Connectors and Endpoint Types

Platform Support Matrix Connector and Endpoint Types for Identity Manager.
cim142
This section contains the following topics:
Supported Connector Servers
The following are software prerequisites for installing the Java Connector Server (JCS) and the C++ Connector Server (CCS).
OS
Release
CA IAM CS
CCS
Version / Level
Microsoft Windows Server
2012, 2012 R2, 2016
Yes
Yes
64-bit support only for JCS (Support for 32-bit mode on 64-bit machines only for CCS).
Support for Standard Edition and Enterprise Edition.
Latest SP assumed
Red Hat Linux
6.x, 7.x
Yes
No
64-bit support only
Supported Connector Xpress Platforms
The following are software prerequisites for installing Connector XPress.
OS
Release
Version / Level
Microsoft Windows 8, 10
Enterprise Edition
64-bit (Latest SP assumed)
Microsoft Windows Server
2012 R2, 2016
64-bit (Latest SP assumed)
Support for Standard Edition and Essentials Edition.
Certified Connector Xpress Endpoint Types
Connector Xpress allows for the creation of dynamic connectors generated using the Connector Xpress for RDBMS (JDBC) wizard or Connector Xpress for LDAP (JNDI) wizard to manage rows in arbitrary database tables or LDAP repositories.
The endpoint versions certified with Connector Xpress by Broadcom are:
Endpoint
Endpoint Release
IG Supported?
IG Mapping (Shallow / Deep)
IDM
Integrated IDM & IG
Server Platform
Agent Less
Comments
CA Directory
14.0 (Supported from Identity Manager 14.2 CP1)
No
No
Yes
No
JCS
Yes
LDAP
Active Directory Lightweight Directory Services
2012
Yes
Shallow
Yes
Yes
JCS
Yes
LDAP
2016
No
No
Yes
No
JCS
Yes
LDAP
Directory Server Enterprise Edition (DSEE)
6.3, 7.x
Yes
Shallow
Yes
Yes
JCS
Yes
LDAP
Oracle Unified Directory
11g r2, 12.x
No
No
Yes
No
JCS
Yes
LDAP
Novell eDirectory
8.8.x
Yes
Shallow
Yes
Yes
JCS
Yes
LDAP
Oracle Internet Directory
10g, 11g
Yes
Shallow
Yes
Yes
JCS
Yes
LDAP
RedHat Directory Server
10.x
No
Shallow
Yes
Yes
JCS
Yes
LDAP
Open LDAP
2.4
No
Shallow
Yes
Yes
JCS
Yes
LDAP
Microsoft SQL Server
2012, 2014, 2016 (latest SP assumed)
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
Oracle
11g r2 RAC, 12cR2, 12c including Container DB
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
IBM DB2
11.1
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
IBM DB2 for z/OS
12.1.0
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
IBM DB2 for iSeries/400
7.x
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
Sybase Adaptive Enterprise Server
v15.01
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
MySQL Enterprise Server
5.x
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
Informix
11.x
Yes
Both
Yes
Yes
JCS
Yes
RDBMS
Postgres
9.3 Onwards
Yes
Not Applicable
No
No
JCS
Yes
RDBMS
Supported Connector Endpoint Types
The following matrix lists the supported endpoints for which connectors are formally provided.
Endpoint
Endpoint Release
IG
IG Mapping (Shallow / Deep)
IDM
Integrated IDM & IG
Comments
Server Platform
Agent Less
CA Privileged Access Manager
2.8, 2.8.1, 3.0.x, 3.1.x, 3.2.x
Yes
Shallow
Yes
Yes
There might be an issue with the 'Now' option for Activate Account as it picks up the date set for 'Later'.
Symptom:
When an Account Template created with a Later date in the Activate Account option is modifed and changed to Now, the Account Activation date shows the date set previously.
Solution:
While modifying the Account Template, select the 'Later' option and clear the Date mentioned in the Account Activation field.
