Management Agent for CA-Top Secret

Applies To: Windows Server 2003 with SP1

The Computer Associates (CA) eTrust Top Secret Management Agent supports bi-directional synchronization of user accounts and groups from CA-Top Secret to Microsoft Identity Integration Server (MIIS) 2003 and from MIIS to Top Secret.


Available in Identity Integration Feature Pack for Microsoft® Windows Server™ Active Directory® directory service (IIFP)


Management agent type


Supported connected data source versions

  • eTrust CA-Top Secret for z/OS r6.5

  • eTrust CA-Top Secret Security r8 for z/OS Service Pack 2

MIIS 2003 features supported

  • Password management by using password extension

  • Full import

  • Export

Schema Information

This management agent uses a default schema with no schema discovery during the configuration of the management agent.


  • For best performance on import operations, when configuring the management agent for Top Secret, you should include the minimal set of attributes that are needed. Remove unused attributes from the default server configuration to improve the performance of imports.

  • The ID used to run the Top Secret MA must have ACID(CREATE) authority, via the TSS ADMIN function, to create ACIDS under their administrative scope. The administrator must also have RESOURCE(OWN) authority, via the TSS ADMIN function, to assign resource ownership to ACIDs within their scope. In order to assign many of the security attributes, the ID used to the Top Secret MA mush have MISC1, MISC2, and MISC9 authorities, via the TSS Admin function.

See Also


Management Agents in MIIS 2003