19.4 Novell

The following Preferences categories appear as Novell sub-pages:

19.4.1 Designer

The following preferences categories appear as Designer sub-pages:

DS Trace

This setting lets you configure DS Trace settings.

Table 19-13 DS Trace Preferences

Setting

Description

Live DS Trace Display

Specifies the size of the DS Trace window buffer, in lines (or entries). When the number of DS Trace entries exceeds the Window Size, DS Trace drops the oldest entry for each new entry it captures.

Auto-scroll display

Enables auto-scrolling of the live DS Trace window so that the latest log entries are always on screen. When deselected, you must manually scroll down the list of log entries.

Language

When you installed Designer, you selected a language to display Designer’s UI. This setting enables you to change the language.

Figure 19-2 Preferences: Novell > Designer > Languages Tab

  1. Select a language, then click OK.

    You must restart Designer for the language change to take effect.

  2. Restart Designer.

NOTE:Restore Defaults reads the config.ini file, detects the previous language setting, and then defaults to that setting. When the changed property is written back to the .ini file, all comments are removed from the file. To preserve these comments, Designer copies the original config.ini to config.ini.bak and uses the backup to determine the default setting.

Project Checker

This settings lets you configure the Project Checker.

Table 19-14 Preferences: Novell > Designer > Project Checker

Setting

Description

Limit Visible Items to

Allows you to limit the number of items displayed in the Project Checker. The default value is 100.

Prompt me to save the editor before running Project Checker

Allows you to receive a prompt asking you to save your project before running the Project Checker. By default, this is enabled.

Schema

Allows you to manage the Identity Vault and connected system’s schema.

Table 19-15 Preferences: Novell > Designer > Schema

Setting

Description

Warn when LDAP names are different from eDirectory™ names during .ldif import/export

Allows you to turn off this warning prompt, which appears during the import or export of the schema.

Warn when exporting base classes to .ldif

Allows you to turn off this warning prompt, which appears during the export of the schema.

Show the information message for the Manage Application Schema context menu

Allows you to turn off the information message that appears when managing the application schema.

Trace

The Trace view is useful in the following situations:

  • To trace internal errors and messages, so that you can find out why something might not work as expected.

  • To provide information for Novell Support, engineers, or other consulting resources.

All Designer-specific trace messages go to the Trace view if this view is open. Otherwise, no trace messages are sent.

Warnings and error messages are sent to the .log file, found in the run-time workspace metadata directory. Use the Error view to view this information.

Table 19-16 Parameters: Novell > Designer > Trace

Setting

Description

Enable tracing

Writes events to the Trace view. By default, tracing is off. To increase performance, disable tracing when you don’t need it.

Include stack traces

Provides separate traces. Dumps the entire stack where an internal exception occurs, so that you can see in the code where the internal exception is failing.

Include XML processor traces

Provides separate traces that detail all of the processing of XML documents. This trace can become quite verbose.

Show plug-In names in the trace

In the Trace view, displays names of plug-ins where tracing has occurred. This is useful if you are tracing more than one plug-in.

Show view when tracing

Automatically brings up the Trace view if a trace is trying to be logged. By default, this setting is On.

Trace buffer size

Increases the buffer to show more characters. As the buffer increases in size gets higher, performance might degrade, depending on your system.

Plug-Ins to Trace

Lists all Designer plug-ins (in their simple name form). Select plug-ins that you want to trace.

Select All

Enables tracing in all Designer plug-ins.

Deselect All

Disables tracing in all Designer plug-ins.

19.4.2 Identity Manager

Identity Manager

Versions

Figure 19-3 Preferences: Novell > Identity Manager Versions tab

Specifies the Identity Manager version running on a server.

Updates

Figure 19-4 Preferences: Novell > Identity Manager > Updates

Table 19-17 Preferences: Novell > Identity Manager > Updates

Settings

Description

Do not check for updates

Prevents Designer from checking for updates on startup. Hides the Designer Updates dialog box.

Prompt to check for updates on startup

Displays a prompt each time you run Designer. You can disable this prompt.

Automatically check for updates on startup

Always checks for updates. If you disable the prompts that appear on startup, select this option.

Notify me when no updates are available

Displays a No New Updates message when you select to check for updates.

