HP Identity Driven Manager Software Series User Manual
Page 139
3-71
Using Identity Driven Manager
Using the User Import Wizard
Importing LDAP X509 User Certificates into a Keystore:
If you are using a JKS Keystore, the X509 User Certificate must be installed in
a keystore on the IDM server. You can get the X509 User Certificate from your
LDAP Administrator.
For example, if the X509 User Certificate is " myldapcert.cer"
and the alias is "mycert", use the following command to import the
certificate in a keystore in c:\idmuser\mykeystore on your IDM server:
C:\idmuser> keytool -import -file myldapcert.cer -alias
mycert -trustcacerts -keystore .\mykeystore
If you are using a PKCS12 keystore, ask your LDAP Administrator to provide
you PKCS12 certificate along with the key. Enter the PKCS certificate in the
Keystore field, and enter the PKCS12 key in the Password field.
Using Anonymous Authentication
The LDAP
Anonymous Authentication
window is used to define the LDAP data
source. Values for these fields can be obtained from the LDAP server admin-
istrator.
Figure 3-54. IDM User Import Wizard, Anonymous Authentication
To set up an LDAP server with anonymous authentication:
1.
In the
Server field, type the IP address of the LDAP server.