0% found this document useful (0 votes)

68 views52 pages

CA Identity Suite 14.x: Implementation - Integrate The Components 200

Uploaded by

Steven Avila

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

68 views52 pages

CA Identity Suite 14.x: Implementation - Integrate The Components 200

Uploaded by

Steven Avila

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 52

CA

Identity Suite 14.x:
Implementation – Integrate the
Components 200

Student Guide

04IMG2042S

04IMG2042SG1 © 2017 CA. ALL RIGHTS RESERVED.
‐ PROPRIETARY AND CONFIDENTIAL INFORMATION ‐

© 2017 CA. All rights reserved. CA confidential & proprietary information. For CA, CA Partner
and CA Customer use only. No unauthorized use, copying or distribution. All names of
individuals or of companies referenced herein are fictitious names used for instructional
purposes only. Any similarity to any real persons or businesses is purely coincidental. All
trademarks, trade names, service marks and logos referenced herein belong to their
respective companies. These Materials are for your informational purposes only, and do not
form any type of warranty. The use of any software or product referenced in the Materials is
governed by the end user’s applicable license agreement. CA is the manufacturer of these
Materials. Provided with “Restricted Rights.”
CA Identity Suite 14.x: Implementation – Integrate the Components 200 1

CA Identity Suite 14.x: Implementation –
Integrate the Components 200

Welcome to the CA Identity Suite 14.x: Implementation – Integrate the Components 200
course.

CA Identity Suite 14.x: Implementation – Integrate the Components 200
CA CONFIDENTIAL AND PROPRIETARY INFORMATION. UNAUTHORIZED COPYING OR DISTRIBUTION PROHIBITED.
CA Identity Suite 14.x: Implementation – Integrate the Components 200 2

For Learn More Edition Subscribers:

Please note the following learning components complement one another:

 Web‐based training
– Conceptual content with recorded demonstrations that map to the lab activities in
the Dynamic Lab
– Although not required, we recommend you review the WBT component first, as it
describes various use cases for the features and context for the lab activities

 Dynamic Lab Environment
– A fully functional training platform, with a Student Guide and Lab Guide
 Your Student Guide contains pages that indicate when each lab can be performed
 Your Lab Guide provides step‐by‐step instructions for each lab
– You can perform these labs as you progress through the WBT, or choose to perform
the labs all at once

* Some topics may not have a corresponding lab

Course Objectives

After this course, you will be able to:
 Integrate CA Identity Governance with CA
Identity Manager
 Integrate CA Identity Portal with CA Identity
Manager and CA Identity Governance

Course Agenda

1 Integrate CA Identity Governance with CA Identity Manager
Integrate CA Identity Portal with CA Identity Manager and CA Identity
2
Governance

Hands‐on Learning as a Voonair Airlines Employee

You will follow a fictitious company, Voonair Airlines, as they:

 Discover a business need for CA Identity Suite

 Deploy a full CA Identity Suite implementation
– CA Identity Manager
– CA Identity Governance
– CA Identity Portal

You will act as the IT Systems Administrator in Voonair Airlines to:

 Install and integrate the solution functionality using hands‐on‐labs in a
virtual lab environment

To provide a scenario supporting your learning experience, you will follow a fictitious
company, Voonair Airlines, through their journey from recognizing a business need to
implementing the entire CA Identity Suite solution. You will assume the role of an IT
Systems Administrator in Voonair Airlines and complete hands‐on labs that install and
integrate the solution functionality for Voonair Airlines.

Voonair Airlines Case Study
Voonair Airlines is a fictitious large national airline that services over
SCENARIO 10 million customers annually. The growth of Voonair is due to a
recent merger with a similarly sized national carrier and various
acquisitions of smaller regional airlines to increase its market share.
A lot of restructuring and staff reorganization has ensued.

The large scale personnel changes that accompanied the
reorganization has left Voonair scrambling to understand who has
PROBLEM

access to what and, as importantly, reconciling this with who should
have access to what. To make matters worse, their current processes
for managing user identities and governing access are driven on a
manual or ad‐hoc basis, which is inefficient, costly to administer,
unfriendly to business users, and poses serious security risks.

After careful consideration, Voonair has purchased CA Identity Suite
SOLUTION

to help them automate their identity management and governance
processes and simplify the business user experience. As the IT
Systems Administrator in Voonair, you are responsible for the
successful rollout of the product functionality across the
organization.

Your Dynamic Lab Environment

Your dynamic lab environment consists of three virtual Windows 2012 servers:

04IMG20429‐ 04IMG20429‐ 04IMG20429‐

IG Server IM Server Jaspersoft

 CA Identity  CA Identity  CABI JasperReports

Governance 14.0 Manager 14.0 Server 6.2
 CA Identity Portal
14.0 SP1

Your dynamic lab environment for this course consists of three virtual Windows 2012
server machines.
On the IG Server VM, you will install and configure CA Identity Governance.
On the IM Server VM, you will install and configure CA Identity Manager and CA Identity
Portal.
And on the Jaspersoft VM, you will install and configure CABI JasperReports Server.

