The identity applications must be able to interact with the objects in your Identity Vault. To improve the performance of the identity applications, the Identity Vault Administrator should create value indexes for the manager, ismanager, and srvprvUUID attributes. Without value indexes on these attributes, the identity applications users can experience impeded performance, particularly in a clustered environment.
You can create these value indexes after completing the identity applications installation by using one of the following methods:
iManager. Use Index Manager. For more information, see Creating an Index in the NetIQ eDirectory Administration Guide.
Configuration utility. Navigate to Miscellaneous > Identity Vault Indexes, then select Create from Server DN and specify a value for it. Click OK and then restart the Identity vault to save your changes.
If you have custom certificates for Identity Applications and Identity Reporting components, import those certificates into cacerts in the Identity Vault (/opt/netiq/common/jre/lib/security/cacerts).
For example, you can use the following keytool command to import certificates into the Identity Vault:
keytool -import -trustcacerts -alias <User Application certificate alias name> -keystore <cacerts file> -file <User Application certificate file>
If you install SSPR on a different server than the User Application server, import the SSPR application certificate into idm.jks in the User Application (/opt/netiq/idm/apps/tomcat/conf/idm.jks).
For example, you can use the following keytool command to import certificates into User Application:
keytool -import -trustcacerts -alias <SSPR certificate alias name> -keystore <idm.jks> -file <SSPR certificate file>