B.1 Driver Configuration

In Designer:

  1. Open a project in the Modeler, then right-click the driver line.

  2. Click Properties > Driver Configuration.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Select the eDirectory driver.

  3. Click the driver’s status indicator, in the upper right corner of the driver icon, then select Edit Properties.

    Figure B-2 The Edit Properties Option

  4. Click Driver Configuration.

To configure the eDirectory driver, set parameters on the following:

B.1.1 Driver Module

The driver module changes the driver from running locally to running remotely or the reverse.

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver line, then select Properties > Driver Configuration.

  3. Select the Driver Module tab.

    Option

    Description

    Java

    Used to specify the name of the Java class that is instantiated for the shim component of the driver. This class can be located in the classes directory as a class file, or in the lib directory as a .jar file. If this option is selected, the driver is running locally.

    Native

    Used to specify the name of the .dll file that is instantiated for the application shim component of the driver. If this option is selected, the driver is running locally.

    Connect to Remote Loader

    Used when the driver is connecting remotely to the connected system.

    Remote Loader Client Configuration for Documentation

    Includes information on the Remote Loader client configuration when Designer generates documentation for the Delimited Text driver.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Browse to the driver, then click the upper right corner of the driver icon.

  3. Click Edit Properties > Driver Configuration > Driver Module.

B.1.2 Driver Object Password

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver line, then click Properties > Driver Configuration.

  3. Click Driver Module > Connect to Remote Loader > Set Password.

    Option

    Description

    Driver Object Password

    Use this option to set a password for the Driver object. If you are using the Remote Loader, you must enter a password on this page. Otherwise, the remote driver does not run. The Remote Loader uses this password to authenticate itself to the remote driver shim.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Browse to the driver, then click the upper right corner of the driver icon.

  3. Click Edit Properties > Driver Configuration > Driver Object Password > Set Password.

B.1.3 Authentication

The authentication section stores the information required to authenticate to the connected system.

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver line, then select Properties > Driver Configuration.

  3. Click Authentication.

    Option

    Description

    Authentication information for server

    Displays or specifies the server that the driver is associated with.

    Authentication ID

    Specify a user application ID. This ID is used to pass Identity Vault subscription information to the application.

    Example: Administrator

    Authentication Context

    or

    Connection Information

    Specify the IP address or name of the server that the application shim should communicate with.

    Remote Loader Connection Parameters

    or

    Host name

    Port

    KMO

    Other parameters

    Used only if the driver is connecting to the application through the Remote Loader. The parameter to enter is hostname=xxx.xxx.xxx.xxx port=xxxx kmo=certificatename, when the host name is the IP address of the application server running the Remote Loader server and the port is the port the Remote Loader is listening on. The default port for the Remote Loader is 8090.

    The kmo entry is optional. It is used only when an SSL connection exists between the Remote Loader and the Metadirectory engine.

    Example: hostname=10.0.0.1 port=8090 kmo=IDMCertificate

    Driver Cache Limit (kilobytes)

    or

    Cache limit (KB)

    Specify the maximum event cache file size (in KB). If it is set to zero, the file size is unlimited.

    Click Unlimited to set the file size to unlimited in Designer.

    Application Password

    or

    Set Password

    Specify the password for the user object listed in the Authentication ID field.

    Remote Loader Password

    or

    Set Password

    Used only if the driver is connecting to the application through the Remote Loader. The password is used to control access to the Remote Loader instance. It must be the same password specified during the configuration of the Remote Loader on the connected system.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Browse to the driver, then click the upper right corner of the driver icon.

  3. Click Edit Properties > Driver Configuration > Authentication.

B.1.4 Startup Option

The Startup Option enables you to set the driver state when the Identity Manager server is started.

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver line, then select Properties > Driver Configuration.

  3. Click Startup Option.

    Option

    Description

    Auto start

    The driver starts every time the Identity Manager server is started.

    Manual

    The driver does not start when the Identity Manager server is started. The driver must be started through Designer or iManager.

