IdF Advanced Adapter for i5 provides for bi-directional support for LDAP and Active Directory.

The IdF Advanced Adapter for i5 provides its provisioning functionality through the use of JTOpen AS400 libraries from IBM. The IdF Virtual Gateway receives Identity and Authorization change events from JT open effectuating requested changes. Using IBM AS400 JTOpen libraries allows continuity of provisioning from previous AS400 systems to future platform releases.

The Advanced Adapter for i5 provides reconciliation functionality through the use of the IdF Voyager reconciliation agent. The Voyager reconciliation agent sends notification events to the IdF Virtual Gateway from the target system when an identity or authorization event occurs in the native target system.

In addition to the ability to send and request security data from the host platform, the IdF Virtual Gateway is a container for security facility change events which originate on the host (i5). These host originating, change events are captured by Voyager reconciliation agent which is integrated with mainframe exit points.

The Voyager reconciliation agent is a mainframe installed component that detects events that occur on the mainframe using iSeries exit technologies. When a native event occurs, independent of adapter technologies, the event is processed through an appropriate exit. The reconciliation agent captures this event and transforms it into a message to update the IdF Virtual Gateway. Because we are using exit technology, we are not placing hooks into the i5 operating system. 

Change event detection on the host

The Voyager reconciliation agent exits detect a userID addition, deletion, status change, or an attribute / field change. The Voyager reconciliation agent also detects a password change, and if instructed, can securely pass the clear text password to the IdF Virtual Gateway for updates by the identity management system. In addition to change passwords, other password information is communicated, such as a warning that a password is about to expire.

Voyager reconciliation agent is prepared for large, enterprise wide events. The most important benefit of this architecture is that no change events are lost, providing secure guaranteed delivery. 

Midrange event monitoring for Audit & Compliance

The Voyager reconciliation agent detects more than simple changes to identity repositories through the mainframe exits. Most of these events are ignored, such as a simple authentication or accessing a resource. When it is important to monitor these events, the Voyager reconciliation agent can record these actions into a second messaging queue for updates to the Voyager reconciliation agent.

The  IdF Advanced adapter allows you take the generated audit record for the related security events  into a format  that you can use to generate reports you can view and analyze.