HP Identity Driven Manager Software Series User Manual
Page 136
3-72
Using Identity Driven Manager
Using the User Import Wizard
3.
Optionally, in the
Base DN field, type the Distinguished Name. IDM will
search only for users and groups from this node of a directory tree.
4.
Click
Next to continue to the
Extract Users and Groups
window.
The remainder of the process for importing users from LDAP Servers is the
same as described for importing users from Active Directories.
•
Select the Groups
and
Users
to Import to IDM.
•
Select Users to remove
from IDM (if applicable)
•
Commit
the selected groups and users (adds and deletes) to IDM.
Editing IDM Configuration for LDAP Import
The IDM server includes several configuration files that contain information
used to import User information from LDAP files. The default configuration
settings will work if you are using MS Active Directory as the LDAP Server
directory. If you are using any other LDAP directory source (for example
Novell Edirectory) you will need to modify the
LDAP Directory
settings in:
~Program Files\Hewlett-Packard\PNM\server\config\IDMImportServerComp.scp
Following is an example of the
DMImportServerComp.scp file
for reference.
Comments are indicated by "//".
LDAP_SERVER_CONFIG {
PORT=389
//Port where LDAP server receives bind request.
SSL_PORT=636
// Port where LDAP server receives SSL bind requests.
BATCH_SIZE=50
// Internal to IDM.
COUNT_LIMIT=0
// Internal to IDM.
SASL_CONFIGURATION {
// This section is for SSL configuration: Digest MD5, Kerberos V5 and External.
QOP=auth-conf,auth-int,auth
// Quality of protection. Valid values are 1 and more of "auth-conf", auth-
int", "auth" separated by ",".
ENCRYPTION_STRENGTH=high,medium,low
// Strength of encryption. Valid values are 1 and more of "high", "medium",
"low" separated by ",".
MUTUAL_AUTHENTICATION=true
// If both LDAP server and IDM server wants to authenticate each other.
}
KERBEROS_JAAS_CONFIG {
// This section is for Kerberos authentication method.
KERBEROS_AUTH_MODULE=IDMKerberos