Using Sailpoint IIQ connector on an ACF2 system, no logon stats are being updated for the ids used by Sailpoint.

book

Article ID: 192005

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - z/OS CA ACF2 - MISC

Issue/Introduction

The Sailpoint IIQ connector is installed on the mainframe.
There is a connector started task that communicates with the server that spawns other started tasks for doing work. 

With the spawned started task  (CTSACS) when ids are created/modified, it utilizes an id with ACCOUNT and SECURITY on an ACF2 system.

This logonid does not get updated with stats  (like acc-cnt or acc-date).
 
This could cause the ids be deleted do to inactivity.

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

Sailpoint has created a fix, FSD0102.  Here are the details from Sailpoint:
 
"When verifying the MS administrator, the user has the option of requesting the site's security product to update the logon statistics, e.g., logon date and time.  The new RSSPARM parameter is UPDATE_LOGON_STATS. When UPDATE_LOGON_STATS is set to Y, the site's security product updates the logon statistics when verifying the MS administrator. When UPDATE_LOGON_STATS is set to N or not present in the RSSPARM member, the site's security product does not update the logon statistics when verifying the MS administrator.

In addition, we issue a RACROUTE REQUEST=VERIFY with STAT=NO (do not update statistics) or STAT=ASIS (do update statistics) – depending on the RSSPARM UPDATE_LOGON_STATS parameter setting. These are all standard interfaces. We do not issue any SVC call and we do not bypass normal security processing."
 
Contact Sailpoint Support for more information.