A.2 Configuring User Object Synchronization

If the clusters in your business continuity cluster are in separate eDirectory trees and you require user-based access control, then User object synchronization is required.

To configure the Identity Manager driver for User object synchronization:

  1. Start your Internet browser and enter the URL for iManager.

    The URL is http://server_ip_address/nps/iManager.html. Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed.

  2. Specify your username and password, specify the tree where you want to log in, then click Login.

  3. In the left column, click DirXML Utilities, then click the New Driver link.

  4. Choose to either place the new driver in a new driver set, or add the driver to the driver set you created for cluster resource synchronization, then click Next.

    Both the User Object Synchronization driver and the Cluster Resource Synchronization driver can be added to the same driver set.

  5. Specify the driver set name, context, and the server that the driver set will be associated with.

    The server is the same server where you installed the Identity Manager engine and eDirectory driver.

  6. Choose to not create a new partition for the driver set, then click Next.

  7. Choose to import a preconfigured driver from the server, select the Identity Manager preconfigured template for User object synchronization, then click Next.

    The template name is BCCUserObjectSynchronization.XML.

  8. Fill in the values on the wizard page as prompted, then click Next.

    Each field contains an example of the type of information that should go into the field. Descriptions of the information required are also included with each field.

    Additional information for the wizard page fields can be found in Importing the Sample Driver Configuration in the DirXML Driver for eDirectory Implementation Guide.

  9. In the left column of the iManager page, click DirXML, then click DirXML Overview.

  10. Search the eDirectory tree for the Identity Manager driver sets by clicking Search.

  11. Click the User Sync driver icon, then click Migrate > from eDirectory.

  12. Click Add, browse to and select the context that contains the User objects, then click OK.

  13. (Optional) Exclude the Admin User object from being synchronized:

    1. Click the Exclude Administrative Roles button, then click Add.

    2. Browse to and select the Admin User object, then click OK.

  14. Perform Step 1 through Step 13 for each cluster that is in a separate tree.