JCS
Yes
CA Privileged Access Manager Server Control
14.1
Yes
Shallow
Yes
Yes
-
CCS
Yes
CA Privileged Identity Manager
12.6 SPx, 12.8 SPx
Yes
Shallow
Yes
Yes
CA PIM r12.7 and r12.9 support r12.6 SPx and r12.8 SPx endpoints respectively
CCS
Yes
CA Strong Authentication
6.2.x, 7.1.x, 8.x
Yes
Shallow
Yes
Yes
Arcot Platform 1.0.8.3 (or higher) is required
Minimum of 6.2.2 version is required
RegFort 5.8.1 is also supported if the UDS is shared with Webfort.
JCS
Yes
CA-ACF2
15.1
No
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r15 or r15.1
IMPS
No
CA ACF2 (v2)
15.1, 16
No
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r15 or r15.1 or 16
JCS
No
CA-Top Secret
15.1
No
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r15 or r15.1
IMPS
No
CA-Top Secret (v2)
15.1, 16
No
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r15 or r15.1
JCS
No
HP-UX (v2)
11i v3
Yes
Shallow
Yes
Yes
It is also available as a remote component utilizing ssh.
JCS
Yes
IBM AIX (v2)
7.1, 7.2
Yes
Shallow
Yes
Yes
It is also available as a remote component utilizing ssh.
JCS
Yes
IBM DB2 UDB
11.1
No
N/A
Yes
No
See note 1 and 2
CCS
Yes
IBM DB2 z/OS
12.1.0
No
N/A
Yes
No
See note 1 and 2
CCS
Yes
IBM i5/OS (AKA OS/400)
7.x
No
N/A
Yes
No
See note 2
JCS
Yes
IBM Lotus Notes Domino Server
8.x.x, 9.x
Yes
Shallow
Yes
Yes
Domino Server supported on Windows, AIX and Linux.
Supports Lotus notes domino server 8.5 and later with ID VAULT feature enabled
JCS
Yes
IBM RACF - Security Server for z/OS
2.1, 2.2
Yes
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r14.1 or r15 or r15.1
IMPS
No
IBM RACF - Security Server for z/OS (v2)
2.1, 2.2
Yes
Shallow
Yes
Yes
Requires CA LDAP Server for z/OS r14.1 or r15 or r15.1
JCS
No
Kerberos
5.0
No
N/A
Yes
No
Sun Implementation on Solaris 10 only
See note 2
JCS
Yes
Microsoft Active Directory
2008 R2 SP1, 2012, 2012 R2, 2016
Yes
Shallow
Yes
Yes
-
CCS
Yes
Microsoft Skype for Business Server
2015
No
Shallow
Yes
Yes
Earlier known as Lync Server. Skype for Business Server 2015 supports Lync 2013, Skype for Business 2015 and 2016 clients.
CCS
Yes
Microsoft Exchange
2010, 2013, 2016 (Latest SP assumed)
Yes
Shallow
Yes
Yes
Remote agent supports 2010.
Exchange 2010/2013/2016 agent is 64-bit only.
Exchange Cluster (DAG) 2010 supported as Endpoint.
Exchange connector can run in either agent or agent less mode.
CCS
No
Microsoft SQL Server
2012, 2014, 2016 (Latest SP assumed)
Yes
Shallow
Yes
Yes
See note 1
JCS
Yes
Microsoft Office 365
All Business and Enterprise plans
No
N/A
Yes
No
For the Business plans which do not have Exchange, the flag "Business Class Email Enabled" of Endpoint Screen need to be deselected.
JCS
Yes
Microsoft Windows 8
Enterprise Edition
Yes
Shallow
Yes
Yes
Support for 64-bit Enterprise Editions
CCS
No
Microsoft Windows Server
2012, 2012 R2, 2016, 2019
Yes
Shallow
Yes
Yes
-
CCS
No
Novell SuSE Linux Enterprise Server (v2)
10.1, 11.x, 12.x
Yes
Shallow
Yes
Yes
It is also available as a remote component utilizing ssh.
JCS
Yes
Oracle E-Business Suite
12.x
Yes
Shallow
Yes
Yes
-
CCS
Yes
Oracle Server
12c including Container DB
Yes
Shallow
Yes
Yes
RAC not supported.
Oracle Server also supported dynamically via Connector Xpress.
