Topics in this section include
Obtain one of the following files from your installation media:
win_x86_64_scriptdriver_install.exe (64-bit)
win_x86_scriptdriver_install.exe (32-bit)
Run this file on your Windows system.
Click Next to continue the installation.
Accept the default installation folder or specify your own. Click Next to continue.
Review your settings and click Next to continue.
After the driver files are copied, you are prompted to retrieve an SSL certificate. NetIQ eDirectory must be running to retrieve the certificate. The certificate allows SSL encryption between the Identity Manager engine and the driver shim. Enabling SSL is optional but is recommended for better security. To retrieve the certificate, click Yes and follow the prompts in the console window:
Specify the DNS name or IP address of your eDirectory server.
Specify the LDAP secure port, default 636.
Enter Y to accept the certificate.
You are prompted to enter Driver and Remote Loader passwords. These passwords are used to verify that an authorized driver shim is communicating with the Identity Manager engine. Although you don’t need to enter the passwords immediately, they must be set at some point before running the driver. Click Yes to the prompt and follow the prompts in the console window:
Enter and confirm the Remote Loader password.
Enter and confirm the Driver password.
The installation of the driver shim is finished, with the option of starting the Driver Shim Service. Proceed to the next section to complete the installation of the driver.
Start the driver engine component in NetIQ iManager.
The driver shim is a Windows service. Use the Windows Services application to start and stop the NetIQ Identity Manager Windows Script Driver service (see Section 6.0, Using the Scripting Driver).
The Script Service preloads Windows PowerShell and keeps it in memory to provide faster performance. Requests to the Script Service are securely submitted by a small program called the Script Client.
To install and use the Script Service:
If necessary, add the .NET Framework 3.5 Feature using the Add Roles and Features operation in the Server Manager application.
Run Win\Microsoft WSE 3.0 Runtime.msi to install the Web Service Enhancements module.
It may be necessary to open TCP port 8081 in your firewall--this port is used only for communication between the Script Client and Script Service executables. The port can be customized in scriptservice.conf, as explained below.
In the Services application, set NetIQ IDM Windows Script Driver - Script Service to start automatically.
To configure the Script Service
Create a file named scriptservice.conf in the WSDriver\conf directory.
Open the file and add the desired configuration lines, using the following keywords:
|
Keyword |
Description |
Syntax |
|---|---|---|
|
-address |
Change the default address and port for Script Service. Default: localhost:8081 |
-address <DNS name or IP address>[:port] |
|
-nosecurity |
Do not enforce security. This command is required if the Use Windows EFS driver parameter is disabled. |
-nosecurity |
|
-command |
Execute a script command on startup. May be specified multiple times. |
-command <command> |
If you no longer wish to use the Script Service, follow these steps:
Open the Driver Configuration in iManager. In the Driver Parameters, change Script Command to powershell.exe.
Either stop or disable the Script Service.
Restart the driver.
Running multiple instances of the Scripting Driver on the same system may be desirable, but require some additional steps taken. The instructions in this section assume that you have already installed the Scripting Driver on the system.
To add an instance:
Copy existing files:
After stopping your original driver, create a new directory, and copy all original driver files to the new directory, using the same directory structure.
For example, copy files and directories from C:\Program Files\Novell\WSDriver to C:\Program Files\Novell\WSDriver2.
Edit wsdrv.conf:
Open the file conf\wsdrv.conf in your new directory structure. Replace all file paths with the path to the new instance directory.
For example, paths might appear for the -path, -tracefile and -connection options.
Change the port numbers (connection and HTTP) to be different from the original driver's port numbers.
For example, if the original driver uses default ports 8090 and 8091, the new instance could use 9090 and 9091. Note that these ports need to be opened in a firewall.
Create a new service:
Using the Command Prompt, run wsdriver.exe from the new instance directory with the following options:
wsdriver -installService -instance {number} -path {path}
The instance number could be 2 for the second instance, 3 for a third, and so on. The path should be the path to the new instance directory, using quote marks. Here's an example:
wsdriver -installService -instance 2 -path "C:\Program
Files\Novell\WSDriver2"
This command will create a service named Novell IDM Windows Script Driver - 2.
NOTE:If you would like to run a driver instance directly (not as a service), use the -instance option:
wsdriver -instance 2
This option is not needed for the original instance.
Create a new driver object:
Using iManager or Designer, create a new Driver Object to connect to the new instance. Alternatively, export the original driver's configuration and import it as a new driver.
After creating the Driver, open its configuration. Change the port number in Remote Loader Connection Parameters to the new instance's connection port.
Start the services and drivers:
Start the server for the original and new instances, and start the Drivers in iManager or Designer. The instances will run independently.
To remove an instance:
Stop the Service.
Uninstall the Service.
From the Command Prompt, run:
wsdriver -removeService -instance {number}
For example:
wsdriver -removeService -instance 2
Delete the files.
Delete the new directory, and all sub-directories, created for the instance.
NOTE:To remove the original instance, use the uninstall feature.
To add an instance:
Copy existing files:
After stopping your original driver, copy the file structure from /opt/novell/usdrv to your alternate instance location. For example:
cp -r /opt/novell/usdrv /opt/novell/usdrv-instance2
Create a new, separate configuration file from /etc/usdrv.conf:
Open the new configuration file, /etc/usdrv-instance2.conf, and specify the alternate path location for your new instance.
For example, paths might appear for the -path, -tracefile and -connection options.
Change the port numbers (connection and HTTP) to be different from the original driver's port numbers.
For example, if the original driver uses default ports 8090 and 8091, the new instance could use 9090 and 9091. Note that these ports need to be opened in a firewall.
Create a new, separate, startup script from the original /etc/init.d/usdrvd and change the new startup script to specify the alternate paths as well.
Create a new driver object:
Using iManager or Designer, create a new Driver Object to connect to the new instance. Alternatively, export the original driver's configuration and import it as a new driver.
After creating the Driver, open its configuration. Change the port number in Remote Loader Connection Parameters to the new instance's connection port.
Start the services and drivers:
Start the server for the original and new instances, and start the Drivers in iManager or Designer. The instances will run independently.