IBM Directory Integrator 5.1.2: Readme Addendum

Similar documents
IBM Tivoli Directory Server Version 5.2 Client Readme

iscsi Configuration Manager Version 2.0

Tivoli Access Manager for Enterprise Single Sign-On

Installing Watson Content Analytics 3.5 Fix Pack 1 on WebSphere Application Server Network Deployment 8.5.5

Migrating Classifications with Migration Manager

Networking Bootstrap Protocol

CONFIGURING SSO FOR FILENET P8 DOCUMENTS

Release Notes. IBM Security Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

Tivoli Access Manager for Enterprise Single Sign-On

Limitations and Workarounds Supplement

Release Notes. IBM Tivoli Identity Manager Rational ClearQuest Adapter for TDI 7.0. Version First Edition (January 15, 2011)

Release Notes. IBM Tivoli Identity Manager Universal Provisioning Adapter. Version First Edition (June 14, 2010)

Best practices. Starting and stopping IBM Platform Symphony Developer Edition on a two-host Microsoft Windows cluster. IBM Platform Symphony

IBM WebSphere Sample Adapter for Enterprise Information System Simulator Deployment and Testing on WPS 7.0. Quick Start Scenarios

IBM Security QRadar Version Customizing the Right-Click Menu Technical Note

IBM License Metric Tool Enablement Guide

IBM LoadLeveler Version 5 Release 1. Documentation Update: IBM LoadLeveler Version 5 Release 1 IBM

Tivoli Access Manager for Enterprise Single Sign-On

Integrated use of IBM WebSphere Adapter for Siebel and SAP with WPS Relationship Service. Quick Start Scenarios

Version 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM

Configuring IBM Rational Synergy to use HTTPS Protocol

Development tools System i5 Debugger

Version 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM

Platform LSF Version 9 Release 1.1. Migrating on Windows SC

IBM Directory Server 4.1 Release Notes

IBM Tivoli Monitoring for Databases. Release Notes. Version SC

Platform LSF Version 9 Release 1.3. Migrating on Windows SC

System i. Networking RouteD. Version 5 Release 4

Release Notes. IBM Tivoli Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

IBM emessage Version 8.x and higher. Account Startup Overview

Release Notes. IBM Tivoli Identity Manager Oracle PeopleTools Adapter. Version First Edition (May 29, 2009)

Using application properties in IBM Cúram Social Program Management JUnit tests

IBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM

Limitations and Workarounds Supplement

IBM Spectrum LSF Version 10 Release 1. Readme IBM

IBM Tivoli Access Manager for Enterprise Single Sign-On: Authentication Adapter Version 6.00 September, 2006

IBM Cloud Orchestrator. Content Pack for IBM Endpoint Manager for Software Distribution IBM

Tivoli Access Manager for Enterprise Single Sign-On

IBM Spectrum LSF Process Manager Version 10 Release 1. Release Notes IBM GI

IBM BladeCenter Chassis Management Pack for Microsoft System Center Operations Manager 2007 Release Notes

IBM Security QRadar Version Forwarding Logs Using Tail2Syslog Technical Note

IBM Maximo Calibration Version 7 Release 5. Installation Guide

Tivoli Access Manager for Enterprise Single Sign-On

Printing Systems Division. Infoprint Manager for AIX NLV Release Notes

A Quick Look at IBM SmartCloud Monitoring. Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update:

Determining dependencies in Cúram data

Best practices. Reducing concurrent SIM connection requests to SSM for Windows IBM Platform Symphony

SMASH Proxy Version 1.0

IBM Maximo Spatial Asset Management Version 7 Release 5. Installation Guide

IBM Rational Synergy DCM-GUI

IBM. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns. Version 2 Release 1 BA

COBOL for AIX. Source conversion utility (scu)

Getting Started with InfoSphere Streams Quick Start Edition (VMware)

RSE Server Installation Guide: AIX and Linux on IBM Power Systems

Lotus Forms Designer 3. What s New

IBM Storage Driver for OpenStack Version Installation Guide SC

IBM OpenPages GRC Platform - Version Interim Fix 1. Interim Fix ReadMe

Version 2 Release 1. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns IBM BA

Installing and Configuring Tivoli Monitoring for Maximo

IBM Storage Driver for OpenStack Version Release Notes

Build integration overview: Rational Team Concert and IBM UrbanCode Deploy

Application and Database Protection in a VMware vsphere Environment

IBM Maximo for Service Providers Version 7 Release 6. Installation Guide

Version 1.2 Tivoli Integrated Portal 2.2. Tivoli Integrated Portal Customization guide

IBM Operations Analytics - Log Analysis: Network Manager Insight Pack Version 1 Release 4.1 GI IBM

Best practices. Linux system tuning for heavilyloaded. IBM Platform Symphony

Installation and User s Guide

IBM Storage Management Pack for Microsoft System Center Operations Manager (SCOM) Version Release Notes

IBM Netcool/OMNIbus 8.1 Web GUI Event List: sending NodeClickedOn data using Netcool/Impact. Licensed Materials Property of IBM

