B.0 Configuring the Driver for Use with an AD LDS/ADAM Instance

The Active Directory driver can be configured for use with an Active Directory Lightweight Directory Services instance (AD LDS).

You import a configuration file to create a driver to connect to the AD LDS/ADAM instance.

There are multiple ways to configure your environment to synchronize the information. For example, NetIQ recommends setting up your own certificate authority (CA) in order to issue certificates that can be used for SSL connections to AD LDS/ADAM. If you already have server certificates, or if you have access to another CA that can issue valid certificates, you can ignore the steps that describe how to set up your own CA. Likewise, if you don't want to configure SSL (required if you want to set passwords on the Subscriber channel) then you can skip the section about configuring Certificate Services.

Any discussion of setting passwords is referring to the Subscriber channel from Identity Manager to AD LDS/ADAM. Password synchronization on the Publisher channel from AD LDS/ADAM to Identity Manager is not currently possible, unless a regular user attribute (not the userPassword attribute) is used in AD LDS/ADAM to store the password.