Install CA LDAP Server for z/OS for working with CA ACF2

The LDAP Server for z/OS provides the communication mechanism for the ACF2 connector.
This product is a free offering and can be downloaded from our support site. Once downloaded, refer to the LDAP Server for z/OS installation guide for information on how to install it.
The following steps are required to migrate to the new version:
  • The LDAP Server for z/OS must be installed on at least one mainframe system. LDAP Server must be configured to communicate to every z/OS system that manages Identity Manager. Alternatively, you can install it on every z/OS system which Identity Manager manages.
  • The LDAP Servers must be configured to have an endpoint entry in the Provisioning Manager naming mode for each system. For more information about configuring the LDAP Server, see the LDAP Server for z/OS administrator guide.
  • After upgrading, update each endpoint and also update the information within the Mainframe LDAP Server. This information matches up with the IP Address, Port, and suffix of the mainframe LDAP Server.
The existing eTrust_ACF.conf file must be removed from the eTrust_Admin.conf file, or alternatively, remove the contents from the file and make it blank.
Once all LDAP Server installation steps have been completed and your LDAP Server is started, the Server is ready to support administration for this connector. Some clients may need or want to set up additional configuration options for the LDAP Server to provide additional functionality for this connector. Some examples of this additional functionality are the enable_refresh option (instructs the LDAP Server to refresh User Profile data whenever it is changed on a Logon ID using the LDAP Server), or the enable_secauth option (provides Secondary Authid maintenance on Logon IDs using the LDAP Server).