Identity Manager Configuration - eDirectory Server

The suggested configuration for NCL is presented here. For more information on custom configuration, see the Identity Manager 2 Administration Guide located on CD 2 - NCL Client Components in the \documentation directory.


Creating a Container on eDirectory for the Active Directory User Objects

You need to create a container on the eDirectoryTM server to house the Active Directory User objects. You will point to this container when you migrate the Active Directory User objects into eDirectory.

  1. Launch iManager.

  2. Click eDirectory Administration > Create Object.

  3. Select Organization, then click OK.

  4. Specify a name for the container (for example, ADUsers).

  5. Browse for and select a context for the container, then click OK.


Configuring Identity Manager on the eDirectory Server

  1. Launch iManager.

  2. Click DirXML Management > Overview.

  3. Create a new driver in the new driver set.

  4. Type the driver name, context, and the DNS name of the eDirectory server.

  5. Deselect Create New Partition.

  6. Import a driver configuration by selecting ActiveDirectory.XML.

  7. Specify the following driver configuration information:

    Driver Configuration Parameter Value

    Driver name

    Active Directory

    Authentication Method

    Negotiate

    Authentication ID

    Active Directory Administrator ID

    Authentication Password

    Active Directory Administrator Password

    Authentication Server

    DNS of AD server

    Example: computer_name.domain.com

    Domain Name

    LDAP Distinguished name of AD server domain

    Domain DNS Name

    Domain name of AD server domain

    Driver Polling Interval

    1

    Password Synch Timeout

    5

    Base Container in eDirectory

    NCP Name of Container in eDirectory

    This is the container you created in Creating a Container on eDirectory for the Active Directory User Objects.

    Base Container in Active Directory

    LDAP Distinguished Name of Container in Active Directory

    There is the base container where you want the user migration to start from.

    Data Flow

    AD to eDirectory

    Publisher Placement

    Mirrored

    Subscriber Placement

    Mirrored

    Password Failure Notification

    [Leave blank]

    Support Exchange

    No

    Enable Entitlements

    No

    Driver is Local/Remote

    For NCL, select Remote.

    Follow steps in Configuring DirXML Drivers for Use with Remote Loaders.


Configuring DirXML Drivers for Use with Remote Loaders

You can configure a new driver or enable an existing driver to communicate with the Remote Loader. This section provides general information on configuring new or existing drivers so that they communicate with the Remote Loader. For additional and driver-specific information, refer to the the relevant driver implementation guide.


Importing and Configuring a New Driver

  1. Scroll to the bottom of the configuration options, select Remote from the drop-down list, then click Next.


    The Remote option

  2. Type a remote hostname and port.


    Edit boxes to type a remote host name and port

  3. Type and retype a password for the Driver object.


    Edit boxes to type the Driver object password

  4. Type and retype the Remote Loader password, then click Next.


    Edit boxes to type the Remote Loader password

  5. Define a security-equivalent user, then click Next > Finish.

    The security-equivalent user must have Create and Modify rights to the container that will house the migrated User objects. Otherwise, the migration will not create the User objects in the eDirectory tree. You can use Admin as the security-equivalent user since Admin already has Create and Modify rights to the containers in the tree.