RSA Identity Governance and Lifecycle Connector Data Sheet for Oracle Internet Directory

Similar documents
RSA Identity Governance and Lifecycle Connector Data Sheet for OpenLDAP

RSA Identity Governance and Lifecycle Data Sheet for IBM Tivoli Directory Server Connector

RSA Archer GRC Application Guide

Lieberman Software Rapid Enterprise Defense Identity Management Application Guide

RSA Identity Governance and Lifecycle Collector Data Sheet For Open LDAP

RSA Identity Governance and Lifecycle Connector Data Sheet for Ubuntu Linux

RSA Identity Governance and Lifecycle Connector Data Sheet for Debian Linux

RSA Identity Governance and Lifecycle Collector Data Sheet for Zendesk

RSA Identity Governance and Lifecycle Connector Data Sheet for SQL Server

RSA Identity Governance and Lifecycle Collector Data Sheet for IBM Notes

RSA Identity Governance and Lifecycle Generic SOAP Web Service Connector Application Guide. Generic SOAP Web Service Connector Application Guide

RSA Identity Governance and Lifecycle Connector Data Sheet for IBM Tivoli Identity Manager 5.1

RSA Identity Governance and Lifecycle Collector Data Sheet For IBM Tivoli Directory Server

RSA Via L&G Collector Data Sheet for Oracle Identity Manager (OIM) Version (Release 1)

RSA Identity Governance and Lifecycle Data Sheet for IBM DB2 Database

SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Security configuration of the mail server IBM

ANIXIS Password Reset

Directory Integration with VMware Identity Manager

SailPoint IdentityIQ 6.4

RSA Identity Governance and Lifecycle Collector Data Sheet for Workday

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Configuring SSL for EPM /4 Products (Cont )

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at

SSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release [February] [2016]

Oracle Oracle Identity Manager 11g

Configure IBM Rational Synergy with 3 rd Party LDAP Server. Release

Web Service Integration

SSL/TLS Certificate Check

SAML 2.0 SSO Implementation for Oracle Financial Services Lending and Leasing

Installing and Configuring vrealize Code Stream. 28 JULY 2017 vrealize Code Stream 2.3

Creating and Installing SSL Certificates (for Stealthwatch System v6.10)

Enabling Microsoft Outlook Calendar Notifications for Meetings Scheduled from the Cisco Unified MeetingPlace End-User Web Interface

VMware Identity Manager Administration

Contents Overview... 5 Downloading Primavera Gateway... 5 Primavera Gateway On-Premises Installation Prerequisites... 6

CLI users are not listed on the Cisco Prime Collaboration User Management page.

Integration Guide. SafeNet Authentication Client. Using SAC CBA for VMware Horizon 6 Client

RSA Via L&G Collector Data Sheet for Office365

Configuring SAML-based Single Sign-on for Informatica Web Applications

Deploy In-Memory Parallel Graph Analytics (PGX) to Oracle Java Cloud Service (JCS)

Installing and Configuring vrealize Code Stream

Lotus IBM WebShere Portal 6 Deployment and Administration.

Host Access Management and Security Server Administrative Console Users Guide. August 2016

Installation and Configuration

CLI users are not listed on the Cisco Prime Collaboration User Management page.

Oracle Insurance Policy Administration Configuration of SAML 1.1 Between OIPA and OIDC

ENTRUST CONNECTOR Installation and Configuration Guide Version April 21, 2017

DoD Common Access Card Authentication. Feature Description

Application notes for supporting third-party certificate in Avaya Aura System Manager 6.3.x and 7.0.x. Issue 1.3. November 2017

RSA Authentication Manager 7.1 Administrator s Guide

Novell OpenLDAP Configuration

Public Key Enabling Oracle Weblogic Server

MARWATCH INSTALLATION AND UPGRADE GUIDE

1Integrate for ArcGIS Installation Guide. Server Edition

Pulse Secure Desktop Client

Clearswift SECURE Gateway Installation & Getting Started Guide. Version Document Revision 1.0

RSA Identity Governance and Lifecycle Microsoft Exchange Connector Application Guide. Microsoft Exchange Connector Application Guide

IBM LOT-825. IBM WebSphere Portal 6 Deployment and(r) Administration.

