You can import the basic driver configuration file for the LDAP driver by using Designer. This basic file creates and configures the objects and policies needed to make the driver work properly.
The following procedure explains one of several ways to import the sample configuration file:
Open a project in Designer.
In the Modeler, right-click the Driver Set object, then select .
From the drop-down list, select , then click .
Click in the Perform Prompt Validation window.
Configure the driver by filling in the fields.
Specify information specific to your environment. See Table 4-1.
After specifying parameters, click to import the driver.
Customize and test the driver.
Deploy the driver into the Identity Vault.
See Deploying and Exporting
in the Designer 2.1 for Identity Manager 3.5.1 guide.
Table 4-1 Settings for the LDAP Driver
|
Field |
Description |
|---|---|
|
|
The object name to be assigned to this driver, or the existing driver for which you want to update the configuration. |
|
|
With the Simple placement option, new User objects created in the LDAP directory are placed in the container in an Identity Vault that you specify when importing the driver configuration. The user object is named with the value of cn. With the Mirror placement option, new User objects created in the LDAP directory are placed in the Identity Vault container that mirrors the object's LDAP container. |
|
|
The container in an Identity Vault where new users should be created. If this container doesn’t exist, you must create it before you start the driver. For the LDAPMirrorSample.xml configuration, this directory is the starting point for the driver’s Placement policy. Subordinate containers should be named the same as the subordinate containers in the LDAP mirror container. For the Flat configuration, this container houses all User objects. |
|
|
The container in the LDAP directory where new users should be created. If this container doesn’t exist, you must create it before you start the driver. For the Flat configuration, this directory is the starting point for the driver’s Placement policy. For the LDAPSimplePlacementSample.xml configuration, this container houses all User objects. |
|
|
The hostname or IP address and port of the LDAP server. |
|
|
Specify the LDAP DN of the administrator account created for the LDAP driver. |
|
|
The password for the LDAP driver administrator account. You confirm the password by re-entering it in the next field. This is the required password for the authenticated user. If the LDAP driver uses Directory Manager exclusively, the default authenticated user works well. However, if this user is used for any other purpose, you should probably change the default after you get the driver running. See Creating an LDAP User Object with Authentication Rights. |
|
|
Encrypts LDAP protocol communications. |
|
|
|
|
|
Configure the driver for use with the Remote Loader service by selecting , or select to configure the driver for local use. |
|
|
Specify the host name or IP address and port number where the Remote Loader Service has been installed and is running for this driver. The default port is 8090. |
|
|
The Remote Loader uses the Driver object password to authenticate itself to the Metadirectory server. The Driver object password must be the same password that is specified as the Driver object password on the Identity Manager Remote Loader. |
|
|
This password is used only in the Remote Loader configuration. It allows the Remote Loader to authenticate to the Metadirectory engine. The Remote Loader password is used to control access to the Remote Loader instance. The Remote Loader password must be the same password that is specified as the Remote Loader password on the Identity Manager Remote Loader. |
|
|
Sends an e-mail notification to a specified user when a password fails. |
|
|
Choose Yes or . Because this is a design decision, you should understand entitlements before choosing to use it. For information about entitlements, see |