Suffix creation

Security Verify Access requires that we create a suffix that maintains Security Verify Access metadata.

We must add the suffix only once when you first configure the LDAP server. The suffix enables Security Verify Access to easily locate and manage the data. It also secures access to the data, avoiding integrity or corruption problems.

For more information about management domains and creating a location for the metadata, see Security Verify Access management domains and Management domain location example.

If you decide to add suffixes after the ISAM policy server is configured, we must apply the appropriate ACLs to the newly created suffix. We can use the ivrgy-tool to apply the ACLs to the new suffix. For more information about the ivrgy-tool, see the Reference topics in the IBM Knowledge Center.

Parent topic: IBM Tivoli Directory Server for z/OS installation and configuration