    Disabled

    The driver has a cache file that stores all of the events. When the driver is set to Disabled, this file is deleted and no new events are stored in the file until the driver state is changed to Manual or Auto Start.

    Do not automatically synchronize the driver

    This option applies only if the driver is deployed and was previously disabled. If this is not selected, the driver re-synchronizes the next time it is started.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Browse to the driver, then click the upper right corner of the driver icon.

  3. Click Edit Properties > Driver Configuration > Startup Option.

B.1.5 Driver Parameters

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver line, then select Properties > Driver Configuration.

  3. Click Driver Parameters.

    Modify parameters. For information on settings, see Table B-1.

    If no fields display on the Driver options, Subscriber options, or Publisher options tabs, see Section 9.2, Creating Functionality on the Driver Parameters Page.

In iManager:

  1. Click Identity Manager > Identity Manager Overview, then click Search to search for the driver set that is associated with the driver.

  2. Browse to the driver, then click the upper right corner of the driver icon.

  3. Click Edit Properties > Driver Configuration > Driver Parameters.

Table B-1 Settings: Driver Parameters

Parameter

Description

Driver parameters for server

Displays or specifies the server name or IP address of the server whose driver parameters you want to modify.

Edit XML button

Opens an editor so that you can edit the driver’s configuration file.

Driver Options

SSL type

Specifies whether to use a Key Material Object (KMO) for SSL or use a Java keystore file. For more information, click the Information icon.

Subscriber Options

 

Address or host name of remote publisher

Specifies the IP address or DNS name of the server hosting the remote eDir-to-eDir driver that the local subscriber connects to.

TCP port of remote publisher

If the remote publisher options specify a TCP port, then this must be set to specify and the value from the remote Publisher channel entered into the Port number field. (These two fields must match what is set in the remote Publisher channel's options, which have corresponding fields).

Port number

Specifies the port number that the remote publisher is configured to run on. Displays only if you select specify in the TCP port of remote publisher field.

Advanced options

Displays additional fields when you select show.

Socket local bind

The local bind fields specify which IP address the Subscriber channel's socket will be bound to. This is generally only useful if the server has more than one IP address and it is important to bind to a particular address because of firewall settings.

Local bind address for subscriber socket

The local bind fields specify which IP address the Subscriber channel's socket will be bound to. This is generally only useful if the server has more than one IP address and it is important to bind to a particular address because of firewall settings.

Receive timeout in minutes

In order to detect a lost TCP/IP connection, the eDir-to-eDir driver periodically sends small packets. This value determines how long since entering a receive-wait condition the Subscriber channel waits until sending a "keep-alive" packet to determine if the TCP/IP connection has been lost. Generally, do not change this value except under instruction from Novell.

The default value for the Subscriber channel is one minute.

Publisher Options

Periodic heartbeat documents

Turns the Publisher channel heartbeat on or off. (Heartbeat is a method that can be used to periodically cause something to happen in a policy on the Publisher channel).

Heartbeat interval (in minutes)

If the heartbeat is on, this setting specifies how often the local Publisher channel sends a heartbeat document to the engine.

Local bind address for publisher socket

Specifies which IP address the Subscriber channel's socket will be bound to. This is generally only useful if the server has more than one IP address and it is important to bind to a particular address because of firewall settings. This setting applies to the local publisher's “server” socket on which the local publisher listens for connections from the remote Subscriber channel.

Receive timeout in minutes

In order to detect a lost TCP/IP connection, the eDir-to-eDir driver periodically sends small packets. This value determines how long since entering a receive-wait condition the Publisher channel waits until sending a "keep-alive" packet to determine if the TCP/IP connection has been lost. Generally, do not change this value except under instruction from Novell.

The default value for the Publisher channel is ten minutes.

B.1.6 ECMAScript

Enables you to add ECMAScript resource files. The resources extend the driver’s functionality when Identity Manager starts the driver.