Integrate CA Identity Governance with
CA Identity Manager

CA Identity Suite 14.x: Implementation – Integrate the Components 200

Module Objectives

After completing this module, you will be
able to:
 Identify the integration concepts and
use cases
 Configure the integration with CA
Identity Manager

Why you need to know:
 By integrating, you can validate that CA
Identity Manager user privileges are
granted in accordance with business
compliance policies and use compliance
checking when creating users, roles, and
accounts in CA Identity Manager.

Voonair Airlines
Integrating CA Identity Governance with CA Identity Manager
You have successfully installed CA Identity Manager and CA Identity
Governance.

As the Systems Administrator at Voonair Airlines, your next assignment is to:

 Configure the integration between CA Identity Manager and CA Identity
Governance

Why Integrate?
CA Identity Manager CA Identity Governance
– Manage user identities – Develop, maintain, and
– Govern access based on roles analyze role models
– Centralized and automated
identity compliance

When you integrate, you can:
• Validate that CA Identity Manager user privileges are granted in accordance
with business compliance policies
• Get suggested roles and compliance checking when creating or modifying
CA Identity Manager users, roles, and accounts
• Understand what roles exist in your organization, establish a role model that
fits your organization, and re‐create the desired role model within CA
Identity Manager
• Analyze and maintain the role model as the business evolves

So why integrate the two products? Well first, lets recap on what each product does.
CA Identity Manager is an identity lifecycle management product that enables you to
manage user identities and govern what they can access based on their role.
CA Identity Governance is an identity lifecycle management product that enables you to
develop, maintain, and analyze role models. CA Identity Governance also provides
centralized identity compliance policy controls and automates processes associated with
meeting compliance demands.

When you integrate CA Identity Manager and CA Identity Governance, you can:
• Validate that CA Identity Manager user privileges are granted in accordance with
business compliance policies
• Get suggested roles and compliance checking when creating or modifying CA Identity
Manager users, roles, and accounts
• Understand what roles exist in your organization, establish a role model that fits your
organization, and re‐create the desired role model within CA Identity Manager
• And analyze and maintain the role model as the business evolves

Integration Architecture

Integration between CA Identity Manager and CA Identity Governance is achieved by
defining import and export connectors in CA Identity Governance that enable the flow of
data between the two systems.

Import/Export Process

What happens to the imported data?

1. The product creates a local copy of all the CA Identity Manager data.

2. The product compares the local copy with the master configuration
(current state of entitlements). This results in a list of all changes since the
last time the import ran.

3. The master configuration is updated with all the changes, and the master
configuration now reflects everything in CA Identity Manager.

4. All changes are made one by one in the model configuration (current state
of entitlements plus any changes).

To introduce CA Identity Manager data to CA Identity Governance, you perform an
import.
But what happens to the data when you import it into CA Identity Governance?
First, CA Identity Governance creates a local copy of all the CA Identity Manager data that
you imported.
Next, CA Identity Governance compares the local copy with the master configuration
(which is the current state of entitlements). This results in a list of all changes since the
last time the import ran. The master configuration is updated with all the changes, and
the master configuration now reflects everything in CA Identity Manager.
Then, all changes are made one by one in the model configuration (which is the current
state of entitlements plus any changes). If the model configuration was the same as the
master configuration, it will also be the same after the import. However, if there were
changes made in the model, they are not overwritten by the import.

Import/Export Process Continued

To push updated CA Identity Governance data back to CA Identity Manager,
you perform an export.

1. Takes the differences between the master and model configurations,
creates a DIFF file, and sends those changes to CA Identity Manager.

2. CA Identity Manager completes each change defined in the export task
and sends a notification back to CA Identity Governance.

3. CA Identity Governance updates the master configuration to reflect what
is in the model configuration and Continuous Update keeps CA Identity
Manager and the CA Identity Governance master configuration
synchronized.

To push updated CA Identity Governance data back to CA Identity Manager, you perform
an export.
1. Takes the differences between the master and model configurations, creates a DIFF
file, and sends those changes to CA Identity Manager.
2. CA Identity Manager completes each change defined in the export task and sends a
notification back to CA Identity Governance.
3. CA Identity Governance updates the master configuration to reflect what is in the
model configuration and Continuous Update keeps CA Identity Manager and the CA
Identity Governance master configuration synchronized.

Information Mapping

When CA Identity Manager and CA Identity Governance integrate, the
following information is synchronized between the two systems:

 User information

 Role information

 Account information

 Endpoint object information

Information Mapping Continued

Here’s a visual depiction of the information mapping between the two systems.
CA Identity Manager users are imported as CA Identity Governance users.
CA Identity Manager provisioning roles and account templates are imported as CA
Identity Governance roles.
And CA Identity Manager endpoint objects are imported as CA Identity Governance
resources.

