ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How do I configure a C++ Connector Server on 64-bit Windows to connect to an Access Control endpoint?

book

Article ID: 51204

calendar_today

Updated On:

Products

DIRECTORY CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On SINGLE SIGN ON - LEGACY CA Data Protection (DataMinder) CA User Activity Reporting

Issue/Introduction

Description:

Configuring the encryption package used to connect to Access Control on a 64-bit operating system means that a different registry location must be configured. This TechDoc documents the appropriate Wow6432Node where this configuration should be made.

Solution:

IMPORTANT: This article contains information about modifying the registry.
Before you modify the registry, make sure to create a back up of the registry and ensure that you understand how to restore the registry if a problem may occur. For information about how to back up, restore, and edit the registry, please review the relevant Microsoft Knowledge Base articles on support.microsoft.com.

How do I configure a C++ Connector Server on 64-bit Windows to connect to an Access Control endpoint?

When installed on a 64-bit operating system the components that make up our Access Control connector need a configuration directive on how to determine their encryption settings, but these are stored in a different location for 64-bit Windows.

In this example our encryption settings will be:

  • Encryption scheme: AES256
  • Encryption passphrase: Passphrase
We also assume that each of the above is already configured on the Access Control endpoint to be acquired, and a Terminal definition allowing the C++ Connector Server and an administrative user is available.

On your server where the Identity Manager C++ Connector Server is installed, perform the following:

  • Configure the encryption scheme in the registry node:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ComputerAssociates\Identity Manager\Provisioning Server\NSOptions\ACC\eTrust Access Control SDKrt
    1. Key Name: Encryption Package
    2. Key Value: C:\Program Files (x86)\CA\Identity Manager\Provisioning Server\etc\acc\aes256enc.dll
      Note, if you have installed the C++ Connector Server in a different location, please update the above path information to reflect that location.
  • Run CHANGE_EAC_KEY.bat, set the password to Passphrase

This is the updated registry location required for the Encryption settings when run on a 64-bit Windows platform. The application will automatically read from this location when run on a 64-bit Windows platform, and no application code changes are anticipated for 64-bit Windows Operating System support.

Environment

Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente
Component: