• Products:
  • By Category
    • Business Intelligence
    • Storage
    • Networks & Telecom
    • Terminal Emulation & FTP
    • Integration, SOA & Modernization
    • Database & Security
  • By Platform
    • Linux
    • System z (IBM Mainframe)
    • System i (AS/400)
    • Windows
    • HP OpenVMS
  • By Brand
    • Arkivio
    • ASTRAC
    • BlueZone Software
    • CorVu
    • Mainstar
    • Seagull Software
    • Servergraph
    • SmartDB
  • Additional Products
    • Web Page Customization & Help/Assistance
    • Windows Utilities
    • Free Tools
  • All Products
• Support
• Partners
  • OEM Partners
  • Technology Partners
  • VAR Partners
• News & Events
  • Press Releases
    • 2008
    • 2007
    • 2006
    • 2005
    • 2004
    • 2003
    • 2002
    • 2001
    • 2000
  • In the News
    • 2008
    • 2007
    • 2006
    • 2005
    • 2004
    • 2003
    • 2002
    • 2001
    • 2000
  • Events
• About Us
  • Management Bios
  • Rocket R&D Labs
  • Locations
  • Careers
  • Contact Us
• Rocket Brands:
  • Arkivio
  • ASTRAC
  • BlueZone Software
  • CorVu
  • Mainstar
  • Seagull Software
  • Servergraph
  • SmartDB
•  

Overview

The Rocket LDAP Bridge allows you to integrate RACF, CA ACF2, and CA Top Secret databases with your other enterprise security data, by using standard LDAP commands.

The Rocket LDAP Bridge consists of a base product and a flexible set of optional plug-ins. It is based on OpenLDAP with LDAPv3 support.

Highlights

The Rocket LDAP Bridge:

• Works with mainframe security database fields:
  • All RACF fields
  • All TSS fields including user-defined fields
  • All ACF2 logonid record fields as well as Access and Resource rules.
• Provides bi-directional password synchronization between mainframe security database and the client
• Is constructed such that LDAP data and applications reside on the mainframe
• Uses TLS/SSL with Mutual Authentication and CRL checking
• Provides LDAP change logging and audit logging
• Provides alias management on user creation and deletion
• Allows you to search using standard LDAP filters
• Supports the pam_ldap authentication plug-in, for authenticating Linux logins against the RACF user database

Plug-ins

The Rocket LDAP Bridge serves as the foundation for a suite of plug-in products. Each plug-in enables you to customize your LDAP repository by adding new functionality.

The Rocket LDAP Bridge plug-ins help simplify administration tasks in complex, heterogeneous environments that include z/OS mainframes. They work with third-party identity management solutions and web applications, and expose powerful, secure administration interfaces.

• racf2ldap, acf22ldap, tss2ldap – provide automatic outbound synchronization from RACF, CA ACF2, or CA Top Secret to the LDAP Server.
• ldap2racf, ldap2acf2, ldap2tss – provide inbound synchronization. These plug-ins are designed to allow you to update RACF, CA ACF2, or CA Top Secret fields.
• pticket – provides RACF PassTicket credentials to sufficiently authorized LDAP clients.
• ldifsync – provides a method for authorized LDAP clients to retrieve, in standard LDIF format, the changes that were made to the RACF, CA ACF2, or CA Top Secret database since the last ldifsync query.
• ldap2tso – provides a method for authorized LDAP clients to issue non-interactive TSO commands, in the security context of the authenticated LDAP user.
• pwdsync – provides a method for authorized LDAP clients to push passwords to the mainframe, or read the results of each user’s most recent password change.

Required z/OS System Software:

• IBM z/OS 1.7, 1.8, or 1.9
• A version of CA Top Secret that is currently supported by CA (when working with CA Top Secret)
• A version of CA ACF2 that is currently supported by CA (when working with CA ACF2)

Request more info