cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SailPoint Connector for RACF version 4.0.01

SailPoint Connector for RACF version 4.0.01

SailPoint Connector for RACF includes the following features:

  • Full aggregation
  • Provisioning
  • Monitoring of RACF activities to update IdentityIQ/IdentityNow in real time with User, Group and Password changes

This release includes new features, enhancements and fixes for important issues.

 

New Features and Enhancements

SailPoint Connector for RACF version 4.0.01 provides support for the following new features:

 

Features Description
Improved Aggregation Performance

SailPoint Connector for RACF version 4.0.01 now supports one phase account aggregation, which means that when accounts are aggregated, each account which is aggregated includes the connections as well. Therefore, there is not a separate phase of connections aggregation as it used to be until Connector for RACF version 4.0.01.

The one phase account aggregation feature is in effect when an equivalent support is provided by IdentityIQ which would be available with IdentityIQ version 7.2 and 7.1 Patch 4.

The changes caused due to one phase account aggregation may influence the existing customers who have implemented GTUSERS or GTUG2UC post-script. GTUG2UC (Get Connection) script does not get control as connections are set as part of the GTUSERS (Get Users).

Secured communication using AT-TLS (SSL)

For more information about the implementation of this support, see SailPoint Connector for RACF Administration Guide.

Secured communication using AT-TLS is supported for IdentityIQ versions 7.2, 7.0 Patch 6, 7.1 Patch 1 and above.

Password Phrase

Password Phrase support includes the following features:

  • The service account configured in IdentityIQ RACF application can now have password phrase.
  • Provisioning transactions issued from IdentityIQ may include password or password phrase. The differentiation is based on the length. Any value which is longer than 8 characters is treated as a password phrase. This is relevant to Add Account, Update Account, Change Password and Test Connection transactions.

SailPoint Connector for RACF version 4.0.01 supports interceptions of password phrase with the application of PTF's (FSD0052,FSD0053, FSD0064, FSD0065). For more information on downloading the PTF's, see Mainframe E-Fixes.

FSD0052, Batch Utility

The batch utility enables using the Connector for RACF directly within the Mainframe without the requirement of a partner (IdentityIQ/IdentityNow). The batch utility may be helpful in the following scenarios:

  • For installation verification, when a new installation is performed and connection has not yet been established with IdentityIQ/IdentityNow.
  • For testing or debugging purposes as instructed by SailPoint Support.
  • When multiple provisioning transactions are required to be performed quickly and easily from Mainframe than from IdentityIQ/IdentityNow.
DFSMS

SailPoint Connector for RACF version 4.0.01 installation partly supports SMS. The installer may provide VOLSER and UNIT parameters with empty values and lets z/OS DFSMS feature handle it.

For more information about the implementation of this support, see SailPoint Connector for RACF Administration Guide.

STCJOBs

STCJOBs may be used as per customer requirement but it is required when temporary datasets are protected by the RACF TEMPDSN.

For more information about the implementation of this support, see SailPoint Connector for RACF Administration Guide.

 

Resolved Issues

SailPoint Connector for RACF version 4.0.01 has resolved the following major issues:

 

Issues Description
Queue full scenario due to aggregations SailPoint Connector for RACF version 4.0.01 now does not write the aggregation messages to the Queue file by default. Until Connector for RACF version 3.3.01 aggregation messages were written to the Queue file and could fill the Queue file when the Online or Offline Interception was not implemented.
Allows skipping GRS RNL processing

SailPoint Connector for RACF version 4.0.01 supports skipping RNL search by GRS when required using the ENQRNL parameter.

For more information about the implementation of this support, see CTSPARM: Assembler format parameters section of SailPoint Connector for RACF Administration Guide.

KDFAES SailPoint Connector for RACF version 4.0.01 supports KDFAES which was added to RACF by APAR OA43999.

 

Supported Platforms

  • SailPoint Connector for RACF version 4.0.01 can manage RACF for z/OS.
    For a complete list of supported versions of z/OS, see Support for z/OS.
  • Software requirements are as follows:
    • Job Entry Subsystem: JES2 or JES3
    • TSO/E
    • SMP/E
    • TCP/IP

 

Compatibility with IdentityIQ

SailPoint Connector for RACF version 4.0.01 is compatible with all supported versions of IdentityIQ.

For supported versions of IdentityIQ for the following features, see New Features and Enhancements section above:

  • Improved Aggregation Performance
  • Secured communication using AT-TLS (SSL)

SailPoint recommends upgrade of Connector Gateway (packaged with IdentityIQ)  when IdentityIQ is upgraded.

 

Installation information

For detailed information of the installation of SailPoint Connector for RACF version 4.0.01, see SailPoint Connector for RACF Administration Guide.

 

Downloads

Note: You are only entitled to download components for which you have an active license with SailPoint and the availability of a component for download does not grant you a license to use a component or entitle you to use a component for which you do not have an active license.  Please contact your Account Representative or CSM for more information.

 

SailPoint Connector for RACF v4.0.01 - Installer

 

Documentation

SailPoint Connector for RACF v4.0.01 - Administration Guide

SailPoint Mainframe Messages Manual

Labels (2)
Version history
Revision #:
9 of 9
Last update:
‎Oct 02, 2023 01:41 PM
Updated by: