4.1 Importing the Sample Driver Configuration

4.1.1 Importing by Using iManager

  1. Create a new driver or import the configuration eDirectory.xml onto an existing driver.

    In Novell iManager, select Identity Manager Utilities, then use one of the tasks as described in Managing Identity Manager Drivers in Novell Identity Manager 3.0.1 Administration Guide .

  2. Configure the driver by following the instructions in Section 4.2, Configuring Secure Identity Manager Data Transfers.

The wizard prompts you to provide the following information:

Item

Description

Driver name

You can use the default name eDirectory Driver, or change the name.

R emote Tree Address and Port

Specify the DNS host name or IP address and port of the Identity Manager server in the remote tree. For example:

151.155.144.23:8196

hostname:8196

Configure Data Flow

Bidirectional: Both eDirectory™ trees are authoritative sources of the data synchronized between them.

Authoritative: The local tree is the authoritative source.

Subordinate: The local tree is not an authoritative source.

Configuration Option

Mirrored: Synchronizes objects hierarchically between the local and remote trees.

If you choose this option, use the same option for configuring both eDirectory trees you are synchronizing.

This option in the driver configuration synchronizes User, Group, Organization, Country, and Organizational Unit objects. It also mirrors the structure of a subtree in the other tree.

Flat: Synchronizes all Users and Groups into specific containers.

This option synchronizes User and Group objects and places all users in one container and all groups in another container.

This option is typically used in conjunction with the Department option (or a similar configuration) in the other tree.

This option doesn’t create the containers that hold the users and groups. You must create those manually.

Department: Synchronize Users and Groups by department (OU).

This option synchronizes User and Group objects and places all users and groups in a container based on the Department field in your management console.

This configuration is typically used in conjunction with the Flat option (or a similar configuration) in the other tree.

This option doesn’t create the containers for each department. You must create those manually. They must be the same as the container specified during import.

Remote Base Container

Used for Mirrored option only.

Specify the base container for synchronization in the remote tree, for example Users.MyOrganization.

Base Container

Used for Mirrored, Flat, and Department options.

Specify the base container for synchronization in the local tree, for example Users.MyOrganization.

If using with Mirrored: The local base container to mirror with the Remote Base Container above.

If using with Flat: The container to place Users into.

If using with Department: The parent of the departmental containers.

Group Container

Used for Flat only.

Specify the base container for synchronization in the local tree to place Groups into, for example Groups.MyOrganization.

Password Sync Version

The default is 1.0. Use this option if you use public/private keys. Select

2.0 if you use the distribution password and password policies.

Password Failure Notification User

The user whose password fails to synchronize receives an e-mail notification whenever password updates fail. To send a copy of that e-mail to an additional user, type or browse to and select the DN of that additional user.

4.1.2 Importing by Using Designer for Identity Manager

You can import the basic driver configuration file for the eDirectory driver by using Designer for Identity Manager. This basic file creates and configures the objects and policies needed to make the driver work properly.

The following procedure explains one of several ways to import the sample configuration file:

  1. Open a project in Designer.

  2. In the modeler, right-click the Driver Set object, then select Add Connected Application.

  3. From the drop-down list, select eDirectory.xml, then click Run.

  4. Click Yes, in the Perform Prompt Validation window.

  5. Configure the driver by filling in the fields.

    Specify information specific to your environment. For information on the settings, see the table in Step 2.

  6. After specifying parameters, click OK to import the driver.

  7. Customize and test the driver.

  8. Deploy the driver into the Identity Vault.

    See Deploying a Driver to an Identity Vault in the Designer for Identity Manager 3: Administration Guide .