Communication Mechanisms

The integration between CA Identity Manager and CA Identity Governance
uses the following communication mechanisms:

 CA Identity Governance Connector for CA Identity Manager
– Automatically synchronizes the privilege data between CA Identity Manager
and CA Identity Governance
– Import data from CA Identity Manager to CA Identity Governance
– Export data from CA Identity Governance to CA Identity Manager

 Continuous Update
– Changes made in CA Identity Manager updated immediately in CA Identity
Governance

 Continuous Export (Optional)
– Sends any changes made in CA Identity Governance to CA Identity Manager
immediately

The integration between CA Identity Manager and CA Identity Governance uses the
following communication mechanisms.
The CA Identity Governance Connector for CA Identity Manager is a special type of
connector that automatically synchronizes the privilege data between CA Identity
Manager and CA Identity Governance. By using this connector, you can import data from
CA Identity Manager to CA Identity Governance or export data from CA Identity
Governance to CA Identity Manager.
The Continuous Update feature allows you to leverage CA Identity Governance
capabilities to support day‐to‐day identity management operations. Any changes made in
CA Identity Manager are updated immediately in CA Identity Governance. This feature
allows CA Identity Governance to make provisioning role suggestions and validate
changes against compliance policies, based on current CA Identity Manager information,
instead of waiting for another import from CA Identity Manager to update the CA Identity
Governance data.
Continuous Export is an optional feature that allows you to send any changes made in CA
Identity Governance to CA Identity Manager immediately, instead of doing a full export
operation after numerous changes are made to a role model.
All of these communication mechanisms update the CA Identity Governance master
configuration.

Sample Integration Use Cases
Certifying CA Identity Manager Provisioning Role Assignments
As an administrator, you want to allow managers to review and certify the
provisioning roles of CA Identity Manager users they manage.

1. Configure the integration between CA Identity Governance and CA
Identity Manager.

2. Import data from CA Identity Manager to CA Identity Governance.
– Updates the master and the model configuration in CA Identity Governance

3. Kick off a user certification to review and approve user provisioning role
assignments (and direct permissions).
– Updates the model configuration in CA Identity Governance

4. Export the differences generated by the certification.
– Changes applied directly in CA Identity Manager

One of the common use cases for the integration is certifying CA Identity Manager
provisioning role assignments.
As an administrator, you want to allow managers to review and certify the provisioning
roles of the CA Identity Manager users they manage.
Perform the following process to allow managers to perform user certifications.
First, configure the integration between CA Identity Governance and CA Identity
Manager.
Next, import data from CA Identity Manager to CA Identity Governance. This procedure
updates the Master and the Model configuration in CA Identity Governance.
Then, kick off a user certification to review and approve user provisioning role
assignments (and direct permissions). This certification updates the CA Identity
Governance Model configuration.
Once the certification is completed, export the differences generated by the certification.
The changes are applied to CA Identity Manager directly. CA Identity Manager records
these changes in the task persistence database, where they can be viewed in the View
Submitted Tasks task.
After completing this process, role assignment data between CA Identity Governance and
CA Identity Manager is synchronized and approved by CA Identity Manager user
managers.

Sample Integration Use Cases
Maintaining Compliant CA Identity Manager Roles
You want to be sure that when a new employee is added to CA Identity Manager, they
automatically get privileges that are appropriate to their function and are compliant.

1. Configure the integration between CA Identity Manager and CA Identity Governance.

2. Import CA Identity Manager user, role, and account data to CA Identity Governance.
– Creates the Master and the Model configuration in CA Identity Governance

3. Clean up the imported data in CA Identity Governance.
– Removes suspect entities and relationships, updates the model configuration

4. Create Business Policy Rules (BPRs) in CA Identity Governance.

5. Run the BPRs against the Model configuration.

6. Export changes made to the Model configuration back to CA Identity Manager.

Review Question
Which communication mechanism allows CA Identity Governance to make provisioning role
suggestions and validate changes against compliance policies, based on current CA Identity
Manager information?

A Continuous Export

B Continuous Import

C Continuous Update

D Continuous Connection

Configuring the Integration

Follow these steps to configure the integration:

1. Verify both systems meet the prerequisites.

2. In CA Identity Manager:
– import Smart Provisioning role and task definitions.

3. In CA Identity Governance:
– Create a universe.
– Configure an import connector to CA Identity Manager.
– Import data from CA Identity Manager to CA Identity Governance

4. Verify the CA Identity Governance connection object was created in CA
Identity Manager.

Follow these steps to configure the integration between CA Identity Manager and CA
Identity Governance:
First, you need to verify the systems that host CA Identity Governance and CA Identity
Manager meet the prerequisites.
Next, in CA Identity Manager, you add integration support to your environment by
importing the Smart Provisioning role and task definitions. The Smart Provisioning role
definitions include the tasks that you use to configure the connection to CA Identity
Governance in the User Console.
Then, in CA Identity Governance, you need to create a universe, configure an import
connector to CA Identity Manager, and import data from CA Identity Manager to CA
Identity Governance. This import creates a CA Identity Governance role model.
The final step is verify that the CA Identity Governance connection object was created in
CA Identity Manager.
Lets take a close look at each step next.

Integration Prerequisites

To integrate CA Identity Manager and CA Identity Governance, verify that the
following prerequisites are met:

 CA Identity Governance and CA Identity Manager must be installed on
systems that can communicate with each other.

