This section explains how to add your Identity Server to a cluster and how to configure the cluster to communicate with the LDAP server and use its authentication credentials.
What you need to know |
Example |
Your Value |
|
---|---|---|---|
LDAP server information: |
|
|
|
DN of the administrator |
cn=admin,o=novell |
______________________ |
|
|
Password of the administrator |
novell |
_______________________ |
|
IP address of the LDAP server |
10.10.10.16 |
______________________ |
|
DN of the user container |
o=novell |
______________________ |
DNS name of the Identity Server |
ipda.test.novell.com |
______________________ |
|
Names you need to create: |
|
|
|
|
Identity Server cluster name |
idpa |
______________________ |
|
User store name |
User Store |
_______________________ |
|
Replica name |
User Store Replica |
_______________________ |
|
Alias certificate name |
UserStoreRoot |
_______________________ |
Organization information for the Identity Server cluster: |
|
|
|
|
Name |
Access Manager |
________________________ |
|
Display name |
Access Manager 3 |
________________________ |
|
URL |
ipda.am3sp3.com |
________________________ |
For more information, see |
In the Administration Console, click the
task.Click
.Specify a name such as idpa, select your Identity Server, then click .
Configure the Base URL of the Identity Server, using the DNS name of the Identity Server:
http://idpa.test.novell.com:8080/nidp
Click
, then configure the organization information.Name: Access Manager
Display name: Access Manager 3
URL: ipda.am3sp3.com
Click
, then configure the user store:Name: User Store
Admin name: cn=admin,o=novell
Admin password: novell
Confirm password: novell
Directory Type: Select a type from the drop-down menu.
In the
section, click , then fill in the following fields:Name: User Store Replica
IP Address: 10.10.10.16
Use secure LDAP connections: Select this option.
Auto import trusted root: Click this link, follow the prompts, and specify UserStoreRoot for the alias.
Click
, then make sure the Validation Status of the replica displays a green check mark. If it is red, you have a configuration error:Check the distinguished name of the admin user, the password, and the IP address of the replica.
Check for network communication problems between the Identity Server and the LDAP server.
In the
section, click , then specify the following:Search context: o=novell
Scope: Subtree
Click
> , then restart Tomcat as prompted.Wait for the health status of the Identity Server to turn green, then verify the configuration:
Enter the Base URL of the Identity Server in a browser.
http://idpa.test.novell.com:8080/nidp
Log in using the credentials of a user in the LDAP server.
The user portal appears.
If the URL returns an error rather than displaying a login page, verify the following:
The browser machine can resolve the DNS name of the Identity Server.
The browser machine can access the port.
IMPORTANT:Please provide feedback on this document by using the
link at the bottom of each page. We need to know whether it provides the right amount of information (too much? too little?) to get the Identity Server configured.