Transparent synchronization
Mainframe Connector can intercept password changes on OS/390 or z/OS mainframes, with RACF, ACF2 or TopSecret security software. This is done by inserting an exit trap into the security system, and by installing an authorized task which starts at IPL.
The combination of an exit and task apply password strength rules defined on the Bravura Pass server to all new password selections, made using any user interface, natively on MVS or OS390. The task forwards a request for synchronization to the Bravura Pass server after every successful mainframe password change.
Before installing the exit and task on your mainframe, be sure to inform your users that:
All mainframe password changes for users who appear in the Bravura Pass server’s user database will be subjected to the password policy enforced on the Bravura Pass server.
When users who are defined on the Bravura Pass server change their passwords on the mainframe, their new password will be automatically applied to all of their other accounts, on other systems defined on the Bravura Pass server.
Refer to the Mainframe Connector documentation for detailed instructions about installing and configuring the exit and task on your security system (RACF, ACF2 or TopSecret).
If you install Mainframe Connector, but do not install the password exit in your security product, then Bravura Pass will be able to manage mainframe passwords, but transparent password synchronization will not be triggered by native mainframe password changes.