This document describes how to initialize and configure the ACF2 LDAP connector into an existing One Identity Manager system. This enables One Identity Manager to access, read, and update data stored in an ACF2 database on an IBM mainframe.
This document describes how to initialize and configure the ACF2 LDAP connector into an existing One Identity Manager system. This enables One Identity Manager to access, read, and update data stored in an ACF2 database on an IBM mainframe.
The IBM mainframe must have the CA LDAP Server for z/OS installed and configured. It is recommended that you remove the search size limit on the CA LDAP Server. You can do this by editing the configuration file slapd.conf on the server. Set the sizelimit value to unlimited as follows.
For versions of CA LDAP Server version 14 or earlier
sizelimit 0
For versions of CA LDAP Server version 15 or later
sizelimit unlimited
An LDAP service account must be created on your ACF2 server that has the appropriate permissions to administer users and groups on this platform. The account must be given sufficient privileges so that the profiles being administered fall within the scope of the administrator user.
NOTE: Before attempting to connect to the CA LDAP server with the One Identity Manager connector, first check that the CA LDAP server is running correctly. You can test this with any LDAP browser, for example, the LDP.exe tool from Microsoft. For more information, see your LDAP browser documentation.
The ACF2 LDAP connector has been verified for synchronization against the IBM mainframe running CA ACF2 version 9.0 or later.
There is an eight-character limit for user names on ACF2.
There is an eight-character limit for passwords on ACF2.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center