×

IDMWORKS Blog

CA Role and Compliance Manager (RCM) 101


CA’s Role and Compliance Manager (RCM) is a product designed to accomplish two core tasks for Role Based Access Control (RBAC):

1. Locate, design, and model user access roles based upon user characteristics or patterns.
2. Provide a Web portal for certifying (attesting) user access to resources.

Role and Compliance Manager (CA RCM)

Introduction to Role and Compliance Manager

CA’s Role and Compliance Manager (RCM) is a product designed to accomplish two core tasks for Role Based Access Control (RBAC):

  1. Locate, design, and model user access roles based upon user characteristics or patterns.
  2. Provide a Web portal for certifying (attesting) user access to resources.

RCM accomplishes this by importing data from endpoints or data sources such as Microsoft’s Active Directory, RACF (IBM Mainframe) or TSS (Top Secret) among others.  RCM divides the imported data into three categories; users, roles and resources.  User data contains items such as job titles, organization, and a unique user identifier.  The roles contain the association of users to resources such as windows groups (or maybe not) or mainframe resource profiles.  Resources are what the user has access to such as data sets, windows groups (or maybe not).   The RCM tools provide easy to use functions to locate roles, creation of subset configurations (filters), enhancement of user data (such as adding email address to users), displaying resources a users has or which users have access to a resource, and much more.  This data is than provided to the Web portal where certifications of users access to resources and role certification can be conducted.

RCM Deployment Requirements

The CA RCM GUI utilities are Windows based and can be deployed on almost any Windows version (W95, W2003, W2008).  Oracle or MS SQL server (MSDE is acceptable) is needed.  The Web portal uses the JBOSS Java application server.  A dual core Windows server with 4Gb of memory and 160Gb of disk will handle both the RCM client and portal requirements.  I prefer to use the windows platform exclusively as the use of the RCM GUI tools (DM and DNA) are windows exclusive.

Installation

Installation is quick and relatively painless.  A couple of pre-requisite software packages must be installed (JAVA JDK, MSXML, VC++ redistributable, .NET Framework, SQL Client).  Four databases are used on the SQL server, post configuration of JAVA memory, the JBOSS service, SSL certificates, and workflow imports are needed.  The installation can easily accomplished in less than one day with a good integration document.

Entries to follow:

    • RCM Automation using .SBT files

Other items to follow:

  • RCM Security and the eurekify.cfg
  • Export of RCM data to CA IdM

Questions, comments or concerns?  Feel free to reach out to us at IDMWorks.

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

Leave a Reply

Your email address will not be published. Required fields are marked *