Server for z/OS installed and configured.

  • An LDAP service account must be created in your RACF database with the appropriate permissions to administer users and groups on this platform. To be able to administer everything in the RACF database, the user will need the RACF "special" privilege.

  • If more than 4096 records need to be retrieved from the RACF database in any one search (e.g. if there are more than 4096 users defined on the system) then the Quest RACF TDS Exit must be installed and configured.

  • If data set profile data is to be synchronized, then the Quest RACF TDS Exit must be installed and configured.

NOTE: You can find Quest RACF TDS Exit on the installation medium in the directory MFR\dvd\AddOn\RacfTDSExit.

NOTE: Before attempting to connect to the Tivoli Directory Server with the One Identity Manager connector, it is recommended to first check that the LDAP server is running correctly. This can be tested with any LDAP browser for example the LDP.exe tool from Microsoft. For more information, see your LDAP browser documentation.

Platform support

The RACF LDAP connector has been verified for synchronization against the IBM mainframe running z/OS 1.8 (and RACF 1.8) or later.

Operating constraints

  • There is an eight-character limit for user and group names on RACF.

  • There is an eight-character limit for passwords on RACF.

  • If the Quest RACF TDS Exit has not been installed, there is a limit of 4,096 records that can be read from the RACF system in any one search operation.

  • If the Quest RACF TDS Exit has not been installed, the RACF dataset LDAP object is not available to the connector.

セルフ・サービス・ツール
ナレッジベース
通知および警告
製品別サポート
ソフトウェアのダウンロード
技術文書
ユーザーフォーラム
ビデオチュートリアル
RSSフィード
お問い合わせ
ライセンスアシスタンス の取得
Technical Support
すべて表示
関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択