지금 지원 담당자와 채팅
지원 담당자와 채팅

Identity Manager 9.2 - LDAP Connector for IBM RACF Reference Guide

System variables

The following system variables must be defined for the attribute mappings. For more detailed information about variables, see the One Identity Manager Target System Synchronization Reference Guide.

Table 1: System variables
Name Value

IdentDomain

The name of your RACF domain, for example, RACF_DOMAIN

UserLocation

Parent DN of your RACF user container, for example, profiletype=user,cn=mainframe1,o=mycompany,c=com

GroupLocation

Parent DN of your RACF group container, for example, profiletype=group,cn=mainframe1,o=mycompany,c=com

DatasetLocation

Parent DN of your RACF dataset container, for example, profiletype=dataset,cn=mainframe1,o=mycompany,c=com

Related topics

Domain filter setting

A domain filter must be created to identify information that has been retrieved from the RACF database to keep it separate from other imported data.

  1. Update the One Identity Manager schema so that all entries are included.

    1. In the Synchronization Editor, open your RACF project.

    2. Select Configuration > One Identity Manager connection.

    3. In the General section, click Update schema.

    4. Click Yes in the next two dialogs.

    5. Click OK when complete.

  2. In Manager

    1. Select LDAP > Domains.

    2. In the result list toolbar, click .

    3. On the General tab, enter the following general master data.

      Table 2: Domain Master Data

      Property

      Description

      Display name

      Display name, for example, RACF Domain

      Distinguished name

      Distinguished name of the domain, for example, cn=mainframe1,o=mycompany,c=com

      Domain

      Domain name, for example, RACF_DOMAIN

      Structural object class

      Structural object class representing the object type; enter DCOBJECT

    4. Save the changes.

  3. In the Synchronization Editor, open your RACF project.

    1. Select Configuration > One Identity Manager connection.

    2. Select the Scope view and click Edit scope.

    3. Select the object type LDPDomain in the Scope hierarchy list and set the Object filter to Ident_Domain =’$IdentDomain$’.

    4. Save the changes.

For more detailed information about scopes, see the One Identity Manager Target System Synchronization Reference Guide.

Related topics

User mapping information

This section describes a possible mapping between a user account in RACF and the standard One Identity Manager database table called LDAPAccount.

  • Set up a new mapping from LDAPAccount(all) to racfUser(all).

For more detailed information about setting up mappings, see the One Identity Manager Target System Synchronization Reference Guide.

Detailed information about this topic

Mandatory RACF user attributes

When creating a user in the RACF database, the following LDAP attributes must be defined:

  • objectclass

  • racfid

Related topics
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택