Prompts

Figure 19-5 Preferences: Novell > Identity Manager > Prompts

Table 19-18 Preferences: Novell > Identity Manager > Prompts

Setting

Description

Warn when downgrading server versions

Prompts you when you select an earlier server version for a project. If you downgrade, some elements of your configuration might not work in your target environment.

Warn when upgrading server versions

Prompts you when you select a later server version for a project. If you upgrade, some of your configuration might not be deployable unless you have this later server version in your environment.

Warn when another editor has updated files in the same project space

Warns you that your project might be erased from your workspace. The prompt occurs when overwriting a file in the file system for notification templates and policies.

Warn when deleting items from the outline view

Confirms that you want to delete the selected items.

Browser

Figure 19-6 Preferences: Novell > Identity Manager > Browser

You can use Designer to open a Web browser. After you enter the URL, Designer stores it. To change the URL, type a new one in Preferences, then click OK.

Configuration

Each driver has a startup parameter. If it is disabled, the driver never starts until you change the setting. By default, Identity Manager drivers are disabled when you create them in the Modeler or start Designer. You must start them manually.

For more information, see Section 4.5, Configuring Driver Sets.

General

These general settings specify how drivers start up and how their global configuration values (GCVs) act on specified target servers. The default state uses Disabled and Merge GCVs.

Figure 19-7 Preferences: Novell > Identity Manager > Configuration General Tab

Table 19-19 Preferences: Novell > Identity Manager > Configuration > General Tab Settings

Setting

Description

Auto-Start

The driver automatically starts after you create it or whenever you start or load Designer.

Manual

You must start the driver manually.

Disabled

The driver never starts.

Merge GCVs on the target server during copy

Copies the GCVs from one driver/driver set to multiple targets of the same type. For example, you might configure GCVs on one driver and then copy them to multiple drivers. You also have the option of overwriting the target GCVs or merging your source GCVs with the existing target driver GCVs, if they exist.

Overwrite GCVs on the target server during copy

Overwrites existing GCVs when they are copied to the server.

eDir-to-eDir SSL/TLS

This setting configures how two eDirectory drivers communicate with each other over a secure channel. For more information, see Section 16.7, Configuring TLS for eDir-to-eDir Drivers.

Figure 19-8 Preferences: Novell > Identity Manager > Configuration eDir-to-eDir SSL/TLS Tab

Table 19-20 Preferences: Novell > Identity Manager > Configuration > eDir-to-eDir SSL/TLS Tab Settings

Setting

Description

Preferred key size

Specifies the preferred key size that is generated when drivers are encrypted and stored in eDirectory: 512, 768, 1024, or 2048 bytes.

Preferred secure hash algorithm

Specifies the preferred hash algorithm to use when encrypting drivers: SHA1-RSA, MD2-RSA, or MD5-RSA.

Preferred validity period

Specifies the validity period for a driver certificate, ranging from 6 months to 10 years.

Always overwrite existing certificates

Specifies that existing driver certificates are overwritten with each deployment. If you select this option, Designer deletes existing certificates and creates new ones. The new certificates are then good for another two years (assuming the default value is two years, as defined in the Preferred Validity Period field.) If you select Live > Create eDir-to-eDir Certificates, Designer deletes old certificates and creates new ones.

Overwrite certificates only if they have expired

Specifies that only expired driver certificates are overwritten with each deployment. This is the default setting. The default expiration length is two years. If a certificate expires, SSL/TLS stops working. If a certificate is expired, Designer deletes it and creates a new one.

Never overwrite existing certificates

Never overwrites driver certificates.

Restart drivers after building certificates

Restarts drivers after certificates have been updated or created.

When you create certificates, Designer reads the preferences, including Preferred Key Size, Preferred Secure Hash Algorithm, and Preferred Validity Period. These options are also available through Secure Connection Settings > Advanced TLS Configuration.

Figure 19-9 The Advanced TLS Configuration Dialog Box

NOTE:Designer reads these preferences after you first set them. If you subsequently change the preferences by using the driver’s configuration page, those changes override the settings in Preferences.

After you change default settings and click OK, that configuration information is recorded. When you deploy the driver, Designer creates the certificates, or deletes and creates new certificates with a new time stamp.

Prompts

These settings specify how users are prompted to manage driver certificates on the target server. All are selected in the default state.