IBM Optim. Compare Introduction. Version7Release3

Netcool/Impact Version Release Notes GI

IBM Maximo for Aviation MRO Version 7 Release 6. Installation Guide IBM

IBM Operational Decision Manager Version 8 Release 5. Configuring Operational Decision Manager on Java SE

Tivoli Access Manager for Enterprise Single Sign-On

Printing Systems Division. Infoprint Manager for Windows NLV Release Notes

IBM VisualAge for Java,Version3.5. External Version Control

IBM Kenexa LCMS Premier on Cloud. Release Notes. Version 9.3

Contents. Configuring AD SSO for Platform Symphony API Page 2 of 8

IBM Storage Driver for OpenStack Version Installation Guide SC

Engineering and Scientific Subroutine Library for AIX, Version 4 Release 2. Installation GA

Proposal for a Tivoli Storage Manager Client system migration from Solaris with VxFS to Linux with GPFS or AIX with GPFS or JFS2

ServeRAID-MR10i SAS/SATA Controller IBM System x at-a-glance guide

IBM. Networking INETD. IBM i. Version 7.2

Chapter 1. Fix Pack 0001 overview

IBM OpenPages GRC Platform Version 7.0 FP2. Enhancements

Limitations and Workarounds Supplement

Performance Toolbox for AIX Version 3.1

IBM UrbanCode Cloud Services Security Version 3.0 Revised 12/16/2016. IBM UrbanCode Cloud Services Security

IBM Decision Server Insights. Installation Guide. Version 8 Release 6

IBM FlashSystem V MTM 9846-AC3, 9848-AC3, 9846-AE2, 9848-AE2, F, F. Quick Start Guide IBM GI

IBM Copy Services Manager Version 6 Release 1. Release Notes August 2016 IBM

IBM Operational Decision Manager. Version Sample deployment for Operational Decision Manager for z/os artifact migration

IBM Financial Transactions Repository Version IBM Financial Transactions Repository Guide IBM

IBM Content Analytics with Enterprise Search Version 3.0. Expanding queries and influencing how documents are ranked in the results

IBM Endpoint Manager Version 9.1. Patch Management for Ubuntu User's Guide

IBM FlashSystem V Quick Start Guide IBM GI

Release Notes. IBM Tivoli Identity Manager I5/OS Adapter. Version First Edition (January 9, 2012)

IBM Cloud Object Storage System Version Time Synchronization Configuration Guide IBM DSNCFG_ K

ios 9 support in IBM MobileFirst Platform Foundation IBM

Release 6.2 Installation Guide

Transcription:

IBM Directory Integrator 5.1.2: Readme Addendum

Note Before using this information and the product it supports, read the general information under Notices on page 5.

Preface This Readme file contains information about the IBM Directory Integrator 5.1.2. This file contains information about changes and fixes that occurred to the documentation after it was placed on the product image. This file is in English only. This file can also be found at http://publib.boulder.ibm.com/tividd/td/tdprodlist.html iii

iv IBM Directory Integrator 5.1.2: Readme Addendum

Contents Preface............... iii Product description.......... 1 Notices............... 5 Opensource licenses............ 7 Trademarks............... 7 IBM Directory Integrator and Microsoft Active Directory SSL configuration... 3 v

vi IBM Directory Integrator 5.1.2: Readme Addendum

Product description IBM Directory Integrator manages the technicalities of connecting to and interacting with the various data sources that you want to integrate, abstracting away the details of their APIs, transports, protocols and formats. Instead of focusing on data, IBM Directory Integrator lifts your view to the information level, enabling you to concentrate on the business and information management logic needed to perform each exchange. IBM Directory Integrator enables you to build and maintain libraries of integration logic and components that can be reused to address new challenges. Development projects across your organization can all share IBM Directory Integrator assets, resulting in independent projects (even point solutions) that immediately fit into a coherent integrated infrastructure. For more information about IBM Directory Integrator 5.1.2, refer to IBM Directory Integrator 5.1.2: Readme in root_directory/docs. 1

2 IBM Directory Integrator 5.1.2: Readme Addendum

IBM Directory Integrator and Microsoft Active Directory SSL configuration Do the following to configure SSL for IBM Directory Integrator and Microsoft Active Directory: 1. Install Certificate Services on Windows 2000 Server and an Enterprise Certificate Authority in the Active Directory Domain. Details are available at http://www.ntfaq.com/articles/index.cfm?articleid=14923. Make sure you install an Enterprise Certificate Authority. 2. Start the Certificate Server Service. This creates a virtual directory in Internet Information Service (IIS) that enables you to distribute certificates. 3. Create a Security (Group) Policy to direct Domain Controllers to get an SSL certificate from the Certificate Authority (CA). a. Open the Active Directory Users and Computers Administrative tool. b. Under the domain, right-click on Domain Controllers. c. Select Properties. d. In the Group Policy tab, click to edit the Default Domain Controllers Policy. e. Go to Computer Configuration >Windows Settings >Security Settings >Public Key Policies. f. Right click Automatic Certificate Request Settings. g. Select New. h. Select Automatic Certificate Request. i. Run the wizard. Select the Certificate Template for a Domain Controller. j. Select your Enterprise Certificate Authority as the CA. Selecting a third-party CA works as well. k. Complete the wizard. l. All Domain Controllers now automatically request a certificate from the CA, and support LDAP using SSL on port 636. 4. Retrieve the Certificate Authority Certificate to the machine on which you installed IBM Directory Integrator. Note: You must install IIS before installing the certificate server. a. Open a Web browser on the machine on which you installed IBM Directory Integrator. b. Go to http://<server_name>/certsrv/ (where <server_name> is the name of the Windows 2000 server). You are asked to log in. c. Select the task Retrieve the CA certificate or certificate revocation list. d. Click Next. e. The next page automatically highlights the CA certificate. Click Download CA certificate. f. A new download window opens. Save the file to the hard drive. 5. Create a certificate store using keytool. Use keytool.exe to create the certificate store and import the CA certificate into this store. 3