 If you want to secure the connection between CA Identity Manager and
CA Identity Governance, configure both systems to support SSL.

 Be sure that you have imported all role definitions files for every endpoint
type you have in CA Identity Manager.

 Be sure that all provisioning roles are managed by CA Identity Manager
(and not the Provisioning Manager).

To integrate CA Identity Manager and CA Identity Governance, verify that the following
prerequisites are met:
CA Identity Governance and CA Identity Manager must be installed on systems that can
communicate with each other.
If you want to secure the connection between CA Identity Manager and CA Identity
Governance, configure both systems to support SSL.
Be sure that you have imported all role definitions files for every endpoint type you have
in CA Identity Manager.
Be sure that all provisioning roles are managed by CA Identity Manager (and not the
Provisioning Manager).

Integration Prerequisites Continued

If you are using Microsoft SQL or Oracle as the CA Identity Manager user store,
do the following:

 (JBoss only) In CA Identity Governance, download the sqljdbc.jar file from
the Microsoft Download Center and put it in the following location:
RCM_Server_home\eurekify‐jboss\standalone\deployments\eurekify.war\WEB‐INF\lib

 In CA Identity Manager
Management Console,
add a password attribute
in the Advanced Settings
for the CA Identity
Manager environment.

If you are using Microsoft SQL or Oracle as the CA Identity Manager user store, do the
following:
(JBoss only) In CA Identity Governance, download the sqljdbc.jar from the Microsoft
Download Center and put it in the following location.
In the CA Identity Manager Management Console, add a password attribute in the
Advanced Settings for the CA Identity Manager environment.
It’s a good idea to restart the application server after setting user‐defined properties such
as this.

Import Smart Provisioning Role and Task Definitions

Use the Management Console to import the Smart Provisioning role and task
definitions into a CA Identity Manager environment.

Use the Management Console to import the Smart Provisioning role and task definitions
into a CA Identity Manager environment.
If the environment was created in a previous release of CA Identity Manager, be sure that
you updated the role definitions after the upgrade but before importing them.
The Smart Provisioning role definition file includes tasks that you use to configure the
connection to CA Identity Governance in the User Console. Import this file even if you do
not plan to use the Smart Provisioning functionality.
You should restart the environment after importing the roles and task definitions.

Create a Universe in CA Identity Governance

Master‐Model configurations
enable tracking of differences
between the real‐world
configuration imported from the
system (Master) and the desired
configuration generated (Model).

To import data from CA Identity Manager, you need a universe in CA Identity Governance
to store the data.
Similar to an CA Identity Manager environment, a universe is a view into a management
workspace that lets CA Identity Governance administrators manage entities such as
users, roles, and resources collected from CA Identity Manager. Entity data is stored in
the CA Identity Governance database.
A universe consists of a specific pair of Master‐Model configurations, enabling tracking of
differences between the real‐world configuration imported from the system (Master) and
the desired configuration generated (Model).

Configure an Import Connector to CA Identity Manager

In the CA Identity Governance universe, define the import connector.

Define the connection
parameters to access CA
Identity Manager.
Define the data
mappings.

In the CA Identity Governance universe, define the import connector to CA Identity
Manager.
To define the import connector, you need to define the connection parameters to access
CA Identity Manager and define the data mappings to define how the connector maps CA
Identity Manager objects to CA Identity Governance objects.

Verify the Connection Object in CA Identity Manager

If a connection to CA Identity Governance was not automatically created
within CA Identity Manager, configure a connection manually.

Smart Provisioning and
Continuous Update are
enabled by default.

Specify the Enter the connection
universe. parameters to access CA
Identity Governance.

If a connection to CA Identity Governance was not automatically created within CA
Identity Manager, configure a connection manually to CA Identity Governance using the
Define Configuration task under CA RCM Configuration. This allows you to see Smart
Provisioning functionality and configuration options in the User Console.
In the Define Configuration task, enter the connection parameters to access CA Identity
Governance and specify the name of the universe in CA Identity Governance that CA
Identity Manager communicates with. Then test the connection to verify that CA Identity
Manager can connect to CA Identity Governance. CA Identity Manager displays the
connection status at the top of the screen. Notice the Smart Provisioning and Continuous
Update tabs; the functionality here is enabled by default but you can tailor the settings
to suit your specific needs.

Lab Exercise

 Goal: Integrate CA Identity Governance with CA Identity Manager.
 See Lab 1‐1 Integrate CA Identity Governance with CA Identity Manager.

Module Summary

Now that you have completed this module, you should be able to:

 Identify the integration concepts and use cases

 Configure the integration with CA Identity Manager

In the next module, you will:

 Integrate CA Identity Portal with CA Identity Manager and CA Identity
Governance

Integrate CA Identity Portal with CA
Identity Manager and CA Identity
Governance
CA Identity Suite 14.x: Implementation – Integrate the Components 200

Module Objectives

After completing this module, you will be
able to:
 Configure the CA Identity Manager
integration
 Configure the CA Identity Governance
integration

Why you need to know:
 By configuring these integrations, you
can expose the functionality from both
products in CA Identity Portal.

