Configuring provisioning for Broadcoms ACF2 Security for z/OS
This configuration provisioning guide provides the basic information that is needed to install and configure Broadcoms ACF2 Security for z/OS. The adapter enables connectivity between the IBM® Security Verify server and Broadcoms ACF2 Security for z/OS.
Before you begin
Note: Broadcoms ACF2 Security for
z/OS provisioning is not supported for trial subscriptions.
- Make sure Security Directory Integrator (SDI) v7.2 (PN CJ30YML) is installed for your operating
system. See Dispatcher Installation and Configuration Guide for more details.
For more information, see IBM Security Directory Integrator Version 7.2 Download Document.
Table 1. SDI part numbers eAssembly number Operating system eImage number CJ30YML AIX® CIS7MML Linux® CIS7TML Solaris CIS7UML Windows CIS7QML Note: The default document is for AIX. Scroll down to step 3 to select your operating system. - Install and configure Security Directory IBM Security Verify Adapter RMI Integrator dispatcher for Security Directory Integrator v7.2 (PN CC7ZMML). See IBM Security Identity Adapters v7.x and SDI Dispatcher Installation and Configuration.
- Onboard Broadcoms ACF2 Security for z/OS application. See, Onboarding the Broadcoms ACF2 Security for z/OS.
About this task
Provisioning provides the following features.
- Create new users
- New users that are created through IBM Security Verify are also created in the Broadcoms ACF2 Security for z/OS application.
- Delete users
- Deactivating the user or disabling the user's access to the application through IBM Security Verify deletes the user in the Broadcoms ACF2 Security for z/OS application.
- Modify user profile
- Updates made to the user's profile through IBM Security Verify are pushed to the Broadcoms ACF2 Security for z/OS application.
- User suspend and restore
- Suspending a user through IBM Security Verify deactivates the user and restoring the user through IBM Security Verify activates the user in the Broadcoms ACF2 Security for z/OS application.
- User synchronization and remediation
- Synchronization fetches all the Broadcoms ACF2 Security for z/OS application users, creates the users on IBM Security Verify, and according to the remediation policy, modifies the attributes. Group synchronization fetches all the target application groups in IBM Security Verify.
- Fine grained entitlement
- Fine grained entitlement is supported for the Broadcoms ACF2 Security for z/OS application. Synchronization fetches all the Broadcoms ACF2 Security for z/OS application groups. Users can be added to or removed from groups.