Communication Parameters Coordination
For the RACF Connector to communicate successfully with a provisioning module (SailPoint), several parameters must be coordinated between provisioning module's Application or Source Definition, Connector Gateway and RACF Connector.
The table below summarizes these parameters. Each row in the table describes a set of parameters in all or some of the components which must be coordinated. For more information and description of Connector Gateway parameters, see SailPoint Integration Guide or SailPoint Quick Reference Guide for Gateway Connectors depending on Connector Gateway release. For full description of IdentityIQ Application definition, see SailPoint IdentityIQ Administration Guide. For full description of Identity Security Cloud Source definition, see RACF Source Configuration for Identity Security Cloud.
Summary of Required Parameter Coordination
For Connector to communicate successfully with SailPoint, the following Connector installation/environment parameters must be coordinated with parameters specified in the Connector Gateway and in SailPoint:
|
Parameter name |
RACF Connector |
Connector Gateway |
IdentityIQ Application definition |
Identity Security Cloud Source definition |
|
|
RSSNAME |
MSCS in RSSPARM member in PARM library |
MSCS Name parameter in Connector Gateway/Connec-tor Manager Settings |
Connector name in RACF source |
||
|
RSSTYPE |
RSSP_TYPE in RSSPARM member in PARM library. Must be RACF |
|
MS Type selected for Application Type field should be RACF - Full |
RACF source |
|
|
MF_PORT |
PORT parameter in ECAPARM member in PARM library |
port parameter in SM section in init.xml file. |
|
|
|
|
SECURED (TLS) |
AT-TLS implementation |
Implementation steps have to be performed |
Implementation steps have to be performed |
Implementation steps have to be performed |
|
-
RSSNAME – In RACF Connector, the name is set in the DEFPARMS %RSSNAME% parameter in the INSTALL library during installation. After installation, this name is automatically set as the MSCS name in RSSPARM member in the PARM library. The MSCS name appears in column 1 of each parameter line (unless ALL_RSS is set in the line).
This name can be up to 32 characters long. However, SailPoint recommends that you use RSSNAME configurations with eight characters or fewer. If you must configure the RSSNAME parameter with more than eight characters, special adjustments must be performed at the end of the RACF Connector installation procedure. For more information on the additional steps, see Step 13 – Adjust for Longer Managed System Names.
The same name must be specified for %RSSNAME% and for the MSCS Name parameter in Connector Gateway/Connector Manager Settings in Provisioning Module Application Definition (for IdentityIQ) or for the Connector name in RACF Source definition (for Identity Security Cloud).
-
RSSTYPE – During installation RSSTYPE is specified in the DEFPARMS %RSSGTYPE% parameter in the INSTALL library. After installation, the RSSTYPE can be found in the RSSPARM RSS_TYPE parameter in the PARM library. For RACF connector, the value must be RACF. The MS Type in Provisioning module Application definition must be RACF- Full.
-
MF_PORT – TCP/IP port number defined for the RACF Connector for communication with Provisioning Module. Connector for RACF's CTSGATE uses two consecutive TCP/IP ports to communicate with Provisioning Module. By default, the ports used are 2470 and 2471. Verify that these ports are not already in use. If they are in use, locate two other consecutive ports which are available.
Specify the lower of these two ports when you are instructed to provide a value for parameter PORT during the Connector installation. The same port number must be specified in the port field in the SM section of the Connector Gateway init.xml file. For more information, see Step 11 – Customize Communication Settings.
-
SECURED_COMMUNICATION – Secured communication can be implemented by using TLS. The deprecated Transmitted Data Encryption option should be disabled by setting the
ENCR_EXT_ACTparameter in the CTSPUSR member in the PARM library toN.-
TLS – Communication is secured using TLS. Requires implementation of steps in all components.
In the Mainframe, TLS communication must be configured using AT-TLS. With AT-TLS, the TLS processing is performed by TCP/IP and is transparent to the application (CTSGATE). Hence no settings are required in the RACF connector parameters, except for setting the Transmitted Data Encryption to Off as described above.
For more information, see Secured Communication.
-
-
STCJOBS & TEMPDSN are not supported