Team,
You may still be using the older CAM/CAFT processes used by CA Identity Manager to manage endpoints that previously did not have an open API or alternative communication protocols.
CAM/CAFT is an older but stable process that still has some life.
If you find yourself still using this for MS Exchange or UNIX, you may find you have some challenges if placed on newer MS Window Servers with UAC and OS Firewalls.
Challenge 1: UAC & cafthost
To address UAC error messages that will not allow you to edit "approved" hostnames via cafthost -a HOSTNAME or view with cafthost -l, recommend the use of an environmental variable: CAI_Admin_Check=2
Challenge 2: OS F/W and TCP 4105
While one can disable the OS F/W, this is a "hammer" approach, to just opening the defined ports. Below are examples using MS Windows CLI processes to allow any host to communicate to port 4104/4105. You may wish to use TCP or UDP (not both)
netsh advfirewall firewall add rule name="Open IMPS CAM TCP Ports" dir=in action=allow protocol=TCP localport="4104,4015"
netsh advfirewall firewall add rule name="Open IMPS CAM UDP Ports" dir=in action=allow protocol=UDP localport="4104,4015"
Challenge 3: Missing DLL dependency - MSVCR71.DLL
cam.exe, caft.exe, caftf.exe have a dependency on MSVCR71.DLL (32 bit) to be in the general OS PATH.
If this file does not exist in the PATH, find a local copy and place in C:\Windows\SysWow64 folder.
You may confirm this dependency with the tool Dependency Walker. Dependency Walker (depends.exe) Home Page
Challenge 4: Mis-configured CAM configurations files
While the temptation is there, to edit what seems to be pure ASCII configurations file, please avoid, as the TAB and special characters are assumed to be in the correct locations. It is possible to use CAM CLI tools to edit the configuration files. If you find you have error message related to:
CAM is running on endpoint but IMPS returns "No remote CAFT server running" or "No local CAFT server running"
Please review tech note: TEC526677
http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec526677.aspx
Useful CAM commands:
camping (ping over the CAM protocol - used to identify F/W issue)
camstat (should be NO DIS {disconnects} in the list)
cafthost -l (view the "approved" list of inbound hosts allowed to send files)
cam.exe is executed as a Windows NT service
caft.exe is called by cam.exe when needed
caftf.exe is called by caft.exe when sending and receiving files over the CAM protocol.
Recommend using MS Sysinternals to monitor the following services:
Process Monitor
im_ccs.exe - CA IM C++ Connector - Used to manage Exchange and UNIX endpoints
cam.exe - CAM Service (aka CA Messaging Service)
caft.exe - CAFT Service (aka CA File Transfer Service)
caftf.exe - CAFT sub-service (push/pull files across the CAM protocol)
Enclosing a logical diagram of the CA IM AD + Exchange connectors (using both CAM and the newer process of WinRM) to manage Exchange; that I find useful for debugging and walking through with consultants and customers.
Cheers,
A.