The CA Web Administrator for ACF2™ (CA Web Administrator) provides comprehensive CA ACF2 administration in a browser-based graphical user interface. Administration functions include:
- Create, copy, modify, and delete logon IDs
- Add and delete Data Set, Resource, and DB2 rule lines
- Delete rules
- Create, modify, and delete the following CA ACF2 records:
CPF, Cache, Data Profile, DCO, Entry, GSO, LDS, Scope, Shift, XREF, and Zone
- Issue native CA ACF2 commands from a command line
- The interactive command compile is not supported.
Note: CA Web Administrator does not support digital certificates or compiled data profile records.
CA Identify Manager allows for ACF2 Password Synchronization and Password Management.
CA LDAP Server Resource/Dataset Authorization Checks
You can use a CA LDAP Server search operation to perform authorization checks against the CA ACF2 Security database. Two different authorization checks are available for you to perform:
RESCHECK
RESDATA
The authorization checks can be done through ldapsearch command from an application
or from OMVS.
Details can be found in the CA LDAP Server Documentation: CA System z Security Communication Servers (DSI, LDAP, PAM) - 15.1 section: "Using the Search Operation to Perform Resource Checks".