What is the CA LDAP API?

Document created by Icculus Employee on Aug 20, 2014
Version 1Show Document
  • View in full screen mode

The CA LDAP API back end connects the CA LDAP Server (CA Directory itechpoz db ) to another LDAP Server (Active Directory, SunOne, Novell, etc.)  making the CA LDAP Server a client of that LDAP Server. In this manner, you can make the CA LDAP Server the entry point into your directory hierarchy. This configuration allows the CA LDAP Server to forward the LDAP operation to another LDAP Server to perform the work. The results are then passed back to the application (EEM) that made the initial call. This process removes the need to configure referral URLs in the CA LDAP Server. It also removes the need to code referral support in the application that made the original call.

 

The LDAP API also makes calls to the CA Directory itechpoz db directly for local information stored in the db itself. Normally, the itechpoz db holds policy information for embedding products that register with EEM and session objects from a user login. It can also hold user and group object information if you are not connecting to an external LDAP source like Active Directory. The LDAP API makes calls to the main functions that CA Directory already uses in a standalone product manner. (dxsearch, dxmodify, dxdelete)

 

And finally the LDAP API handles calls made to a Siteminder connected user repository when connecting via the original method in EEM present in EEM versions 8.3 and above, and also with the SSO connector option in EEM versions 12.x and above.

 

CA does maintain a dedicated development team responsible for code changes and enhancements to the CA LDAP API. Support of this comes from the product that has adopted the LDAP API wrapper for its use.

 

Both CA Top Secret and CA ACF2 utilize the CA LDAP API to quite an extent, while the EEM product uses basic functions to satisfy search and modify capabilities.

Attachments

    Outcomes