Figure 19-10 Preferences: Novell > Identity Manager > Configuration Prompts Tab

Table 19-21 Preferences: Novell > Identity Manager > Configuration > Prompts Tab Settings

Setting

Description

Prompt to replace existing certificates

Prompts the user to provide new certificates.

Prompt to merge/overwrite GCVs on target server during copy

Prompts the user to merge or overwrite when copying GCVs to the target server.

Prompt to create certificates after configuration

Prompts the user to create certificates after configuring a secure connection.

Prompt to overwrite existing settings and policies from the Driver Configuration Wizard

In the Driver Configuration Wizard, prompts the user whether to reset (overwrite) all driver settings and policies.

Prompt when policy operations affect multiple policy sets

Turns on and off a warning dialog box associated with policy operations. The dialog box appears when you move policies in a pre-3.5 environment and the move operation affects multiple policy sets.

Prompt for server selection on live driver actions

Any time you perform a live action on a driver (such as starting or stoping the driver) it prompts you to specify the server associated with the driver.

Document Generation

The Document Generator comes with the following settings:

Figure 19-11 Preferences: Novell > Identity Manager > Document Generation Tab

Table 19-22 Preferences: Novell > Identity Manager > Document Generation Tab Settings

Setting

Description

Automatically open the rendered file after document generation.

If you have a PDF reader installed on your workstation, the rendered file automatically opens in the reader. If you have enabled the RTF format and have a TRTF reader installed, the rendered file automatically opens in the reader. The default is On.

Show warning dialog box when the style is an older version.

Displays a warning when generating documents on out-of-version styles. The default is On.

Warn me before overwriting existing file during document generation

Displays a warning when overwriting previously generated files.

Enable RTF support (experimental).

Allows you to save documents to RTF format. This is a pre-release version. The default is Off.

Output XML source files

Generates XML files as part of the document generation process.

Document applications and drivers related to other selected items.

With this option selected, parent objects and direct child objects are included to give context to the document. Deselecting this option excludes direct children of the selected item. The default is On.

Document Language

Allows you to select a language other then English in which to generate documents. Languages include Chinese Simplified, Chinese Traditional, Dutch, English, French, German, Italian, Japanese, Portuguese Brazil, and Spanish. The default is English.

Font settings

Allows you to select the font you want to use for document generation. This selection adds double-byte font support. The default is Arial font.

Entitlements

Figure 19-12 Preferences: Novell > Identity Manager > Entitlements Tab

Controls whether or how often you receive a prompt whenever you add the DirXML-EntitlementRef attribute to a driver filter. The default is Prompt me, but because this attribute is added only if it doesn’t already exist on the driver filter, you can select Always add it to not see the pop-up window.

iManager

The iManager preferences page includes the following settings:

Setting

Description

iManager URL

The IP address and port for the iManager server.

Show Novell iManager Information Dialog

Prompts you for the URL to the iManager server after you select Tools > iManager. If the URL is missing or incorrect, iManager is unable to launch.

Import/Deploy

The Import/Deploy preferences window contains three tabs: Behaviors, Prompts, and Trace. The following tables describe their options.

Table 19-23 Preferences: Novell > Identity Manager > Behaviors (Import Settings)

Setting

Description

Perform prompt checking when running a driver configuration file

Displays the Do you wish to perform all mandatory and required prompt checking when running this Driver configuration file? prompt. If you select Yes to the prompt, you must then enter information in required fields while configuring the driver. If you select No, you temporarily disable this setting and can skip required fields.

Include application schema when importing drivers

Imports the eDirectory application schema when you select this option. You might not want to import all the associated data. The default is Off. See Section 10.4.3, Importing a Schema.

Table 19-24 Preferences: Novell > Identity Manager > Behaviors (Deploy Settings)

Setting

Description

Replace driver set/server associations when deploying a driver set

If you want driver set and server associations when deploying, select this option. The default is Off.

Always deploy both drivers of an eDir-to-eDir connection

With this option selected, you are prompted to deploy both sides on the connection. With both drivers deployed, Deploy is integrated with the creation of eDir-to-eDir certificates, if the certificates are created in Designer. Deploy adheres to the settings set in Preferences > Designer for IDM > Configuration > eDir-to-eDir. The default is On. This is the recommended setting.

Restart running drivers after deploying the driver

Restarts the driver after it is deployed. The default is On.

Table 19-25 Preferences: Novell > Identity Manager > Behaviors (Summary Dialog)

Setting

Description

Show the summary dialog prior to performing an import

Allows you to view what’s being imported in a summary screen. The default is On.

