After the driver is installed, it must be imported and configured. You can import the driver through Designer or iManager.
Designer allows you to import the basic driver configuration file for the SAP User application. This file creates and configures the objects and policies needed to make the driver work properly. The following instructions explain how to create the driver and import the driver’s configuration.
There are many different ways of importing the driver configuration file. This procedure only documents one way.
Open a project in Designer. In the Modeler, right-click the driver set and select
.From the drop-down list, select
then click .Configure the driver by filling in the fields. Specify information for your environment. For information on the settings, see Section 2.4.3, Configuration Information.
After specifying parameters, click
to import the driver.After the driver is imported, customize and test the driver.
After the driver is fully tested, deploy the driver into the Identity Vault. See Deploying a Driver to an Identity Vault
in the Designer 2.1 for Identity Manager 3.5.1.
The Create Driver Wizard helps you import the basic driver configuration file. This file creates and configures the objects and policies needed to make the driver work properly.
The following instructions explain how to create the driver and import the driver’s configuration.
In Novell iManager, click
> .Select a driver set, then click
.If you place this driver in a new driver set, you must specify a driver set name, context, and associated server.
Select how you want the driver configurations sorted:
All configurations
Identity Manager 3.5 configurations
Identity Manager 3.0 configurations
Configurations not associated with an IDM version
Select
, then click .Specify the driver’s parameters (refer to Section 2.4.3, Configuration Information for details), then click to import the driver.
Define security equivalences using a user object that has the rights that the driver needs to have on the server, then click
.The tendency is to use the Admin user object for this task. However, you might want to create a DriversUser (for example) and assign security equivalence to that user. Whatever rights that the driver needs to have on the server, the DriversUser object must have the same security rights.
Identify all objects that represent administrative roles and exclude them from replication, then click
.Exclude the security-equivalence object (for example, DriversUser) that you specified in Step 6. If you delete the security-equivalence object, you have removed the rights from the driver, and the driver can’t make changes to Identity Manager.
Review the driver objects in the Summary page, then click
.As you import the driver configuration file, you will be prompted for the following information, depending on the configuration selections you made.
The following additional driver parameters are set to default values during the import process, but they can be modified in iManager (by clicking the Driver Configuration tab on the driver object.)
If you want to use the default configuration, you need to extend the eDirectory schema. This provides greater abilities to administrate the User Management functions of SAP R/3 and Enterprise R/3 systems. We recommend applying a set of schema extensions to the eDirectory tree that will synchronize with the SAP system.
During SAP’s development of their own LDAP-based User Administration utilities, a standard set of schema extensions was developed for use with Novell eDirectory. These extensions are contained in the R3-Novell-Ldif-Schema-extension.ldif file. This file is designed to be applied to eDirectory by using the Novell Import Conversion Export (ICE) utility.
In addition to the ldif-format schema extension file, the schema extensions are also available in the sapuser.sch file (the eDirectory standard).
NOTE:Starting with version 1.0.5 of the driver, the sapUsername attribute is no longer a required attribute of the sapAddOnUM auxiliary class in the sapuser.sch file. Because the R3-Novell-Ldif-Schema-extension.ldif file was created by SAP, this attribute remains a required attribute in that file. It is recommended that sapuser.sch should be used for all new deployments requiring schema extension.
IMPORTANT:If you are upgrading an existing driver deployment, the sapuserupgrade.sch or sapuserupgrade.ldif files contain only the updated schema for new functionality provided with driver version 1.0.5 and later.
If you want to extend the schema using the LDIF file, the following instructions help you use the ICE utility. For additional information, refer to the Import Conversion Export utility documentation.
Open the NDS Import/Export Wizard.
Select
, then click .Browse to R3-Novell-Ldif-Schema-extension.ldif, then click .
Fill in the appropriate LDAP connection information for the Novell LDAP service, then click
.Click
to begin the extension process.