This section explains how to add your Identity Server to a cluster and how to configure the cluster to communicate with the LDAP server and use its authentication credentials.
Table 2-1 Identity Server Configuration Information
What you need to know |
Example |
Your Value |
|
---|---|---|---|
LDAP server information: |
|
|
|
DN of the administrator |
cn=admin,o=novell |
______________________ |
|
|
Password of the administrator |
novell |
_______________________ |
|
IP address of the LDAP server |
10.10.10.16 |
______________________ |
|
DN of the user container |
ou=users,o=novell |
______________________ |
DNS name of the Identity Server |
idpa.test.novell.com |
______________________ |
|
Names you need to create: |
|
|
|
|
Identity Server cluster name |
idpa |
______________________ |
|
User store name |
User Store |
_______________________ |
|
Replica name |
User Store Replica |
_______________________ |
|
Alias certificate name |
UserStoreRoot |
_______________________ |
Organization information for the Identity Server cluster: |
|
|
|
|
Name |
Access Manager |
________________________ |
|
Display name |
Access Manager 3 |
________________________ |
|
URL |
idpa.am.novell.com |
________________________ |
For more information, see |
In the Administration Console, click
> .Click
.Specify a name such as idpa, select your Identity Server, then click .
In Table 2-1, idpa is the Identity Server cluster name you created.
Configure the Base URL of the Identity Server, using the DNS name of the Identity Server:
http://idpa.test.novell.com:8080/nidp
In Table 2-1, this is the DNS name of the Identity Server with a port and /nipd.
Click
, then configure the organization information.Name: Access Manager
Display name: Access Manager 3
URL: idpa.am.novell.com
In Table 2-1, these three fields are the organization information you created for the Identity Server cluster.
Click
, then configure the user store:Name: User Store
In Table 2-1, User Store is the sample name for the user store.
Admin name: cn=admin,o=novell
In Table 2-1, this is the sample DN of the administrator for the LDAP server.
Admin password: novell
Confirm password: novell
In Table 2-1, these fields are the sample password for the administrator of the LDAP server.
Directory Type: Select a type from the drop-down menu.
In the
section, click , then fill in the following fields:Name: User Store Replica
In Table 2-1, User Store Replica is the sample name for the replica
IP Address: 10.10.10.16
In Table 2-1, this is the sample IP address of the LDAP server.
Use secure LDAP connections: Select this option.
Auto import trusted root: Click this link, follow the prompts, and specify UserStoreRoot for the alias.
In Table 2-1, UserStoreRoot is the sample alias certificate name.
Click
, then make sure the Validation Status of the replica displays a green check mark. If the check mark is red, you have a configuration error:Check the distinguished name of the admin user, the password, and the IP address of the replica.
Check for network communication problems between the Identity Server and the LDAP server.
In the
section, click , then specify the following:Search context: ou=users,o=novell
In Table 2-1, this is the sample DN of the user container.
Scope: Subtree
Click
> , then restart Tomcat as prompted.Wait for the health status of the Identity Server to turn green, then verify the configuration:
Enter the Base URL of the Identity Server in a browser.
http://idpa.test.novell.com:8080/nidp
Log in using the credentials of a user in the LDAP server.
The user portal appears.
If the URL returns an error rather than displaying a login page, verify the following:
The browser machine can resolve the DNS name of the Identity Server.
The browser machine can access to the port.