To view or change an Identity Vault’s settings, double-click the Identity Vault object in the Outline view or the Modeler.
The Identity Vault Properties page has several options. In addition, you can configure a hostname in the hosts file.
The following table contains a description of each of the Identity Vault configuration settings.
Table 3-2 Configuration Settings for an Identity Vault
Field |
Description |
---|---|
Vault name |
The name of the Identity Vault object. The default is Identity Vault. |
Host |
The eDirectory host where you plan to log in and deploy. |
Username |
The eDirectory username in LDAP format that has sufficient rights to make changes to objects associated with this deployment. For example, cn=admin,ou=sa,o=system. |
Password |
The password for the eDirectory username. |
Save Password |
Saves the password permanently, so you are authenticated into this Identity Vault each time you open Designer. If you use this option, the password is saved locally in Designer’s file system and is not secure. If you do not select this option, the password is remembered only until you close Designer. |
Secure Connection |
You can enable a secure or a non-secure connection between Designer and the Identity Vault. Secure Connection: In a secure connection, the LDAP server listens on port 636 by default. If you configured the secure port as 700, specify this port number in the Host field. For example, 192.99.78.51:700. When connecting through a secure port, Designer prompts you to import the Identity Vault’s Certificate Authority certificate into Designer. You must accept this certificate to establish a secure connection with the Identity Vault. Designer provides the following options to accept the certificate:
To change the certificate import settings, go to the Modeler preferences and click Window > Preferences > NetIQ > Designer > LDAP Connection. Non-secure Connection: If you use a non-secure connection, all the information you enter, such as user names and passwords, is sent over the wire in clear text. The LDAP server listens on port 389 in a non-secure connection by default. NOTE:For security reasons, named passwords will be deployed only in a secure connection. If you want to use a non-default port, specify the port number of the LDAP server for establishing a connection. To change the secure and non-secure port numbers, open the Properties view of an Identity Vault and change the default values for ldapSecureTextPort and ldapClearTextPort fields respectively. If you add additional servers to the Identity Vault after initial connection, Identity Vault automatically assigns the default secure and non-secure port numbers to the server. |
Test Connection |
Selecting this button allows the user to create, or, if a connection is unresponsive, to re-create a connection to the Identity Vault. If a connection has not been established to the Identity Vault, the button displays Test connection. After a connection is established, the button displays Refresh connection. |
Deploy Context |
The default DN container assigned to all driver sets that are associated with this Identity Vault. If you specify a DN container on the Driver Set object, that setting takes precedence over the default setting. |
Enable Package Developer Mode |
Enables additional features in Designer to allow developers to create packages. For more information, see Section 7.0, Developing Packages. |
The Administrator option is divided into three sections. Entering information in these sections is optional.
Personal Information: Lets you enter information specific to the Identity Vault, such as Name, Title, Department, and Location.
Contact Information: Lets you enter information such as Email, Phone, Cell Phone, Pager, and Fax.
Notes: Allows you to type any reminders you might need for future reference.
The Workflow Forms option allows you to configure the Form Backend URL for each Identity Vault instances individually.
To configure a URL, click Add Registry and then specify the DNS or IP Address of the server where Workflow Forms will be rendered. Similarly, to delete an existing URL, click Delete Registry.
NOTE:If you do not configure the Form Backend URL using this option, the configuration details specified in the ServiceRegistry.json file will be considered. The ServiceRegistry.json file can be located at the following directories based on your platform:
Linux: /<designer installed location>/configuration
Windows: C:\netiq\idm\apps\Designer\configuration
The Packages option allows you to manage any packages at the Identity Vault level. A package at the Identity Vault level contains Notification Templates or sample data such as users or the Identity Vault structure. Identity Vault packages are applied to all of the drivers that reside in the selected Identity Vault.
The following table lists the options available to manage packages. For more information about packages, see Section 6.0, Understanding Packages.
Table 3-3 Managing Packages Options
Options |
Descriptions |
---|---|
Add package |
Adds a package to the Identity Vault. You must add a package before you can install a package. Click the Add package icon, then select the package to install and click OK. |
Create package |
The Create package option is only available if the Enable Package Developer Mode is selected in the Identity Vault Configuration page. Only developers create packages for redistribution. |
Package |
Lists the name and current state of the package. |
Version |
Lists the version of the package. |
Upgrades |
Indicates that there is a newer version of a package imported into the package catalog, but it has not been installed. The package needs to be upgraded. |
Operation |
Lists the following operations that can be performed on a package:
|
The Server List option displays the servers that are associated with the selected Identity Vault. You can add, edit, or remove the server entries.
NOTE:If you select the option to allow a default server to be created, that server shows up as Default Server.default_container in the list. You cannot deploy a driver set into an existing eDirectory tree if you have Default Server.default_container in the Server List. You must first remove this reference and add a Identity Manager server in an eDirectory tree.
The iManager option displays the URL that Designer uses to launch the NetIQ iManager administrative tool. You can modify this URL as needed.
To launch iManager from Designer, select Tools > iManager.
If desired, Designer supports designating a hostname for your Identity Vault by adding an entry to the hosts file of your local operating system. After assigning a hostname to the Host address of your Identity Vault, you can use the hostname instead of an IP address or DNS name to access the Identity Vault.
For example, if your Identity Vault has a host address of 192.168.100.254, you can associate the name ID-VAULT to that address in your local hosts file. Then, in Designer, you can refer to the Identity Vault by the name ID-VAULT instead of using the IP address.
For more information about using your local hosts file, consult your operating system’s documentation.