JCS
Yes
PeopleSoft HRMS
8.9, 9.1
Yes
Both
Yes
Yes
PeopleTools v8.48, v8.49, v8.50
PeopleTools v8.52 with PeopleSoft HRMS 9.1 only
JCS
Yes
PeopleSoft Financials
9.2
Yes
Both
Yes
Yes
-
JCS
Yes
Red Hat Enterprise Linux (AS, ES) (v2)
6.x, 7.x
Yes
Shallow
Yes
Yes
The equivalent versions of CentOS are supported.
It is also available as a remote component utilizing ssh.
JCS
Yes
RSA SecurID
7.1 SP4, 8.x
Yes (for 7.1 SP4 only)
Both
Yes
Yes
Windows 2003 SP2 and Solaris 10 support
Red Hat Linux 5.x supported for 7.1 only
RSA SecurID 7.1 releases prior to SP3 are no longer supported.
Agentless and CA IAM CS for RSA SecurID 7.1
See comments
See comments
Salesforce
40.0
Yes
Shallow
Yes
Yes
Integration using the "Force.com Web Services API" Version 40.0
JCS
Yes
Amazon Web Services
N/A
Yes
Shallow
Yes
Yes
Integration using the "AWS Identity and Access Management Query API" Version 2010-05-08
JCS
Yes
SAP ERP (R/3)
4.6C (SP50+), 4.7 (EXT 110 - SP51+), 4.7 (EXT 200 - SP51+)
Yes
Deep
Yes
Yes
SAP 4.6C, minimum Basis Support Package level 50
SAP 4.7 EXT 110 & 200, minimum Basis Support Package level 51
Supports JCO Library V3.0
JCS
Yes
SAP NetWeaver (R/3)
2004 (Kernel 6.40), 7.0 (Kernel 7.0), 7.3 (Kernel 7.20), 7.4, 7.5
Yes
Shallow
Yes
Yes
Covers AS ABAP type servers
ECC 5.0 (6.40) & ECC
6.0 (7.0) supported
JCS
Yes
SAP NetWeaver S/4HANA
Kernel 7.5
Yes
Shallow
Yes
Yes
Covers AS ABAP type servers.
In the Identity Manager User Console, the SAP NetWeaver (R/3) endpoint type represents the SAP S/4HANA endpoint.
JCS
Yes
SAP UME
SAP NetWeaver 2004 (SPS 14+) SAP NetWeaver 7.0 (SPS 05+)
Yes
Shallow
Yes
Yes
Covers AS JAVA type servers
JCS
Yes
Siebel CRM
7.8, 8.x
No
N/A
Yes
No
Not supported on CCS running on Windows 2008/2012 due the Siebel Client support limitation
CCS
Yes
Oracle Solaris (v2)
10, 11.x
Yes
Shallow
Yes
Yes
Solaris 10 Zones (Whole Root and Sparse) are supported
It is also available as a remote component utilizing ssh.
JCS
Yes
Flat file (CSV)
1.1
No
N/A
Yes
See comments
Supports Pentaho Data Integration (Kettle) API version 4.4.0
JCS
Yes
System for Cross-Domain Identity Management (SCIM)
1.1
2.0 - From IM 14.2 CP6 onwards
No
N/A
Yes
No
-
JCS
Yes
CA API Gateway - Service Now
SSG 7.x, 8.x
No
Shallow
Yes
Yes
-
JCS
Yes
CA API Gateway - Microsoft Azure
SSG 7.x, 8.x
No
Shallow
Yes
Yes
-
JCS
Yes
CA API Gateway - Zendesk
SSG 7.x, 8.x
No
Shallow
Yes
Yes
-
JCS
Yes
CA API Gateway - G Suite (Google Apps)
SSG 7.x, 8.x
Yes
Shallow
Yes
Yes
Integration using the 'G Suite (Google Apps) Admin SDK Directory API"
JCS
Yes
CA API Gateway - Box Connector
SSG 7.x, 8.x
No
Shallow
Yes
Yes
-
JCS
Yes
Note:
For more information about connectors, see the Identity Management and Governance Connectors page.
Note
Comments
1
Also available as a dynamic Connector via Connector Xpress.
2
In an Integrated deployment, this Connector supports Provisioning but not Compliance. To request Compliance support for this Connector, please raise an enhancement request via Broadcom support.