Voonair Airlines
Integrating CA Identity Portal with CA Identity Manager and CA
Identity Governance

You have successfully installed CA Identity Portal.

As the Systems Administrator at Voonair Airlines, your next assignment is to:

 Integrate CA Identity Portal with CA Identity Manager

 Integrate CA Identity Portal with CA Identity Governance

Configuring the CA Identity Manager Integration

1 Prepare CA Identity Manager for the Integration

2 Create the CA Identity Manager Connector

3 Set Up the GUI Configuration

4 Configure Attribute Mapping for Users and Groups

Perform the following steps to configure the CA Identity Manager integration with CA
Identity Portal.
Let’s take a closer look at each step.

Prepare CA Identity Manager for the Integration
Import CA Identity Portal Roles and Tasks
CA Identity Portal has predefined CA Identity Manager roles and tasks to
support the core portal features.

 Installed in the file system during the CA Identity Portal installation
 Import them into the CA Identity Manager environment

CA Identity Portal has predefined CA Identity Manager roles and tasks to support the core
portal features.
These roles and tasks were installed in the file system during the CA Identity Portal
installation.
You need to import them into the CA Identity Manager environment that you want to
integrate with the portal.

Prepare CA Identity Manager for the Integration
Enable Web Services Execution in the Environment
CA Identity Portal communicates with Identity Management backend
platforms through connectors and the publicly exposed APIs of those backend
systems.

 Task Execution Web Service (TEWS)
in CA Identity Manager

 Enabled at the task level in the
environment

 Enabled at the server level in the
Management Console

CA Identity Portal communicates with Identity Management backend platforms through
connectors and the publicly exposed APIs of those backend systems.
In CA Identity Manager, Task Execution Web Service (TEWS) is a web service interface
that allows client applications (such as CA Identity Portal) to submit tasks to CA Identity
Manager for execution.
In CA Identity Manager, TEWS can be enabled at the task level in the environment.
And it can be enabled at the server level in the Management Console.

Connectors Overview

CA Identity Portal interfaces with your organization's existing Identity
Management platforms (such as CA Identity Manager) through CA Identity
Portal backend connectors.

Connectors enable CA Identity Portal to perform the following tasks:

 Authenticate and authorize users to CA Identity Portal's interface.

 Fetch exiting entitlements and expose them to end users.

 Request entitlements.

 Update statuses for ongoing activities.

CA Identity Portal interfaces with the organization's existing IDM platforms (such as CA
Identity Manager) through CA Identity Portal backend connectors.
Connectors enable CA Identity Portal to authenticate and authorize users; fetch, expose,
and request entitlements; and update statuses for ongoing activities.

Configure the CA Identity Manager Connector

To configure the CA Identity Manager connector:

1. Make sure the CA Identity Manager Server is running.

2. Collect basic connectivity information from the CA Identity Manager
environment that you want to connect to.

3. Create and configure the connector in the CA Identity Portal Admin UI,
designating the connector as the Main Connector.

4. Start the connector manually.

To configure the CA Identity Manager connector, do the following:
First, you need to make sure the CA Identity Manager Server is running.
Next, in the Management Console of CA Identity Manager, you need to collect some
basic connectivity information from the CA Identity Manager environment that you want
to connect to. Remember that CA Identity Manager connectors are defined per
environment.
Then you can go ahead and create and configure the connector in the CA Identity Portal
Admin UI, designating the connector as the Main Connector. The Main Connector
identifies a connector as the authoritative source that will be used by CA Identity Suite
for user authentication. It is recommended that the Main Connector be connected to the
identity management system that contains the most extensive information of users in the
organization.
When you save the connector for the first time, the connector will not attempt to load
automatically. You must start the connector manually. If an error occurs, you will receive
an error message in the log and the connector status will be displayed as Down. If the
connector is created successfully the connector status will be displayed as Up and no
error message is displayed in the log.

Set Up the GUI Configuration

Define how information is displayed in CA Identity Portal.
 The presentation of user information
 Implementation specific information:
– System unique identifiers
– Predefined search

 Defaults available

By setting up the GUI Configuration, you can define how information is displayed in CA
Identity Portal.
You can control the presentation of user information in various places in the application.
For example, display the "First Name" and "Last Name" in the search results of the Access
Rights search.
You can also configure implementation specific information, such as system unique
identifiers that instruct users to search bulk files.
Or predefined searches to search for the user's organizational subordinates.
Defaults are available for GUI configurations.
The attributes used in the GUI Configuration are configured in User and Group Info in the
next step.

Configure Attribute Mapping for Users and Groups

 CA Identity Portal does not save organizational users and groups'
information.
 Instead, it fetches the information from the connected systems on
demand.
 The representation of the CA Identity Portal user and group is defined by
the mapping of attributes in CA Identity Portal to attributes in CA Identity
Manager.
 To configure that mapping, use the Managed Object Attributes section in
the admin UI.
 You need to map all the user and group attributes that you intend to use
in the CA Identity Portal GUI configuration and in CA Identity Portal's
business logic.

