In OpenText software-as-a-service (SaaS) or hybrid environments, Cloud Bridge is a data transfer bridge that simplifies and secures communication between SaaS applications, such as Identity Governance as a Service or Advanced Authentication as a Service, and on-premises identity sources and applications, such as Active Directory or Identity Manager. The Cloud Bridge Agent (CBA) is the on-premises entity that responds to the collection and fulfillment commands and directs them to the proper data source within the multi-tenant Cloud Bridge service for execution.
The Cloud Bridge Agent communicates with the SaaS applications through a secure messaging service outside the corporate firewall. This messaging service is adaptable for various workloads and provides guaranteed delivery of messages. No VPN is needed and all CBA connections are outbound connections to a well-defined port. Data is protected both in transit and at rest.
An on-premises administrator installs the Cloud Bridge Agent and configures it with the necessary service parameters, including locally-persisted and protected credentials for on-premises and third-party data sources. For more information about Cloud Bridge, see the NetIQ Cloud Bridge Agent Installation and Administration Guide.
The Cloud Bridge Agent 2.0.0 release includes new features, improves usability, and resolves previous issues.
The Cloud Bridge Agent includes the following new features and usability improvements.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the Identity Governance forum or the Advanced Authentication forum on OpenText Forums, our online community that also includes product information, blogs, and links to helpful resources.
This release includes a number of connector management enhancements in the CBA console, including the following:
Ability to install new connectors
Ability to uninstall existing connectors
Ability to update existing connectors to a newer version
Ability to view and address connector conflicts
Visibility to enhanced connector data, including the ability to easily identify any unsigned connectors
NOTE:When you update or delete a connector, the CBA moves the old or deleted connector to a backup folder. You can review the backed up connector .jar files and delete them permanently after you have verified that all components in your environment are working as expected.
For more information, see “Manage and Update Connectors” in the Cloud Bridge Agent Installation and Administration Guide.
In this release, the CBA allows you to create and manage additional administrator accounts and roles so you can provide access to the CBA without sharing the bootstrap administrator account credentials.
In Cloud Bridge 2.0.0, the CBA includes the same connectors that were bundled with Cloud Bridge 1.10.4. When you upgrade, however, all connector .jar files in the /collectors folder will be moved to the /bridgelib folder.
IMPORTANT:The CBA installation script does not automatically remove custom connectors from the /bridgelib folder, so you must manually remove them if you want to replace them with the updated connectors in Cloud Bridge Agent 2.0.0.
For information about configuring templates for connectors in Identity Governance as a Service, see the Identity Governance as a Service User and Administration Guide.
Cloud Bridge 2.0.0 no longer supports some options in this release.
Previous releases of the Cloud Bridge Agent employed a relaxed or “intermediate” level Java security policy to enable customers to easily connect with other network resources. This support has now been discontinued and Cloud Bridge 2.0.0 has stricter security requirements, in accordance with Open Text standards. For more information, see “Understanding the Cloud Bridge Agent TLS Security Policy” in the Cloud Bridge Agent Installation and Administration Guide.
The DisableChangeCollection function has been removed from the CBA bridge-agent.yml configuration file in this release. This function is no longer needed now that Advanced Authentication supports disabling Fast Sync.
The following issue is currently being researched for Cloud Bridge Agent 2.0.0.
Issue: The CBA installation creates the <agent-install-dir>/agent/conf/bridge-agent.yml file, which has properties that the CBA uses for configuration. To support the new online update feature, a new notification property has been added to the bridge-agent.yml file. By default, the connectorUpdateCheckInterval property is set to "1" (once per day). When the CBA starts up, it runs the update check in one minute, then it is scheduled to run again in one day. The bridge-agent.yml file has a note that implies you can set the value to 0 (zero) to disable checking for online updates. However, if you set the value to zero, the CBA fails to start. (Defect 607121)
Workaround: There is currently no workaround for this issue. To prevent this issue, do not change the connectorUpdateCheckInterval property in the bridge-agent.yml file.
You can install the Cloud Bridge Agent 2.0.0 in a new environment, or you can upgrade from a previous version.
Before you upgrade an existing CBA installation, you should review your environment and determine whether you need to make any changes for high availability. For planning information and upgrade instructions, see Upgrading Your CBA Environment
in the Cloud Bridge Agent Installation and Administration Guide.
IMPORTANT:The connectors in CBA 1.10.3 or later have been updated to Java 11. The Cloud Bridge Agent 1.10.0 or later has been updated to JDK 17, which is backward compatible with JDK 11. If you are upgrading the CBA from an earlier version and have custom connectors that were compiled with JDK 8, you will need to recompile them with JDK 11. You must also ensure that any new custom connectors are compiled with JDK 11.
The CBA installation script does not automatically remove custom connectors from the /bridgelib folder, so you must manually remove them if you want to replace them with the updated connectors in Cloud Bridge 2.0.0.
For a new CBA installation, see the following topics in the Cloud Bridge Agent Installation and Administration Guide:
For specific product issues, contact OpenText Support at https://www.microfocus.com/support-and-services/.
Additional technical information or advice is available from several sources:
Product documentation, Knowledge Base articles, and videos: https://www.microfocus.com/support-and-services/
The OpenText Community pages: https://www.microfocus.com/communities/
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.microfocus.com/about/legal/.
Copyright 2024 Open Text.