5.1 Creating and Configuring the Driver

The Identity Manager Driver for SIF comes with a driver configuration file named SIFAgent-IDM3_5_0-V1.xml.

You use a wizard to create a new Driver object based on this configuration file. When you import the configuration file to create or upgrade a driver object, only a few prompts are presented. Most of the driver configuration is done after you import, on the Global Configuration Values page for the driver.

5.1.1 Prerequisites

  • You have installed Identity Manager and the Identity Manager Driver for SIF on the Identity Vault server, and installed the Identity Manager plug-ins and the driver configuration files on the iManager Web server, as explained in Section 3.2, Installing the Identity Manager Driver for SIF.

  • You restarted NetWare® (for a NetWare server) or eDirectory™ (for a Windows server) after installing the driver.

  • You have followed the instructions in Planning to complete the following tasks:

    • Identify or create the Identity Vault objects you need: the necessary containers for your students and staff, the Incomplete and Disabled containers, and the Template objects.

      In the driver configuration, you need to specify the DN for these objects.

    • Gather the other information you need for setting up the driver configuration, as explained in Section 2.7, Gathering Information for the Driver Configuration.

5.1.2 Importing the Driver Configuration File in Designer

Designer allows you to import the basic driver configuration file for SIF. This file creates and configures the objects and policies needed to make the driver work properly. The following instructions explain how to create the driver and import the driver’s configuration.

There are many different ways of importing the driver configuration file. This procedure only documents one way.

  1. Open a project in Designer and in the modeler, right-click the Driver Set object and select New > Driver.

  2. Browse to and select the SIF driver from the drop-down list, then click Run.

  3. Configure the driver by filling in the fields. Specify information specific to your environment. For information on the settings, see Table 5-1 for more information.

  4. After specifying parameters, click Finish to import the driver.

  5. After the driver is imported, customize and test the driver.

  6. After the driver is fully tested, deploy the driver into the Identity Vault. See Deploying a Driver to an Identity Vault in the Designer 2.1 for Identity Manager 3.5.1 .

5.1.3 Importing the Driver Configuration File in iManager

The SIF preconfiguration file is an example configuration file. You installed this file when you installed the Identity Manager Web components on an iManager server. Think of the preconfiguration file as a template that you import and customize or configure for your environment.

  1. In iManager, select Identity Manager Utilities > Import Configurations.

  2. Select a driver set, then click Next.

    Selecting the Driver Set

    If you place this driver in a new driver set, you must specify a driver set name, context, and associated server.

  3. Select how you want the driver configurations sorted:

    • All configurations

    • Identity Manager 3.5 configurations

    • Identity Manager 3.0 configurations

    • Configurations not associated with an IDM version

  4. Select the SIF driver, then click Next.

    SIF Driver

  5. Configure the driver by filling in the configuration parameters, then click Next. For information on the settings, see Table 5-1.

  6. Define security equivalences, using a user object that has the rights that the driver needs to have on the server

    The tendency is to use the Admin user object for this task. However, you might want to create a DriversUser (for example) and assign security equivalence to that user. Whatever rights that the driver needs to have on the server, the DriversUser object must have the same security rights.

  7. Identify all objects that represent administrative roles and exclude them from replication.

    Exclude the security-equivalence object (for example, DriversUser) that you specified in Step 6. If you delete the security-equivalence object, you have removed the rights from the driver. Therefore, the driver can’t make changes to Identity Manager.

  8. Click Finish.

5.1.4 Configuration Parameters

The following table explains the parameters you must provide during initial driver configuration.

Table 5-1 Configuration Parameters for the SIF Driver

Field Name

Description

Driver name

Specify the name you want to use for the driver object in the Identity Vault.

Sif Agent Name

Specify the name this driver uses to register as a SIF Agent with the Zone Integration Server (ZIS). The driver must have a Zone-unique, case-sensitive name.

We recommend that you use the default name, Novell Identity Manager.

You need to coordinate with the ZIS administrator to make sure that the same name is used when configuring the ZIS, as described in Configuring the ZIS to Recognize the Driver.

Sif Specification version

Specify the SIF Specification version you want this driver to use, either SIF Specification 1.1, or SIF Specification 1.5r1.

Manage preexisting eDirectory users

The SIF Driver can match students and staff in the Student Information System (SIS) with preexisting Identity Vault users only if the eDirectory user attribute DirXML-sifSISID contains the student’s or staff’s ID number.

Specify Yes if one of the following is true:

  • You want to manage preexisting Identity Vault users, and the DirXML-sifSISID is set on all users.

  • No users currently exist in the Identity Vault.

Otherwise, specify No.

If Yes is specified, the Migrate into Identity Vault command can be used to add or update all SIF users into the Identity Vault.

If No is specified, the Migrate into Identity Vault command is ignored to prevent duplicate users from being created in the Identity Vault.

This field does not apply to users added to the Identity Vault by this driver. Identity Manager can always match these Identity Vault users with Student Information System users, and these Identity Vault users are always kept current with changes from the Student Information System.

For more information on how to make this decision, see Section 5.4, Synchronizing the Identity Vault the First Time.

Driver is Local/Remote

Specify whether to run the driver locally or using Remote Loader.

If you specify Remote, then click Next, another page presents a few more items for you to specify regarding Remote Loader configuration.

For information about running the driver remotely, see Deciding Whether to Use the Remote Loader in the Novell Identity Manager 3.5.1 Administration Guide .

5.1.5 Post-Configuration Tasks

  1. After you create the Driver object, configure settings such as the containers to use for students and staff.

    1. In iManager, click Identity Manager > Identity Manager Overview. Search for and select the driver set.

    2. Browse to and click the driver icon, then in the next page, click the driver icon again.

  2. Click the Global Config Values tab, then specify the desired settings. Some of them were specified when creating the driver object; for those items you can simply review the settings to make sure they are correct. See Section B.2, Global Configuration Values for a detailed list of all of the fields.

  3. Follow the instructions in Section 5.2, Preparing the ZIS and the Student Information System to configure the ZIS to recognize the driver as a SIF Agent.