CA Identity Portal does not save organizational users and groups' information.
Instead, it fetches the information from the connected systems on demand.
The representation of the CA Identity Portal user and group is defined by the mapping of
attributes in CA Identity Portal to attributes in CA Identity Manager.
To configure that mapping, use the Managed Object Attributes section in the admin UI.
You need to map all the user and group attributes that you intend to use in the CA
Identity Portal GUI configuration and in CA Identity Portal's business logic.

Configure Attribute Mapping for Users and Groups
User Attributes and Group Attributes
Specify a name,
connector, and
an attribute to
map to.

Make the attribute
"Searchable".

Create a new
attribute.

To create a new attribute, click Add User Attribute.
For each attribute you'll need to supply a name for that attribute (the CA Identity Suite
attribute name), select the connector (from the list of system defined connectors) from
which to fetch the information, and select the attribute in the connector to map the
attribute to.
If the attribute is configured as searchable in CA Identity Manager, then CA Identity Suite
will allow you to check the Searchable box and make the attribute "Searchable" in CA
Identity Suite as well.
You need to do the same for any group attributes.

Lab Exercise

 Goal: Configure the CA Identity Manager integration.
 See Lab 2‐1 Configure the CA Identity Manager Integration.

Configuring the CA Identity Governance Integration

1 Configure the CA Identity Governance Connector

2 Start the CA Identity Governance Connector

4 Verify the Integration

Perform the following steps to configure the CA Identity Governance integration with CA
Identity Portal.
Let’s take a closer look at each step.

Configure the CA Identity Governance Connector

In the CA Identity Portal Admin UI, you need to configure the CA Identity Governance
Connector to establish communication to the CA Identity Governance system.
You will need to collect basic connectivity information on the CA Identity Governance
endpoint to which you would like to connect before creating the connector.

Start the CA Identity Governance Connector

After you configure the connector, you need to start it manually.

After you configure the connector, you need to start it manually.
If an error occurs during start up, the connector status will be displayed as Down. If the
connector starts successfully, the connector status will be displayed as Up.

Verify the Integration

To verify the integration with CA Identity Governance, log in to CA Identity Portal to view
the certifications functionality.
You can access certifications through the Campaigns link that appears in the banner at
the top of the CA Identity Portal interface.
To view campaigns in the portal, you need to create them in CA Identity Governance first.

Lab Exercise

 Goal: Configure the CA Identity Governance integration.
 See Lab 2‐2 Configure the CA Identity Governance Integration.

Module Summary

Now that you have completed this module, you should be able to:

 Configure the CA Identity Manager integration

 Configure the CA Identity Governance integration

Course Summary

This course showed you how to:

 Integrate CA Identity Governance with CA Identity Manager

 Integrate CA Identity Portal with CA Identity Manager and CA Identity
Governance

Product Links

Learning Path
Go to: http://www.ca.com/us/education‐training/learning‐paths.html

Product Documentation
Go to: http://docops.ca.com

Certification Exam
Go to: http://www.ca.com/certifications
– You can select a product or solution where you will find the study guide, which provides the
learning path for exam prep, and registration link.

Competency or Accreditation Exam
Go to: http://education.ca.com

Join MyCA and Take Advantage of CA Communities
Share ideas, tips, information, and insights with business peers and experts.
Join Today!
Go to: https://communities.ca.com

To learn more about this product, connect with other users, and share your own
expertise, visit the URLs shown on the slide.

Thank You
Congratulations, you have completed this course.
You will receive an email with a link to a survey
requesting your feedback on this learning
experience. Please take a few moments to
complete the survey.

To leave the course, click Exit at the top of the
screen, or close the browser window.

CA Identity Suite 14.x: Implementation – Integrate the Components 200
CA CONFIDENTIAL AND PROPRIETARY INFORMATION. UNAUTHORIZED COPYING OR DISTRIBUTION PROHIBITED.