SafeNet KMIP and Google Drive Integration Guide

Realms and Identity Policies

LDAP Configuration Guide

SPNEGO SINGLE SIGN-ON USING SECURE LOGIN SERVER X.509 CLIENT CERTIFICATES

Securing U2 Soap Server

RSA NetWitness Platform

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

Table of Contents 1 AQL SMS Gateway How to Guide...1

SAML-Based SSO Configuration

Migrating vrealize Automation 6.2 to 7.2

Storage Manager 2018 R1. Installation Guide

Privileged Access Agent on a Remote Desktop Services Gateway

Integrating AirWatch and VMware Identity Manager

SSL or TLS Configuration for Tomcat Oracle FLEXCUBE Universal Banking Release [December] [2016]

esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5

WPC-LDAP Integration Setup Guide

Weblogic Configuration Oracle FLEXCUBE Investor Servicing Release [October] [2015]

Configuring SAP Targets and Runtime Users

Realms and Identity Policies

Installation and Configuration. vrealize Code Stream 2.1

Remote Support Security Provider Integration: RADIUS Server

akkadian Global Directory 3.0 System Administration Guide

Weblogic Configuration Oracle FLEXCUBE Universal Banking Release [May] [2017]

Novell Access Manager

Switching from the default IBM supplied SSL certificate to a certificate signed by a certificate authority (CA)

Enabling SAML Authentication in an Informatica 10.2.x Domain

Assuming you have Icinga 2 installed properly, and the API is not enabled, the commands will guide you through the basics:

CloudLink Key Management for VMware vcenter Server Configuration Guide

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

SETTING UP ORACLE ULTRA SEARCH FOR ORACLE PORTAL 10G (10.1.4)

Dell Storage Manager 2016 R3 Installation Guide

VMware AirWatch Database Migration Guide A sample procedure for migrating your AirWatch database

HPE Enterprise Integration Module for SAP Solution Manager 7.1

Configuring IBM WebSphere Application Server 7 for Secure Sockets Layer and Client-Certificate Authentication on SAS 9.3 Enterprise BI Server Web

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

vcloud Director Administrator's Guide

1. All domain user accounts, and who can change the security permissions protecting them

Managing Users and Configuring Role-Based Access Control

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

HP Enterprise Integration Module for SAP Solution Manager

Configure the IM and Presence Service to Integrate with the Microsoft Exchange Server

Transcription:

Connector Data Sheet for Oracle Internet Directory Version 1.2 vember 2017

Oracle Internet Directory Connector Datasheet Table of Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 CONFIGURATION... 6 General... 6 Settings... 6 Capabilities... 8 Create an Account on a server... 8 Delete an Account from a server... 12 Reset an Account s Password... 12 Add Account to Group... 14 Remove Account from Group... 15 Enable Account... 16 Disable Account... 17 Update Account... 17 Move Account... 18 Lock an Account... 19 Unlock an Account... 20 Create a group... 21 Delete a group... 22 Update a group... 22 Troubleshooting... 24 2

Oracle Internet Directory Connector Datasheet Revision History Revision Number Version 1.0 Version 1.1 Version 1.2 Oracle Internet Directory Collector configuration. Added instructions for configuring the password vault with OID Connector Updated document with minimum version support. 3

Oracle Internet Directory Connector Datasheet Purpose This data sheet provides the configuration information required to create a new connector for Oracle Internet Directory. Supported Software Version: 6.9.1 and above Application: Oracle Internet Directory 11.1.1.6.0 and above Prerequisites Oracle Internet Directory should be installed and configured properly. SSL communication For SSL communication, Oracle Internet Directory (OID) and certificate authority (CA) certificates (only if required) should be added to the appropriate keystores. See the following steps for adding certificates to the keystores of WebSphere, WebLogic and WildFly application servers: WebSphere Application Server: 1. Log in to WebSphere Administrative console (http://<host_name>:9060/ibm/console/login.do) 2. In left panel, expand Security menu. 3. Click SSL certificate and key management link. 4. Click Manage endpoint security configurations link under Configuration Settings. 5. Select Outbound properties for the appropriate node. 6. Click appropriate node link to get the properties. 7. Under Related Items, click Key stores and certificates and click the dedefaulttruststore key store 8. Under Additional Properties, click Signer certificates and then click Retrieve from Port. 9. In the Host field, enter host name, enter SSL port(default-636) in the Port field, and alias_name in the Alias field. 10. Click Retrieve Signer Information. 11. Verify that the certificate information is for the trusted certificate. 12. Click Apply and Save. 13. Login into WebSphere machine using SSH (example: putty). 14. On command prompt, run: /home/oracle/afx/afx stop. 15. On command prompt, run: /opt/ibm/websphere/appserver/bin/stopserver.sh server1. 16. On command prompt, run: /opt/ibm/websphere/appserver/bin/startserver.sh server1. 17. On command prompt, run: /home/oracle/afx/afx start. 4

