4.1 Providing Identity Vault Connection Information

  1. In a supported Web browser, enter the Role Mapping Administrator address. For example:

    http://server:port

    where server:port is the DNS (or IP address) and port of the server that is hosting the application. By default, the port is 8081.

    The Role Mapping Administrator configuration login page is displayed.

  2. Specify the configuration administration password set during the installation, then click Login.

    The Role Mapping Administrator Configuration page is displayed.

  3. Fill in the following fields:

    Vault Display Name: Specify a display name for the Identity Vault in the Role Mapping Administrator.

    Role Vault Address: Specify the DNS address of the Identity Vault. IP addresses are accepted but not recommended.

    Role Vault Port: Specify the Identity Vault port. The default port is 389 or 636 for SSL.

    Use SSL: Select this option to connect to the Identity Vault through SSL. For additional configuration steps, see Section 4.4.1, Enabling an SSL Connection from the Role Mapping Administrator to the Identity Vault.

    Admin DN: Specify the LDAP distinguished name (LDAP DN) of an Identity Vault administrator user. The administrator user provides a proxy through which the Role Mapping Administrator can perform LDAP operations in the Identity Vault.

    Admin Password: Specify the password for the administrator user.

    Root User Container: Browse to the root container for the user objects in the Identity Vault.

    The container must be specified by the fully qualified LDAP DN. For example:

    ou=users,ou=data,o=novell

    User App Driver DN: Browse to the User Application driver located in the Identity Vault.

    The driver must be specified by the fully qualified LDAP DN. For example:

    cn=UserApp1,cn=IDMDrivers,o=novell

    Driver Discovery DN: Specify the root location to search for drivers. For example, if you only have one driver set, specify the driver set. If you have multiple driver sets, specify the container that holds the driver sets.

    If this field is left blank, an LDAP search is performed of the entire Identity Vault. If you change this value after you have loaded the authorizations, the authorizations can change.

    Access Manager Logout URL: (Optional) Specify the URL for the Access Manager Identity Server. This is allows for simultaneous logout from the Role Mapping Administrator and Access Manager. Having a value in this field does not enable this behavior. For more information, see Section 6.0, Configuring Authentication.

    Resource Category: Specify the default resource category for creating the resources.

  4. Click Save.

    NOTE:To add multiple profiles, click the Add a Configuration Profile button. To remove any profile, click the Delete Configuration Profile button.

  5. Click Login To Role Mapping Administrator to launch the Role Mapping Administrator.