VA41E, Syngo Dynamics System Administration Manual, en SAPEDM SyngoDynamics OM Stdalone EHR System Administration Manual
No ratings yet
VA41E, Syngo Dynamics System Administration Manual, en SAPEDM SyngoDynamics OM Stdalone EHR System Administration Manual
288 pages
Bot2 Manual
43% (21)
Bot2 Manual
78 pages
People Soft Integration Tools
100% (2)
People Soft Integration Tools
736 pages
CA Identity Suite 14.x: Implementation - Install The Components 200
No ratings yet
CA Identity Suite 14.x: Implementation - Install The Components 200
170 pages
04pim3001s LG
No ratings yet
04pim3001s LG
175 pages
Relativity - Admin Guide - 8.2 PDF
No ratings yet
Relativity - Admin Guide - 8.2 PDF
450 pages
NICE Perform - Users Administrator Guide
No ratings yet
NICE Perform - Users Administrator Guide
164 pages
1Y0-204 Exam Preparation Guide v06
No ratings yet
1Y0-204 Exam Preparation Guide v06
21 pages
Lab Guide
No ratings yet
Lab Guide
92 pages
Salesforce Certified Agentforce - 18
No ratings yet
Salesforce Certified Agentforce - 18
4 pages
CA Identity Suite 14.x: CA Identity Manager - Implement Provisioning 200
No ratings yet
CA Identity Suite 14.x: CA Identity Manager - Implement Provisioning 200
54 pages
PAM 3.X Configuration Foundations 200 - Lab Guide
No ratings yet
PAM 3.X Configuration Foundations 200 - Lab Guide
84 pages
CompTIA Topic 14
No ratings yet
CompTIA Topic 14
43 pages
Lab Configuration Guide
No ratings yet
Lab Configuration Guide
23 pages
Self-ServiceStudentGuidetoXLabs HTML5
No ratings yet
Self-ServiceStudentGuidetoXLabs HTML5
45 pages
DS140-OOTB IN019 - IB CIS Inventory Journal Data Inbound Integration
No ratings yet
DS140-OOTB IN019 - IB CIS Inventory Journal Data Inbound Integration
32 pages
HCIT 144 Orientation Slides Spring 12
No ratings yet
HCIT 144 Orientation Slides Spring 12
28 pages
CA Service Desk Manager 14.1: Configuring Incident and Problem Management 200
No ratings yet
CA Service Desk Manager 14.1: Configuring Incident and Problem Management 200
39 pages
DS320 Ch1 YE
No ratings yet
DS320 Ch1 YE
43 pages
MS Computer Science
No ratings yet
MS Computer Science
73 pages
s4h 301 Test Your Processes User Guide-200312064032
No ratings yet
s4h 301 Test Your Processes User Guide-200312064032
64 pages
CA Identity Suite 14.x: CA Identity Portal - Create Analytics Collectors 200
No ratings yet
CA Identity Suite 14.x: CA Identity Portal - Create Analytics Collectors 200
22 pages
Support de LAB NCA Lab Guide Student
No ratings yet
Support de LAB NCA Lab Guide Student
21 pages
Sappress Integrating Cats Ess
100% (1)
Sappress Integrating Cats Ess
16 pages
Naenieupdatetool T.B. Lit12011524
No ratings yet
Naenieupdatetool T.B. Lit12011524
61 pages
User's Manual: Assist
75% (8)
User's Manual: Assist
102 pages
Cluster 4 TAP-Project - 25 09 2020 v1 3 - Checklist Student
No ratings yet
Cluster 4 TAP-Project - 25 09 2020 v1 3 - Checklist Student
21 pages
Appendix A
No ratings yet
Appendix A
12 pages
CA Identity Suite 14.x: Implementation - Install The Components 200
No ratings yet
CA Identity Suite 14.x: Implementation - Install The Components 200
44 pages
Outdated - Cisco 4 Intructor Version - Outdated
100% (1)
Outdated - Cisco 4 Intructor Version - Outdated
316 pages
Atp PDF
No ratings yet
Atp PDF
62 pages
Microsoft Official Course: Networking With Windows Server 2016
No ratings yet
Microsoft Official Course: Networking With Windows Server 2016
19 pages
Tshell User
No ratings yet
Tshell User
1,056 pages
Capabiliti User Guide For ACT Health May 2018
No ratings yet
Capabiliti User Guide For ACT Health May 2018
23 pages
Relativity - Recipes - 9.2 PDF
No ratings yet
Relativity - Recipes - 9.2 PDF
240 pages
Setup Guide A+ Core 1 and Core 2 Guide
No ratings yet
Setup Guide A+ Core 1 and Core 2 Guide
22 pages
Virtual Duty Eva Performa
No ratings yet
Virtual Duty Eva Performa
5 pages
Interactions Guide - NIM 4.1
No ratings yet
Interactions Guide - NIM 4.1
151 pages
OBT75+OBS40+OBT70-ATool A4-Student
No ratings yet
OBT75+OBS40+OBT70-ATool A4-Student
6 pages
Microsoft Official Course: Networking With Windows Server 2016
No ratings yet
Microsoft Official Course: Networking With Windows Server 2016
19 pages
NETLAB Student Guide
No ratings yet
NETLAB Student Guide
65 pages
CPE Report
No ratings yet
CPE Report
3 pages
Identity Finder - Pcv5
No ratings yet
Identity Finder - Pcv5
8 pages
Microsoft Official Course: Installing and Configuring Windows Server 2012
No ratings yet