Oracle Internet Directory Connector Datasheet WebLogic Application Server: 1. Download/retrieve Oracle Internet Directory (OID) and CA (only if required) SSL certificates in PEM format and save them at location /home/oracle. 2. Log in to WebLogic Administrative console. (http://<host_name>.aveksa.local:7001/console/login/loginform.jsp) 3. Click on Servers link in Environment section under Domain Configurations. 4. Click on aveksaserver link. 5. Go to SSL tab. 6. Click on Advanced link. 7. Select HostName Verification = ne. 8. Save the settings. 9. Login into WebLogic machine using SSH (example: putty) 10. Change directory: cd /home/oracle/ 11. Add the saved certificate and CA (only if required) certificates in server.keystore by using keytool Run: keytool -import -file <cert.pem> -alias <cert_alias> -keystore server.keystore 12. Restart SSL on WebLogic Server as mentioned below. 13. Go to Servers -> controls tab. 14. Select/check aveksaserver (admin) and then click Restart SSL. 15. Restart the Server. /home/oracle/afx/afx stop. Run:/home/oracle/wls/12.1.3.0/user_projects/domains/aveksaDomain/bin/stopWebLogic.sh. Run:/home/oracle/wls/12.1.3.0/user_projects/domains/aveksaDomain/bin/startWebLogic.sh. /home/oracle/afx/afx start. WildFly Application Server: 1. Download/retrieve Oracle Internet Directory (OID) and CA (only if required) SSL certificates in PEM format and save them. 2. cd <$JAVA_HOME>/jre/lib/security 3. Add certificates in cacerts by using keytool keytool -import -file <cert.pem> -alias <cert_alias> -keystore cacerts Password for keystore (unless you have made any changes): changeit Run: keytool -import -file <certificate_path> -alias <certificate_alias> -keystore cacerts 4. Restart Server : Run: afx stop acm stop acm start afx start 5

Oracle Internet Directory Connector Datasheet MANAGE ENDPOINT CREDENTIALS USING A PASSWORD VAULT To use a third-party password vault to manage the endpoint credentials, perform the following steps: 1. Configure the password vault according to the third-party provider s instructions. 2. Create a new password vault profile in the system for retrieving the OID password from the vault. See the Help for more information about creating a password vault profile. 3. Ensure that an OID account has been created at the configured password vault for storing the password. te: To use the dynamic password feature, step 1 must be completed. If a third-party password vault is not configured, configure the connector with a static password. CONFIGURATION The configuration of the Connector is completed through a number of screens. This section helps you to fill in the values for each screen. General The following table lists the parameters on the General screen, while creating the connector. Name Oracle Internet Directory Connector Oracle Internet Directory s Connector Server AFX Server Connector Template Oracle Internet Directory State Test Export As Template Provide any name to export connector configuration as connector template Settings The following table lists the parameters on the Settings screen while creating the Connector. 6

Oracle Internet Directory Connector Datasheet Host <Host name or IP address to the server> Port <Port Number to the server(default 1389)> Use Secure Connection <Wants secure connection or not (Default is false)> Login Distinguished Name Static Password Dynamic Password <Distinguished Name to Login to the server> Select this option, if you want to provide the password statically/manually. Fill in the value of password for the OID administrator user in the area provided. Select this option to use a configured password vault to manage the endpoint credentials. After you select this option, either select a previously configured password vault profile from the drop-down menu, or click Create Profile to add a new password vault profile to use with this connector. uses this profile to retrieve the appropriate credentials from the password vault during connector deployment and connection tests. Timeout(seconds) <Timeout for operations(default is 10)> Account DN Prefix <Prefix for Account Distinguished Name(Default is CN)> Account DN Suffix <Suffix for Account Distinguished Name> Group DN Prefix <Prefix for Group Distinguished Name(Default is CN)> Group DN Suffix <Suffix for Group Distinguished Name> DN Suffix s <Suffix s for Distinguished Name> Object classes to create account <List of object classes to create Account (UserObjectClasses) such as 'top','person','organizationalperson','inetorgperson','orcluser','orcluserv2'> Object classes to create group <List of object classes to create group (GroupObjectClasses) such as 'top','groupofnames','orclgroup'> 7