Note: Keytool.exe is located in the IBM Directory Integrator directory under /_jvm/bin Use the following command: _jvm\bin\keytool -import -file certnew.cer -keystore <keystore_name>.jks -storepass <password> -alias <keyalias_name> For example, assume the following values: Keystorename = idi.jks Password = secret Keyalias name = AD_CA The command looks like the following: C:\Program Files\IBM\IBMDirectoryIntegrator>_jvm\bin\keytool -import -file certnew.cer -keystore idi.jks -storepass secret -alias AD_CA To verify the contents of your keystore, type the following: C:\Program Files\IBM\IBMDirectoryIntegrator>_jvm\bin\keytool -list -keystore idi.jks -storepass secret This results in the following: Keystore type: jks Keystore provider: SUN Your keystore contains 1 entry: ad_ca, Mon Nov 04 22:11:46 MST 2002, trustedcertentry, Certificate fingerprint (MD5): A0:2D:0E:4A:68:34:7F:A0:21:36:78:65:A7:1B:25:55 For more details on keytool, go to http://java.sun.com/j2se/1.3/docs/tooldocs/solaris/keytool.html 6. Configure IBM Directory Integrator to use the keystore created in the previous step. Edit <root_directory>/global.properties file for the keystore file location, keystore file password and keystore file type. In the current release, only jks-type is supported. #server authentication #example javax.net.ssl.truststore=c::\test\idi.jks javax.net.ssl.truststorepassword=secret javax.net.ssl.truststoretype=jks #client authentication #example javax.net.ssl.keystore=c:\test\idi.jks javax.net.ssl.keystorepassword=secret javax.net.ssl.keystoretype=jks 7. Edit <root_directory>/_jvm/lib/security/java.security for the security provider list: security.provider.1=sun.security.provider.sun security.provider.2=com.ibm.crypto.provider.ibmjce security.provider.3=com.ibm.crypto.provider.ibmjca 8. Enable SSL for your LDAP connector. a. Go to the LDAP Connector configuration panel. b. Change LDAP URL to port 636. c. Check Use SSL. 9. Restart IBM Directory Integrator. 4 IBM Directory Integrator 5.1.2: Readme Addendum

Notices This information was developed for products and services offered in the U.S.A. IBM might not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user s responsibility to evaluate and verify the operation of any non-ibm product, program, or service. IBM may have patents or pending patent applications covering subject matter in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: IBM World Trade Asia Corporation Licensing 2-31 Roppongi 3-chome, Minato-ku Tokyo 106, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the information. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this information at any time without notice. Any references in this information to non-ibm Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. 5

Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation Department MU5A46 11301 Burnet Road Austin, TX 78758 U.S.A. Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You may copy, modify, and distribute these sample programs in any form without payment to IBM for the purposes of developing, using, marketing, or distributing application programs conforming to IBM s application programming interfaces. Each copy or any portion of these sample programs or any derivative work, must include a copyright notice as follows: 6 IBM Directory Integrator 5.1.2: Readme Addendum

Opensource licenses (your company name) (year). Portions of this code are derived from IBM Corp. Sample Programs. Copyright IBM Corp. _enter the year or years_. All rights reserved. If you are viewing this information softcopy, the photographs and color illustrations may not appear. There are several opensource products included in IBM Directory Integrator 5.1.2. The licenses for the following products are available in <root_directory>\license\opensource: Product Owner License file name Pre-required licenses Company/Organization ANTLR JGURU Antlr_license.txt Xerces Apache apache_license.txt Castor Exolab Castor_license.txt junit_license.txt xerces_license.txt jakarta_ant_license.txt jakarta_oro_license.txt Jakarta_RegExp_license.txt CommonLogging Apache CommonsLogging_license.txt dom4j SourceForge.net dom4j_license.txt log4j Apache log4j_license.txt MX4J Apache mx4j_license.txt BCEL_license.txt Jython_license.txt log4j_license.txt XDoclet_license.txt RegExp Apache Jakarta_RegExp_license.txt Trademarks The following terms are trademarks of International Business Machines Corporation in the United States, or other countries, or both: IBM Microsoft and Windows are registered trademarks of Microsoft Corporation. Other company, product, and service names may be trademarks or service marks of others. Notices 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback