Novell Doc: Identity Manager 4.0 Driver for GroupWise Implementation Guide

A.1 Driver Configuration

In iManager:

Click to display the Identity Manager Administration page.
Open the driver set that contains the driver whose properties you want to edit:
1. In the Administration list, click Identity Manager Overview.
2. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.
3. Click the driver set to open the Driver Set Overview page.
Locate the driver icon, then click the upper right corner of the driver icon to display the Actions menu.
Click Edit Properties to display the driver’s properties page.

By default, the Driver Configuration page is displayed.

In Designer:

Open a project in the Modeler.
Right-click the driver icon or line, then select click Properties > Driver Configuration.

The Driver Configuration options are divided into the following sections:

A.1.1 Driver Module

The driver module changes the driver from running locally to running remotely or the reverse.

Table A-1 Driver Modules

Option	Description
Java	Used to specify the name of the Java class that is instantiated for the shim component of the driver. This class can be located in the classes directory as a class file, or in the lib directory as a .jar file. If this option is selected, the driver is running locally. The name of the driver’s Java class is: com.novell.gw.dirxml.driver.gw.GWdriverShim
Native	This option is not used with the GroupWise driver.
Connect to Remote Loader	Used when the driver is connecting remotely to the connected system. Designer includes two suboptions: Driver Object Password: Specifies a password for the Driver object. If you are using the Remote Loader, you must enter a password on this page. Otherwise, the remote driver does not run. The Remote Loader uses this password to authenticate itself to the remote driver shim. Remote Loader Client Configuration for Documentation: Includes information on the Remote Loader client configuration when Designer generates documentation for the driver.

Option

Description

Java

Used to specify the name of the Java class that is instantiated for the shim component of the driver. This class can be located in the classes directory as a class file, or in the lib directory as a .jar file. If this option is selected, the driver is running locally.

The name of the driver’s Java class is:

com.novell.gw.dirxml.driver.gw.GWdriverShim

Native

This option is not used with the GroupWise driver.

Connect to Remote Loader

Used when the driver is connecting remotely to the connected system. Designer includes two suboptions:

Driver Object Password: Specifies a password for the Driver object. If you are using the Remote Loader, you must enter a password on this page. Otherwise, the remote driver does not run. The Remote Loader uses this password to authenticate itself to the remote driver shim.
Remote Loader Client Configuration for Documentation: Includes information on the Remote Loader client configuration when Designer generates documentation for the driver.

A.1.2 Driver Object Password

Table A-2 Driver Object Password

Option	Description
Driver Object Password	Use this option to set a password for the driver object. If you are using the Remote Loader, you must enter a password on this page or the remote driver does not run. This password is used by the Remote Loader to authenticate itself to the remote driver shim.

A.1.3 Authentication

The authentication section stores the information required to authenticate to the connected system.

Table A-3 Authentication Parameters

Option	Description
Authentication ID or User ID	Specify a user application ID. This ID is used to pass Identity Vault subscription information to the application. Example: Administrator
Authentication Context or Connection Information	This option is not used with the GroupWise driver.
Remote Loader Connection Parameters or Host name Port KMO Other parameters	Used only if the driver is using the Remote Loader. The parameter to enter is hostname=xxx.xxx.xxx.xxx port=xxxx kmo=certificatename, when the host name is the IP address of the the Remote Loader server and the port is the port the Remote Loader is listening on. The default port for the Remote Loader is 8090. The kmo entry is optional. It is only used when there is an SSL connection between the Remote Loader and the Metadirectory engine. Example: hostname=10.0.0.1 port=8090 kmo=IDMCertificate
Driver Cache Limit (kilobytes) or Cache limit (KB)	Specify the maximum event cache file size (in KB). If it is set to zero, the file size is unlimited. Click Unlimited to set the file size to unlimited in Designer.
Application Password or Set Password	Specify the password of the user listed in the Username field. The same username and password must also be configured on both the servers containing the GroupWise driver and the GroupWise primary domain.
Remote Loader Password or Set Password	Used only if the driver is using the Remote Loader. The password is used to control access to the Remote Loader instance. It must be the same password specified during the configuration of the Remote Loader on the connected system.

Option

Description

Authentication ID

User ID

Specify a user application ID. This ID is used to pass Identity Vault subscription information to the application.

Example: Administrator

Authentication Context

Connection Information

This option is not used with the GroupWise driver.

Remote Loader Connection Parameters

Host name

Port

KMO

Other parameters

Used only if the driver is using the Remote Loader. The parameter to enter is hostname=xxx.xxx.xxx.xxx port=xxxx kmo=certificatename, when the host name is the IP address of the the Remote Loader server and the port is the port the Remote Loader is listening on. The default port for the Remote Loader is 8090.

The kmo entry is optional. It is only used when there is an SSL connection between the Remote Loader and the Metadirectory engine.

Example: hostname=10.0.0.1 port=8090 kmo=IDMCertificate

Driver Cache Limit (kilobytes)

Cache limit (KB)

Specify the maximum event cache file size (in KB). If it is set to zero, the file size is unlimited.

Click Unlimited to set the file size to unlimited in Designer.

Application Password

Set Password

Specify the password of the user listed in the Username field. The same username and password must also be configured on both the servers containing the GroupWise driver and the GroupWise primary domain.

Remote Loader Password

Set Password

Used only if the driver is using the Remote Loader. The password is used to control access to the Remote Loader instance. It must be the same password specified during the configuration of the Remote Loader on the connected system.

A.1.4 Startup Option

The Startup Option section allows you to set the driver state when the Identity Manager server is started.

Table A-4 Startup Options

Option	Description
Auto start	The driver starts every time the Identity Manager server is started.
Manual	The driver does not start when the Identity Manager server is started. The driver must be started through Designer or iManager.
Disabled	The driver has a cache file that stores all of the events. When the driver is set to Disabled, this file is deleted and no new events are stored in the file until the driver state is changed to Manual or Auto Start.
Do not automatically synchronize the driver	This option only applies if the driver is deployed and was previously disabled. If this is not selected, the driver re-synchronizes the next time it is started.

A.1.5 Driver Parameters

The Driver Parameters section lets you configure the driver-specific parameters. When you change driver parameters, you tune driver behavior to align with your network environment.

The parameters are presented by category:

Table A-5 Driver Settings

Option	Description
Domain Server	Specify the name or IP address of the server where the GroupWise domain database (wpdomain.db) resides. Using the primary domain database is recommended. Leave this field blank when the GroupWise domain database is on the same physical server as this driver. You can use the hostname, DNS name, or IP address of the server.
Domain Path	Enter the path to the directory containing the GroupWise domain database (wpdomain.db). Using the primary domain database is recommended. The domain path format is different, depending upon where the driver is located relative to the domain database: Driver and database on same server: Windows example: c:\Novell\GroupWise\Domain Linux example: /Novell/GroupWise/Domain Driver and database on different servers: Windows example: c$\Novell\GroupWise\Domain These are only examples of path formats. Your actual path will probably be different.
Enforce Admin Lockout Setting	Enforces the Minimum Snap-in Release Version and the Minimum Snap-in Release Date set in the Admin Lockout Settings tab of System Preferences in ConsoleOne. If the domain to which the driver connects has overridden these settings, the domain settings are used. This means that the GroupWise driver must be running with GroupWise support files equal to or later than these settings. Select True to enable this lockout setting, or select False to disable this lockout setting.
Create Nicknames	Select True if you want the driver to create GroupWise nicknames when GroupWise accounts are renamed or moved to another post office.
Reassign Resource Ownership	Select True if you want the driver to reassign ownership of resources when the GroupWise accounts are disabled or expired.
Default Resource Owner User ID	Specify the default user who becomes the new owner of resources that are reassigned.
GroupWise Domain Database version	Specify the version of the GroupWise Domain database version the driver connects to. The options are: GroupWise 8 GroupWise 7 GroupWise 6.5
Cleanup Group Membership	Cleans up Identity Vault Group memberships when removing a user from all GroupWise Distribution Lists. Select True or False.

Table A-6 Publisher Settings

Option	Description
Publisher Heartbeat Interval	Specifies the Publisher channel heartbeat interval in minutes. Specify 0 to disable the heartbeat.

Table A-7 Supported Combinations of GroupWise Driver and GroupWise Domain

Setup	Fields Needed	Description
GroupWise driver shim is on Linux, the GroupWise primary domain is on the same Linux server as the driver.	Primary Domain Path	The path to the directory containing the GroupWise primary domain database (wpdomain.db). Example: /novell/groupwise/domain
GroupWise driver shim is on a Windows server, the GroupWise primary domain is on the same Windows server as the driver.	Primary Domain Path	The path to the directory containing the GroupWise primary domain database (wpdomain.db). Example: c:\Novell\GroupWise\Domain
GroupWise driver shim is on a Windows server, the GroupWise primary domain is on a different Windows server from the driver.	Primary Domain Server	The name or address of the server containing the GroupWise primary domain database (wpdomain.db). Example: hostname - the name of the remote Windows server. or hostname.com - the DNS name of the remote Windows server. or ###.###.###.### - the IP address of the remote Windows server.
	Primary Domain Path	The path to the directory containing the GroupWise primary domain database (wpdomain.db). Example: c$\Novell\GroupWise\Domain
	Authentication ID	The user name this driver uses to authenticate to the remote Windows server that contains the GroupWise domain database. It must be the name of a user account on the remote Windows server. The same username and password must also be configured on both Windows servers.
	Application Password	The password of the user specified above.

IMPORTANT:The GroupWise driver cannot find the GroupWise primary domain database if values are entered for the Primary Domain Server, Authentication ID, and the Application Password fields when they are not needed (see Table A-7 for more information).