Linux Reasonable Commercial Effort Statement
This Support Statement applies to Identity Manager that offers documented support for one or more Linux Reference Platforms.
Broadcom strives to meet our clients' diverse and ever-changing needs. Broadcom products support and manage many of today's leading platforms, operating systems, and applications across the IT enterprise.
A Linux Reference Platform is a specific version of a particular Linux variant, such as Red Hat Enterprise Server 5/6, which is used in Broadcom development, QA, and Support, and is documented as a supported environment in which to run Identity Manager.
To verify the Linux Reference Platforms supported for Identity Manager, review the system requirements section of the respective product documentation, or check with Broadcom Support.
Many of our clients use variants of the Linux operating system as their production operating system platform, for example, Oracle Enterprise Linux, SUSE, etc.
Some of those Linux variants claim compatibility (compatibility modes) with Identity Manager supported Linux Reference Platforms.
Note:
Broadcom does not test every possible configuration of Identity Manager running on the many Compatible Linux Variants available and cannot certify specific client configurations.
To facilitate a quick resolution and isolate the root cause of any potential product issue encountered while running on Compatible Linux Variants, Broadcom establishes the following support protocol for Identity Manager operating in these environments:
  • The current GA version of a Linux Reference Platform and the prior major version of that environment are supported. Any exceptions will be noted in respective product documentation.
  • The client is responsible for properly configuring their Linux Variant to be compatible with a Linux Reference Platform supported by Identity Manager.
  • The client is responsible for having an active maintenance agreement for both their Identity Manager and for the Compatible Linux variant.
  • While Broadcom does not require that clients recreate each issue on a Linux Reference Platform before contacting support, we can request that the client diagnose and troubleshoot specific issues without the Linux Variant "variable" through reproducing the issue on the Linux Reference Platform. Broadcom will only do this when we have reason to believe the issue is directly related to the Compatible Linux Variant environment.
  • While functional problems are rare under Compatible Linux Variants, problems may occur related to the third-party components embedded in applications, and those embedded products' support of Compatible Linux Variants may be limited or unavailable. Diagnosis and resolution of this class of problem may require the client to return to a Linux Reference Platform.
  • Compatible Linux Variants are diverse; Broadcom may require extra time to understand, collect data, troubleshoot and possibly reproduce reported issues.
  • If support cannot directly identify the root cause as a Broadcom or a Compatible Linux Variant issue, the client can open a support issue with their Compatible Linux Variant vendor or any other necessary third-party vendors to expedite the resolution of the issue. Broadcom, the vendor(s), and the client will work together toward a quick resolution where there business relationship mechanism to do so.  Broadcom, Novell, and many other software vendors belong to the Technical Support Alliance Network (http://www.tsanet.org) that may be engaged by either Broadcom or the Compatible Linux variant vendor if and when the need for a third-party arises as long as active maintenance exists for the Broadcom and third-party vendor's product.  Note if the customer does not have a Vendor support agreement for the Linux variant, there is no third party Broadcom may work with.
  • Any known issues with running Identity Manager on specific Compatible Linux Variants will be noted in the respective product documentation.
Reasonable Commercial Effort Statement
Broadcom Technical Support will make a reasonable commercial effort to troubleshoot and/or resolve customer support requests that involve the use of currently supported versions of Identity Manager on or with "unsupported" platforms as follows:
  • Broadcom Technical Support will accept support incidents (support requests) involving a software platform or a combination of software platforms that is not officially supported per the then-current Broadcom published platform support matrices. Broadcom will troubleshoot the issue up to the point that Broadcom has reason to believe that the problem is related to the use of software that is not specified in a then-current platform supported matrix. At such point, Broadcom shall require that the customer reproduce the problem on a fully supported combination of platforms before Broadcom proceeds in troubleshooting the incident.
Third Party Products End of Support Statement
When a third party product reaches the end of its primary or mainstream support, Broadcom will no longer provide support for that third party product or any Identity Manager components that interoperate with the third party product. Third party products under extended vendor support are not supported by Broadcom. Examples of third-party products are: web server, application server, operating system, directory, database, etc.
The .x in the release numbers denote the actively supported releases.