A.1 Driver Configuration

In iManager:

  1. Click Driver icon to display the Identity Manager Administration page.

  2. Open the driver set that contains the driver whose properties you want to edit:

    1. In the Administration list, click Identity Manager Overview.

    2. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.

    3. Click the driver set to open the Driver Set Overview page.

  3. Locate the driver icon, then click the upper right corner of the driver icon to display the Actions menu.

  4. Click Edit Properties to display the driver’s properties page.

    By default, the Driver Configuration page is displayed.

In Designer:

  1. Open a project in the Modeler.

  2. Right-click the driver icon or line, then select click Properties > Driver Configuration.

The Driver Configuration options are divided into the following sections:

A.1.1 Driver Module

The driver module changes the driver from running locally to running remotely or the reverse.

Java: Used to specify the name of the Java class that is instantiated for the shim component of the driver. This class can be located in the classes directory as a class file, or in the lib directory as a .jar file. If this option is selected, the driver is running locally.

The name of the Java class is com.trivir.idm.driver.ace.AceDriverShim.

Native: This option is not used with the driver.

Connect to Remote Loader: Used when the driver is connecting remotely to the connected system. Designer includes two suboptions:

  • Remote Loader Configuration for Documentation: Includes information on the Remote Loader client configuration when Designer generates documentation for the driver.

  • Driver Object Password: Specifies a password for the Driver object. If you are using the Remote Loader, you must enter a password on this page. Otherwise, the remote driver does not run. The Remote Loader uses this password to authenticate itself to the remote driver shim.

A.1.2 Driver Object Password (iManager Only)

Driver Object Password: Use this option to set a password for the driver object. If you are using the Remote Loader, you must enter a password on this page. Otherwise, the remote driver does not run. The Remote Loader uses this password to authenticate itself to the remote driver shim.

A.1.3 Authentication

The Authentication section stores the information required to authenticate to the connected system.

Authentication information for server: Displays or specifies the IP address or server name that the driver is associated with

Authentication ID: Specifies the RSA Authentication Manager 7.1 administrative user that the driver will use for authentication. For example, rsadriver. This is the user created in Section 3.1, Creating an RSA Authentication Manager 7.1 User Object with SuperAdminRole Rights. This field should be left blank for RSA Authentication Manager 6.1

Authentication Context: Specify the IP address or name of the RSA server.

Remote Loader Connection Parameter: Used only if the driver is connecting to the application through the Remote Loader. The parameter to enter is hostname=xxx.xxx.xxx.xxx port=xxxx kmo=certificatename, when the hostname is the IP address of the application server running the Remote Loader server and the port is the port the Remote Loader is listening on. The default port for the Remote Loader is 8090.

The kmo entry is optional. It is used only when an SSL connection exists between the Remote Loader and the Metadirectory engine.

Example: hostname=10.0.0.1 port=8090 kmo=IDMCertificate.

Application Password: Specify the password for the user object listed in the Authentication ID field. This is the password created in Section 3.1, Creating an RSA Authentication Manager 7.1 User Object with SuperAdminRole Rights. This field should be left blank for RSA Authentication Manager 6.1.

Remote Loader Password: Used only if the driver is connecting to the application through the Remote Loader. The password is used to control access to the Remote Loader instance. It must be the same password specified during the configuration of the Remote Loader on the connected system.

Cache limit (KB): Specify the maximum event cache file size (in KB). If it is set to zero, the file size is unlimited. Click Unlimited to set the file size to Unlimited in Designer.

A.1.4 Startup Option

The Startup Option section allows you to set the driver state when the Identity Manager server is started.

Auto start: The driver starts every time the Identity Manager server is started.

Manual: The driver does not start when the Identity Manager server is started. The driver must be started through Designer or iManager.

Disabled: The driver has a cache file that stores all of the events. When the driver is set to Disabled, this file is deleted and no new events are stored in the file until the driver state is changed to Manual or Auto Start.

Do not automatically synchronize the driver: This option applies only if the driver is deployed and was previously disabled. If this option is not selected, the driver re-synchronizes the next time it is started.

A.1.5 Driver Parameters

The Driver Parameters section lets you configure the driver-specific parameters. When you change driver parameters, you tune driver behavior to align with your network environment. The parameters are divided into different categories:

Driver Options

RSA API Version: When you are connecting to RSA Authentication Manager 7.1, choose 7.1. When you are connecting to RSA Authentication Manager 6.1, choose 6.1.

RSA Command Client User (7.1): Specify the command client user for your RSA 7.1 installation. This information was gathered in Obtaining the Command Client Username and Password.

RSA Command Client Password (7.1): Specify the command client password for your RSA 7.1 installation. This information was gathered in Obtaining the Command Client Username and Password

RSA Realm (7.1): Specify the RSA realm containing the driver user specified in the Authentication ID.

Weblogic Library Directory (7.1): Specify the location of the RSA/Weblogic .jar files that were copied during Copying RSA Files.

RSA Keystore File (7.1): Specify the location of the keystore created during Exporting the Root Certificate.

Subscriber Options

The RSA driver does not currently have Subscriber Options.

Publisher Options

Disable Publisher: Specify whether the publisher polls RSA Authentication Manager for changes.

Polling Interval in Minutes: Specify the interval at which the driver checks RSA Authentication Manager for changes. When new changes are found, they are applied to the Identity Vault.

Heartbeat Interval in Minutes: Specify how many minutes of inactivity should elapse before this channel sends a heartbeat document. In practice, more than the number of minutes specified can elapse. That is, this parameter defines a lower bound.

A.1.6 ECMAScript

This section displays an ordered list of ECMAScript resource files. The files contain extension functions for the driver that Identity Manager loads when the driver starts. You can add additional files, remove existing files, or change the order the files are executed.

A.1.7 Global Configuration

This section displays an ordered list of Global Configuration objects. The objects contain extension GCV definitions for the driver that Identity Manager loads when the driver is started. You can add or remove the Global Configuration objects, and you can change the order in which the objects are executed.