Show the summary dialog prior to performing a deployment

Allows you to view what’s being deployed in a summary screen. The default is On.

Filter passwords out of summary and compare dialogs

Check this box if you want to filter passwords out of summary and compare dialogs.

Table 19-26 Preferences: Novell > Identity Manager > Behaviors (Export Settings)

Setting

Description

Copy cross driver policy references into exported configuration files

Selected by default, this option saves you the trouble of manually inputting cross-driver policy references.

Table 19-27 Preferences: Novell > Identity Manager > Prompts Tab Settings

Setting

Description

Show dialog to export cross driver policy references to configuration files

Selected by default. If you do not want to see a dialog box about these references, deselect the option.

Show a warning dialog when overwriting a driver set/server association

Warns that the driver set being deployed has a different server association than the server that you are about to deploy to. The association in the deployed driver set overwrites the existing server association.

Show the dialog box to deploy both drivers of an eDir-to-eDir connection

This is the default, and it is also the recommended setting. With this option selected, you are prompted to deploy both sides of the connection.

Show the dialog box to restart drivers after a deployment

Selected by default. If you do not want to see a dialog box about these references, deselect the option.

Table 19-28 Preferences: Novell > Identity Manager > Trace Tab Settings

Setting

Description

Trace import and deploy event information

Deselected by default. If you need to troubleshoot an import or a deploy, select this option, then open the Trace view to inspect the import or deploy.

Generate debug messages for the Driver configuration prompt dialog box

Deselected by default. If you need to generate debug messages, select this option.

Show verbose debug messages

Deselected by default. If you need to generate verbose debug messages, select this option.

Time import and deploy operations

Deselected by default. If you need to time how long it takes to import or deploy an object, select this option.

Modeler

The Modeler preferences window contains seven tabs: Behaviors, Display, Guidance, Layouts, Pages, Prompts, and Themes. The following tables describe their options.

Additionally, the following preferences categories appear as Modeler sub-pages:

Table 19-29 Preferences: Novell > Identity Manager > Modeler > Behaviors Tab Settings

Setting

Description

Auto-create servers when connecting a driver to a different driver set

Automatically creates a server for a driver set when you connect a driver to a different driver set.

Launch the driver Properties dialog box

Launches the driver’s Properties page.

Show the driver’s Policy Flow view

Displays the driver’s Policy Flow diagram in the Outline view.

Table 19-30 Preferences: Novell > Identity Manager > Modeler > Display Tab Settings

Setting

Description

Show labels by Applications and Identity Vaults (Arhitect. mode)

Shows labels below applications (in both modes) and above Identity Vaults (Architect mode only).

Show driver icons in Developer mode

Displays a driver icon on the line that represents a driver in the Modeler.

Show password icons in Developer mode

Displays a password sync icon below a driver icon in the Modeler.

Auto-expand Identity Vaults to fit contents

Causes Identity Vaults to expand to accommodate objects that you place in them.

Auto-shrink Identity Vaults to fit contents

Causes Identity Vaults to shrink when you remove objects from them.

Auto-size Identity Vaults to fit their titles

Enables vaults to expand horizontally, to accommodate long titles. Otherwise, the titles concatenate after approximately 20 characters.

Grid Width

Increases or decreases cells in the Modeler’s grid. To access the grid, select the Modeler, then click View > Grid.

Table 19-31 Preferences: Novell > Identity Manager > Modeler > Guidance Tab Settings

Setting

Description

If an Identity Vault doesn’t already exist, one will be created when you drop the application

Creates an Identity Vault when you drag or drop an application from the palette into the Modeler.

eDir-to-eDir connection tip, when you’ve connected the same eDir app to two driver sets

Prompts you to connect a line directly between the end driver sets when you set up an eDir-to-eDir relationship.

Setting dataflows in architect mode will default all policy and schema settings

Sets policy and schema settings to defaults when you set data flows in architect mode. To edit the settings, use the Developer mode.

Saving Dataflow to disk will first force a project save

Requires you to save a project before you can save a dataflow to disk.

Table 19-32 Preferences: Novell > Identity Manager > Modeler > Layouts Tab Settings

Setting

Description

Default Layout for Applications on Import

Specifies the default layout for application objects when you import a project into Designer.

To arrange an existing project in a particular layout:

  1. In the Modeler, right-click a driver set.

  2. Select Arrange Applications.

  3. Select a layout.

Table 19-33 Preferences: Novell > Identity Manager > Modeler > Pages Tab Settings

Setting

Description

Check the additional Modeler pages you want visible

Determines whether the Architect, Dataflow, and Table pages display as tabs at the bottom of the Modeler. The Developer mode is always enabled.

Table 19-34 Preferences: Novell > Identity Manager > Modeler > Prompts Tab Settings

Setting

Description

Show the Driver Config Wizard at connection time

Launches the Driver Configuration Wizard when you drag or drop an application in the Modeler.

Confirm when a driver is being deleted

Provides a Yes/No prompt for you to choose whether you want to delete the driver and its policies.

Table 19-35 Preferences: Novell > Identity Manager > Modeler > Themes Tab Settings

Setting

Description

Developer

Specifies the theme for Developer mode. Themes define the colors used for background, text, line, domain group background, and domain group title in the Modeler.

Architect

Specifies the theme for Architect mode. Themes define the colors used for background, text, line, domain group background, and domain group title in the Modeler.

Dataflow Page

Specifies the number of columns per page that the Dataflow editor saves in the HTML reports.

To view or use the Dataflow editor, select the Dataflow tab in the Modeler.

Figure 19-13 The Dataflow Tab

Palette Page

The Palette tab includes the following settings:

Setting

Description

Arrange applications in folders

Displays folders (for example, Database) in the palette and places applications in appropriate folders.

Arrange applications in an alphabetical list

Places all applications into one folder in the palette, and lists the applications alphabetically.

Policy Builder

The Policy Builder preferences page includes the following settings:

Additionally, the following preferences categories appear as Policy Builder sub-pages:

Setting

Description

Localize actions, conditions and tokens

Translates the names of policy actions, conditions and tokens into the selected Designer language. When not selected, policy actions, conditions and tokens display in English.

Include project name in title

Includes project name in the title.

Expand all rules when the Policy Builder is loaded

Automatically expands rules in the Rules pane when you open the Policy Builder.

Show version/author/last changed information

Adds additional fields in the Rule Inline editor (available when you double-click a rule.) Designer adds the information from these fields to the policy.

Policy Description

The Policy Description allows you to add comments about the policy.

Figure 19-14 Preferences: Novell > Identity Manager > Policy Builder > Policy Description

The Policy Description preferences page includes the following settings:

Setting

Description

Expand the Policy Description field

Automatically expands the Policy Description field. You can hide the field by selecting the check box.

Number of rows of text to display

Determines how many rows to display in the Policy Description field. The default is 10.

Policy Description position on the page

Places the Policy Description field above or below the Rules pane.

Simulation

The Simulation preferences page includes the following settings:

Setting

Description

Directories: Input

The directory that stores the input document. To simulate (test), you must have or generate an input document. Designer provides several predefined input documents. They are in subdirectories (for example, Add) in the Designer\eclipse\plugins\com.novell.designer.idm.policy_version directory.

You can specify a different location to store the input documents.

Directories: Output

The directory that stores the output document. When you select Save As while testing a document, Designer stores the file in an output directory. By default it is the Designer\eclispe\plugins\com.novell.designer.idm.simulation directory.

You can specify a different location to store the output documents.

Directories: Java Extensions

Enables you to simulate policies that contain references to external Java extensions. Specify the .jar file or the directory where the .jar file is located to add it to the class path.

You can specify multiple Java extensions.

Options: Clear the policy simulation log file prior to performing a simulation

Automatically clears the log file. If you don’t enable this setting, Designer displays a Clear Log button that you can use. If you do many simulations in succession, you might want to disable this option. The log file then captures and displays the events of all the tests, until you click Clear Log.

Options: Show the information prompt when a query is generated

Displays a prompt when the Simulator generates a query. It simulates what the engine would do when a query is required to process the policy.

Options: Notify user when converting the Input Document schema

Notifies a user when the Policy Simulator must convert the Application schema to the ID Vault schema, or vice versa. This is typically necessary when changing the input document’s simulation point.

19.4.3 Provisioning

The Provisioning preferences page configures provisioning settings for the Identity Manager User Application. For information on provisioning settings, see Setting Provisioning View Preferences in the User Application: Design Guide.