Microsoft Official Course: Installing and Configuring Windows Server 2012
16 pages
3.1-4 Join Domain
No ratings yet
3.1-4 Join Domain
21 pages
Stage: TEST Acceptance User Acceptance Test (UAT) Plan: University of Edinburgh
No ratings yet
Stage: TEST Acceptance User Acceptance Test (UAT) Plan: University of Edinburgh
10 pages
Interaction Data Reference Guide (Compliance) - NP - 3 5 PDF
No ratings yet
Interaction Data Reference Guide (Compliance) - NP - 3 5 PDF
99 pages
Avaya PD-PDS Integration
No ratings yet
Avaya PD-PDS Integration
119 pages
20742A TrainerPrepGuide
No ratings yet
20742A TrainerPrepGuide
8 pages
Template PM UAT
No ratings yet
Template PM UAT
12 pages
PAN9 EDU210 Lab 9
No ratings yet
PAN9 EDU210 Lab 9
24 pages
Cyberlab (Pathology Results Viewer) : A Quick Reference User Guide
No ratings yet
Cyberlab (Pathology Results Viewer) : A Quick Reference User Guide
7 pages
New Microsoft Excel Worksheet
No ratings yet
New Microsoft Excel Worksheet
1,091 pages
Sise Sise
No ratings yet
Sise Sise
2 pages
3.1-4 Join Domain - Copy (Full Permission)
No ratings yet
3.1-4 Join Domain - Copy (Full Permission)
21 pages
20744C TrainerPrepGuide
No ratings yet
20744C TrainerPrepGuide
8 pages
20742B TrainerPrepGuide
No ratings yet
20742B TrainerPrepGuide
8 pages
Networking With Windows Server 2016: Trainer Preparation Guide For Course 20741B: Design of The Course
No ratings yet
Networking With Windows Server 2016: Trainer Preparation Guide For Course 20741B: Design of The Course
7 pages
CDT Pamphlet
No ratings yet
CDT Pamphlet
2 pages
Software Life Cycle, Software Engineering Paradigms With MCQ
No ratings yet
Software Life Cycle, Software Engineering Paradigms With MCQ
52 pages
C s4ppm 2021-Demo
No ratings yet
C s4ppm 2021-Demo
4 pages
Ask-Sqm 03
No ratings yet
Ask-Sqm 03
95 pages
Project On Python
No ratings yet
Project On Python
51 pages
The Definitive Guide To User Acceptance Testing
No ratings yet
The Definitive Guide To User Acceptance Testing
63 pages
Blockchain
No ratings yet
Blockchain
20 pages
Cloud Computing Explained
No ratings yet
Cloud Computing Explained
62 pages
BSC Project Main
No ratings yet
BSC Project Main
31 pages
Zomato Interview Questions
No ratings yet
Zomato Interview Questions
23 pages
Case Study Information Systems Utilization of Walmart Inc
100% (2)
Case Study Information Systems Utilization of Walmart Inc
15 pages
INDEED - Indeed Company Page Overview - 11.02.20
No ratings yet
INDEED - Indeed Company Page Overview - 11.02.20
36 pages
AG 16 IS MILL&Capacity (13-Oct-2023)
No ratings yet
AG 16 IS MILL&Capacity (13-Oct-2023)
28 pages
Iso 27001 Requirementsandnetwrixfunctionalitymapping 1705578827995
No ratings yet
Iso 27001 Requirementsandnetwrixfunctionalitymapping 1705578827995
33 pages
Share Management System Proposal
No ratings yet
Share Management System Proposal
11 pages
Library Management System
No ratings yet
Library Management System
18 pages
InTech FOCUS Process Safety Sept2020
No ratings yet
InTech FOCUS Process Safety Sept2020
30 pages
Gig Titlemaje Ydiydiya
No ratings yet
Gig Titlemaje Ydiydiya
7 pages
Delta Green RPG - Adv - Sweetness - PDF: Your Document Was Successfully Uploaded!
No ratings yet
Delta Green RPG - Adv - Sweetness - PDF: Your Document Was Successfully Uploaded!
2 pages
RIT Communique VOLUME 11 ISSUE 2 APRIL JUNE
No ratings yet
RIT Communique VOLUME 11 ISSUE 2 APRIL JUNE
12 pages
Raffat Resume 2022
No ratings yet
Raffat Resume 2022
5 pages
Resume Rahman
No ratings yet
Resume Rahman
7 pages
Introduction To Modeling and Simulation
0% (1)
Introduction To Modeling and Simulation
13 pages
Kolej Matrikulasi Kejuruteraan Kedah EB025 SEMESTER 2, SESSION 2022/2023 Assignment: Design Project (Key Chain)
No ratings yet
Kolej Matrikulasi Kejuruteraan Kedah EB025 SEMESTER 2, SESSION 2022/2023 Assignment: Design Project (Key Chain)
6 pages
Tata Steel Internship Report Nitin
No ratings yet
Tata Steel Internship Report Nitin
3 pages
Resume of Abhik Dey
No ratings yet
Resume of Abhik Dey
3 pages
510K Optima 520
No ratings yet
510K Optima 520
8 pages
Brocade SANnav
No ratings yet
Brocade SANnav
6 pages
PMP Tutorial PMBOK 5 Scope Questions
No ratings yet
PMP Tutorial PMBOK 5 Scope Questions
6 pages

CA Identity Suite 14.x: Implementation - Integrate The Components 200

Uploaded by

CA Identity Suite 14.x: Implementation - Integrate The Components 200

Uploaded by

CA

04IMG20429‐ 04IMG20429‐ 04IMG20429‐

 CA Identity  CA Identity  CABI JasperReports

You might also like