The Advanced Adapter for IBM-RACF provides a native interface between your application or identity infrastructure and the RACF security manager installed on a z/OS Mainframe. The adapter functions as a trusted virtual administrator on the target system, performing tasks, such as creating login IDs, changing passwords and managing alias catalogs. The adapter enables provisioning and reconciliation events with the RACF security manager, automating some of the functions that administrators usually perform manually. The Advanced Adapter for IBM-RACF enables you to use RACF either as a managed (target) resource or as an authoritative (trusted) source of identity information for your application or identity infrastructure.

The IdF Adapter for RACF enables an identity infrastructure to support and manage your policy, profiles, identity events and other resources on your mainframe. This tool reduces administration time, increases operational efficiency and reduces security risk. It is very important to note that the IdF mainframe solution provides the mechanism to retrieve critical data required that would meet corporate and regulatory polices.

Product Features

  • Authentication | Authorization
  • Bi-Directional User Profile Synchronization
  • Password Management
  • Real-Time Reconciliation
  • Alias Management
  • Dataset & Resource Management
  • Group Management
  • Real-Time Audit and Compliance Capture
  • Extend custom attributes and legacy applications

Product Benefits

  • Risk Reduction
  • Policy and Regulatory Compliance
  • Increase operational efficiency
  • Reduced administration costs
  • Improved Security
  • Extends current technology investments

Component Overview

The IdF Advanced Adapter for RACF is comprised of the Pioneer provisioning agent and the Voyager reconciliation agent. Both components in conjunction with the IdF LDAP Gateway enables the IdF Advanced Adapter for RACF the ability to provide for bi-directional support for transformation of native RACF commands to LDAP and LDAP commands to RACF.

The Pioneer (provisioning) agent receives identity and authorization change events, effectuating requested changes upon the target system. The Pioneer agent is a mainframe component that executes native requests that are sent from your application or identity infrastructure.

The Voyager (reconciliation) agent sends real-time notification events of user profile changes to the identity application from the target host system. The agent detects events such as user addition and deletion and changes in status, attribute, group membership and/or password.