The following sections provide steps for using Designer to create and configure a new Sentinel driver. For information about using iManager to accomplish these tasks, see Section 4.2, Using iManager to Create and Configure the Driver.
Importing the Sentinel driver configuration file creates the driver in the Identity Vault and adds the policies needed to make the driver work properly.
Verify that you have updated Designer. For more information, see Installing the 3.0.1 Designer Auto Update.
In Designer, open your project.
In the Modeler, right-click the driver set where you want to create the driver, then select
to display the Driver Configuration Wizard.In the Driver Configuration list, select
, then click .On the Import Information Requested page, fill in the following fields:
Driver Name: Specify a name that is unique within the driver set.
Broker Type: Select the type of broker you are using. The broker type is determined by the version of Sentinel you are using.
Sentinel:
Sentinel RD:
Broker URL: Specify the IP address of the Sentinel broker. The following are examples for the different versions of Sentinel. The ports listed are the default ports for the brokers.
Sentinel: tcp://brokeripaddress:10012
Sentinel RD: ssl://brokeripaddress:61616
Broker Username: Specify the username used to authenticate to this broker. If you are connecting to a Sentinel system, use a random username. If you are connecting to a Sentinel RD system, you must use the username and password contained in the ../config/activemqusers.properties file. The username is collectormanager.
Broker Password: Specify the password of the user used to authenticate to the broker. If you are connecting to a Sentinel RD system, the password is located in the ../config/activemqusers.properties file.
Driver is Local/Remote: Select
if this driver will run on the Metadirectory server without using the Remote Loader. Select if you want the driver to use the Remote Loader, either locally on the Metadirectory server or remotely on another server.(Conditional) If you chose to run the driver remotely, click Step 7.
, then fill in the fields listed below. Otherwise, skip toRemote Host Name and Port: Specify the hostname or IP address of the server where the driver’s Remote Loader is running.
Driver Password: Specify the driver object password that is defined in the Remote Loader. The Remote Loader requires this password to authenticate to the Metadirectory server.
Remote Password: Specify the Remote Loader’s password (as defined on the Remote Loader). The Metadirectory engine (or Remote Loader shim) requires this password to authenticate to the Remote Loader.
Click
to import the driver configuration.Click
to make additional configuration changes, or click to finish.If you require additional configuration for the driver, click Section A.0, Driver Properties.
to open the properties page of the driver. This is where the driver parameters are stored. For detailed information about all driver parameters, seeThe information specified on the Import Information Requested page is the minimum information required to import the driver. However, the base configuration might not meet your needs.
You might need to change whether the driver is running locally or remotely.
You might need to change which broker the driver connects to.
The driver configuration settings are explained in Section A.0, Driver Properties.
If you need to do additional configuration for the driver, you must access the properties page of the driver. If you do not have the Driver Properties page displayed:
In Designer, open your project.
In the Modeler, right-click the driver icon or the driver line, then select
.This opens the properties page for the driver.
After a driver is created in Designer, it must be deployed into the Identity Vault, because Designer is an offline tool. Plus, additional configuration procedures must be completed for the driver to work.
In Designer, open your project.
In the Modeler, right-click the driver icon or the driver line, then select
.If you are authenticated to the Identity Vault, skip to Step 5; otherwise, specify the follow information to authenticate:
Host: Specify the IP address or DNS name of the server hosting the Identity Vault.
Username: Specify the DN of the user object used to authenticate to the Identity Vault.
Password: Specify the user’s password.
Click
.Read through the deployment summary, then click
.Read the successful message, then click
.Click
to assign rights to the driver.The driver requires rights to objects within the Identity Vault. The Admin user object is most often used to supply these rights. However, you might want to create a DriversUser (for example) and assign security equivalence to that user. Whatever rights that the driver needs to have on the server, the DriversUser object must have the same security rights.
Click
, then browse to and select the object with the correct rights.Click
twice.Click
to exclude users that should not be synchronized.You should exclude any administrative User objects (for example, Admin and DriversUser) from synchronization.
Click
.There is additional configuration that must be completed before you start the Sentinel driver.
(Conditional) The connection factories must be created for Sentinel 6.1. Sentinel RD automatically creates the connection factories.
(Conditional) The SonicMQ message queues must be created, if you are using Sentinel 6.1. Sentinel RD automatically creates the messages queues for ActiveMQ.
The Identity Vault Collector must installed and configured.
See Section 5.0, Configuring Account Tracking for instructions on how to create the connection factories and message queues. For the Identity Vault Collector installation instructions, see Section 7.0, Installing and Configuring the Identity Vault Collector.
After the driver is created, you must start the driver. Identity Manager is an event-driven system, so after the driver is started, it waits for events for events to occur.
IMPORTANT:The Identity Vault collector must be started before the driver is started. When the collector starts, the JNDI destinations are created. The driver looks for the JNDI destinations when it starts and if they do not exist, the driver cannot start. To start the collector, see Section 7.5, Starting the Collector.
To start the driver after the additional configuration is completed and the Identity Vault Collector is created:
In Designer, open your project.
In the Modeler, right-click the driver icon or the driver line, then select
.For information about management tasks with the driver, see Section 10.0, Managing the Driver.