The SOAP driver comes with two configuration files that can be used to create a Driver object:
For more information about the sample files, see Understanding the SPML Configuration and Understanding the DSML Configuration.
To create a Driver object using a driver configuration file:
Identify a user object that has the rights that the driver needs to have on the server.
The tendency is to use the Admin user object for this task. However, you might want to create a DriversUser (for example) and assign security equivalence to that user. Whatever rights that the driver needs to have on the server, the DriversUser object must have the same security rights.
If necessary, a new DriversUser object should be created in iManager.
Create a new Driver object or import the configuration onto an existing driver.
In Novell iManager, select DirXML Utilities, then use one of the tasks as described in "Managing DirXML Drivers" in the Novell Nsure Identity Manager 2 Administration Guide.
The wizard prompts you to provide the following information:
NOTE: You need to scroll down to see these fields.
| Field | Description |
|---|---|
Driver Name |
Specify the name of the Driver object in Identity Manager. |
Configure Data Flow |
Specify the driver channels you want to be active. eDirectory to DSML: Sends Identity Vault events to the application. DSML to eDirectory: Receives events from the application. Bi-Directional: Activates both the eDirectoryTM and the DSML channels. |
<nds>, <input>, <output> Element Handling |
Select one of the following: Remove/Add Elements: The driver shim removes and adds the required XML elements of nds, input, and output. These required elements are removed from XML documents sent to the application and are added to XML documents received from the application before sending the document to the Identity Manager engine. This is the preferred option for the SOAP Driver. Pass Elements Through: Turns off element handling. The required XML elements of nds, input, and output aren't added or removed to XML documents as necessary. |
Driver is Local/Remote |
Select one of the following: Local: Runs the driver shim from the server holding the driver set. Remote: Runs the driver from a remote server using the Remote Loader. If you specify this option, click Next, then specify Remote Loader configuration information. For more information, see "Setting Up Remote Loaders" in the Novell Nsure Identity Manager 2 Administration Guide. |
(Conditional) Subscriber Channel fields NOTE: These fields are displayed only if you selected Subscriber Channel Only or Both Channels in the Driver Channels to Activate field. |
URL of the Remote Server: Specify the URL of the remote server and the port number that the server listens on, for example, http://137.66.10.13:18180/soap. The server is a software component that listens for, processes, and returns the results for valid requests. HINT: If you configure the driver to use SSL, the URL must begin with https rather than http. (Conditional) Authentication ID: If the remote server requires an authentication ID, specify it in the field. Otherwise leave the field empty. (Conditional) Authentication Password and Re-enter the Password: Specify the authentication password for the remote server if you specified an Authentication ID above. Otherwise, leave these fields empty. |
(Conditional) Publisher Channel fields NOTE: These fields are displayed only if you selected Publisher Channel Only or Both Channels in the Driver Channels to Activate field. |
Listening IP Address and Port: Specify the IP address of the server where the SOAP driver is installed and the port number that this driver listens on. You can specify 127.0.0.1 if there is only one network card installed in the server. Choose an unused port number on your server, for example, 127.0.0.1:18180. The driver listens on this address for requests, processes the requests, and returns a result. (Conditional) Authentication ID: Specify the authentication ID of the remote server to validate incoming requests. If the remote server does not send an Authentication ID, leave this field empty. (Conditional) Authentication Password and Re-enter the Password: Specify the authentication password of the remote server to validate incoming requests if you specified an Authentication ID above. Otherwise, leave these fields empty. |
Define security equivalences using the user object identified in Step 1.
Identify all objects that represent administrative roles and exclude them from replication.
Exclude the security-equivalence object (for example, DriversUser) that you specified in Step 2. If you delete the security-equivalence object, you have removed the rights from the driver. Therefore, the driver can't make changes to Identity Manager.
Click Finish.
Configure additional settings for the driver.
For more information, see Configuring the Driver.