Oracle Internet Directory Connector Datasheet User membership attribute for group <Default is member> Use full DN for user membership attribute value <Wants to use full DN for User membership attribute value on Group object or not (Default is true)> Account lockout Threshold attribute value <Security setting determines the number of failed logon attempts that causes a user account to be locked out(default is 10)> Capabilities The following commands are supported by the OID connector: Create an Account on a server Delete an Account from a server Reset an Account's password Add Account to Group Remove Account From Group Enable an Account Disable an Account Update an Account Move an Account Lock an Account Unlock an Account Create a Group Delete a Group Update a Group Create an Account on a server The following table lists the parameters on the Create account screen. Account Default - 8

Oracle Internet Directory Connector Datasheet Account Name ${AccountTemplate.AccountName} Account Name or Full DN of an account CN Default - Common Name ${AccountTemplate.CommonName} Name that represents an object. It is used to perform searches 9

Oracle Internet Directory Connector Datasheet sn Default - Last Name ${User.Last_Name} Surname of a person givenname Default - First Name 10

Oracle Internet Directory Connector Datasheet ${User.First_Name} given name of a person mail Default - Email address ${User.Email_Address} simple SMTP address of a person Password Default - 11

Oracle Internet Directory Connector Datasheet Initial password to set ${AccountTemplate.Password} password which is required for login Delete an Account from a server The following table lists the parameters on the Delete account screen. Account Default - Account Name ${Account.Name} Full DN Reset an Account s Password The following table lists the parameters on the Reset Password screen. 12

Oracle Internet Directory Connector Datasheet Account Default - Account Name ${Account.Name} Have a full DN Password Default - 13

Oracle Internet Directory Connector Datasheet Initial password to reset to Null New password to set to Add Account to Group The following table lists the parameters on the Add account to group screen. Account Default - Account DN or Account Name ${Account.Name} Full DN Group 14

Oracle Internet Directory Connector Datasheet Default - Group DN or Group Name ${Group.Name} Full DN of group or group name Remove Account from Group The following table lists the parameters on the Remove account from group screen. Account Default - Account DN or Account Name ${Account.Name} Full DN 15

Oracle Internet Directory Connector Datasheet Group Default - Group DN or Group Name ${Group.Name} Full DN of group or group name Enable Account The following table lists the parameters on the Enable account screen. Account Default - 16

Oracle Internet Directory Connector Datasheet Account Name ${Account.Name} Full DN Disable Account The following table lists the parameters on the Disable account screen. Account Default - Account Name ${Account.Name} Full DN Update Account The following table lists the parameters on the Update account screen. Account 17

Oracle Internet Directory Connector Datasheet Default - Account Name ${Account.Name} Full DN Move Account The following table lists the parameters on the Move account screen. Account Default - Account DN or Account Name ${Account.Name} 18

Oracle Internet Directory Connector Datasheet Full DN of Account or login name NewParentDN Default - New Parent s DN null DN of new account base or organizational unit Lock an Account The following table lists the parameters on the Lock an account screen. Account Default - 19

Oracle Internet Directory Connector Datasheet Account Name ${Account.Name} Full DN Unlock an Account The following table lists the parameters on the Unlock an account screen. Account Default - Account Name ${Account.Name} Full DN 20

Oracle Internet Directory Connector Datasheet Create a group The following table lists the parameters on the Create a group screen. Group Default - Group Name ${AccountTemplate.GroupName} Full DN of group CN Default - 21

Oracle Internet Directory Connector Datasheet Common Name ${AccountTemplate.CN} Name that represents an object. It is used to perform searches Delete a group The following table lists the parameters on the Delete a group screen. Group Default - Group Name ${Group.GroupName} Full DN of group Update a group The following table lists the parameters on the Update a group screen. 22

Oracle Internet Directory Connector Datasheet Group Default - Group Name ${Group.GroupName} Full DN of group 23

Oracle Internet Directory Connector Datasheet Troubleshooting This section describes common errors when configuring the components for OID and solutions. Dynamic password is used on connector settings page and the connector is not getting deployed with error displayed as: Password Vault Error. This may happen if there is an error in retrieving the password using the mentioned profile. You need to check if the values provided in the profile for password retrieval are valid and adequate permissions are present on the vault for fetching the password. 24

Oracle Internet Directory Connector Datasheet COPYRIGHTS Copyright 2017 Dell Inc. or its subsidiaries. All Rights Reserved. TRADEMARKS Dell, RSA, the RSA Logo, EMC and other trademarks, are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners. For a list of RSA trademarks, go to www.emc.com/legal/emc-corporation-trademarks.htm#rsa. 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback