This section explains the process for adding support for Identity Manager Password Synchronization to existing driver configurations.
IMPORTANT:If a driver is being used with Password Synchronization 1.0, you should complete this section only as part of Section 9.2, Upgrading Password Synchronization 1.0 to Password Synchronization Provided with Identity Manager, not alone.
The following is an overview of the tasks you must complete, using the procedure in this section:
Add driver manifest, global configuration values, and password synchronization policies to the driver configuration. For a list of the policies you add, see Policies Required in the Driver Configuration
in the Novell Identity Manager 3.5.1 Administration Guide.
Change the Filter to allow the nspmDistributionPassword attribute to be synchronized.
Make sure you have converted your existing driver to Identity Manager format, as described in Upgrading a Driver Configuration from DirXML 1.1a to Identity Manager 3.5.1 Format
in the Novell Identity Manager 3.5.1 Administration Guide.
Create a backup of your existing driver by exporting the driver.
Make sure you have installed the new driver shim. Some password synchronization features such as Check Password Status won’t work without the Identity Manager driver shim.
In iManager, click > .
The Import Driver Wizard opens.
Select the driver set where your existing driver resides.
In the list of driver configurations that appears, select (it is listed under ), then click .
A list of import prompts appears.
Select your existing driver to update.
Answer three prompts about the capabilities of the driver and the connected system.
Whether the connected system can provide passwords to Identity Manager.
Whether the connected system can accept passwords from Identity Manager
Whether the connected system can check a password to see if it matches the password in Identity Manager.
If you are uncertain which answers to give, check the settings that are provided with the Identity Manager sample configurations for your driver type. You could also create a temporary driver with the Identity Manager driver configurations, and view the settings in the driver manifest for that driver.
Click , then select to update everything about the driver.
This option gives you the driver manifest, global configuration values (GCVs), and password policies necessary for password synchronization.
The driver manifest and GCVs overwrite any values that already exist, but because these kinds of driver parameters are new in Identity Manager, there should be no existing values to overwrite.
The password policies don’t overwrite any existing policy objects; they are simply added to the driver object.
NOTE:If you do have driver manifest or GCV values that you want to save, choose the option named for that driver, and select the check boxes for all the policies. This option imports the password policies but does not change the driver manifest or GCVs.
Click, then click to complete the wizard.
At this point, the new policies have been created as policy objects under the driver object, but are not yet part of the driver configuration. To link them in, you must manually insert each of them at the right point in the driver configuration on the Subscriber and Publisher channels.
Insert each of the new policies into the correct place in your existing driver configuration. If there are multiple policies in a policy set, make sure these password synchronization policies are listed last.
The list of the policies and where to insert them is in Policies Required in the Driver Configuration
in the Novell Identity Manager 3.5.1 Administration Guide.
Use the following procedure. Repeat these steps for each policy.
Click > . Select the driver set for the driver you are updating.
Click the driver you just updated.
A page opens showing a graphical representation of the driver configuration.
Click the icon for the place where you need to add one of the new policies.
Click to add the new policy. In the Insert page that appears, click , browse for and select the new policy object, then click .
If you have more than one policy in the list for any of the new policies, use the arrow buttons to move the new policies to the correct location in the list. Make sure the policies are in the order listed in Policies Required in the Driver Configuration
in the Novell Identity Manager 3.5.1 Administration Guide.
Change the filter for the driver to allow the nspmDistributionPassword attribute to be synchronized.
Install new Password Synchronization filters and configure them if you want the connected system to provide user passwords to Identity Manager. See Section 9.5, Setting Up Password Synchronization Filters.
At this point, the driver has the new driver shim, Identity Manager format, and the other pieces that are necessary to support password synchronization: driver manifest, GCVs, password synchronization policies, and filters. Now you can specify how you want passwords to flow to and from connected systems, using the Password Synchronization interface in iManager.
Set up the scenario for Password Synchronization that you want to use, using the Password Policies and the Password Synchronization settings for the driver. See Implementing Password Synchronization
in the Novell Identity Manager 3.5.1 Administration Guide.
Repeat this procedure for all the drivers that you want to participate in password synchronization.