3.6 Post-Update Tasks

Log in to the server where you want to extend the Identity Vault schema.

Create a new file in your preferred directory.

For example, create nrf-extensions.sch file in the C:\Temp directory.

Open the nrf-extensions.sch file and add the following content:

--
-- The nrfResourceWeightage attribute contained by nrfResource object class specifies the weightage of
-- resource object which is used for assignment/revocation based on priority
--
NDSSchemaExtensions DEFINITIONS ::=
BEGIN
"nrfResourceWeightage" ATTRIBUTE ::=
{
                Operation                           ADD,
                Flags                                      {DS_SYNC_IMMEDIATE, DS_SINGLE_VALUED_ATTR},
                SyntaxID                              SYN_INTEGER,                
                ASN1ObjID                         {2 16 840 1 113719 1 33 4 174}
}


"nrfResource" OBJECT-CLASS ::=
{
    Operation   MODIFY,
    MayContain  {"nrfResourceWeightage"}
}
END

Navigate to the C:\NetIQ\eDirectory\ directory.

Run the following command to extend the schema:

ice -l <schema_update_log> -C -a -S SCH -f <file that you created in step 2> -D LDAP -s <eDirectory DNS name/IP> -p <LDAP port> -d <eDirectory_admin_dn> -w <eDirectory_admin_password>

where,

-C -a updates the destination schema.

-f indicates the schema file (sch).

-p indicates the port number of the LDAP server. The default port is 389. For secure communication, use port 636. Secure communication needs an SSL Certificate.

-L indicates a file in DER format containing a server key used for SSL authentication.

-s indicates the DNS name or IP address of the LDAP server.

For example,

ice -l schemaupdate.log -C -a -S SCH -f C:\Temp\nrf-extensions.sch -D LDAP -s idmorg.com -p 636 -d cn=admin,ou=idm,o=microfocus -w password -L cert.der

Update the Role and Resource Service Driver to 4.8.4. For more information, refer to the section Update Driver Packages.

Restart the Identity Vault.