3.3 Customizing the Driver

Before you use Novell Identity Manager driver for RACF on z/OS, review the global configuration values to ensure that you have specified appropriate values, such as the names of your eDirectory containers for users and groups. For details about global configuration values, see Setting Global Configuration Values.

3.3.1 Controlling Which Objects and Attributes Are Synchronized

Synchronization can be controlled with filters, event policies, and entitlements.

Filter

Identity Manager uses filters to control the data flow for which objects and attributes are synchronized, and to define the authoritative data source for these objects and attributes. The initial data flow configuration was specified during installation. For details, see Creating and Configuring the Driver Object.

The preconfigured filter is illustrated in Filter.

To change the filter:

  1. In iManager, click Identity Manager Management > Overview.

  2. Locate the driver in its driver set.

  3. Click the driver to open the Driver Overview Page.

  4. Click the Driver Filter icon and make the desired changes.

Event Policies

You can use the Event Transformation policies to perform custom filtering of objects based on criteria according to your business rules.

Entitlements

If you enabled role-based entitlements during installation, you can use entitlements to control access to RACF accounts.

3.3.2 Conforming to RACF Requirements

If your eDirectory object names and attributes do not meet RACF restrictions, you must use filters and policies to block or modify them to conform before they are delivered to the Subscriber channel. For example, you can use the Subscriber Create policy to edit check CN for length and character set requirements.

3.3.3 Customizing the Policies

You can modify, replace, or supplement the preconfigured sample policies to perform whatever processing is necessary to meet your business requirements. For examples and guidance, you can study the sample policies distributed with this and other Identity Manager drivers.

For details about the z/OS RACF Schema, see Section A.0, z/OS RACF Schema and Driver Processing.

For general information about customizing policies, see the Policy Builder and Driver Customization Guide at the Identity Manager 3.6.1 Documentation Web site.