3.1 Creating the User Application Driver in iManager

The Roles Based Provisioning Module stores application-specific data in the User Application driver to control and configure the application environment. This includes the application server cluster information and the workflow engine configuration.

You must create a separate User Application driver for each Identity Manager Roles Based Provisioning Module, except for Roles Based Provisioning Modules that are members of a cluster. Roles Based Provisioning Modules that are part of the same cluster must share a single User Application driver. For information on running the Roles Based Provisioning Module in a cluster, see the User Application: Administration Guide.

IMPORTANT:Configuring a set of non-cluster Roles Based Provisioning Modules to share a single driver creates ambiguity for one or more of the components running inside the Roles Based Provisioning Module. The source of the resulting problems are difficult to detect.

To create a User Application driver and associate it with a driver set:

  1. Open iManager in a Web browser.

    Use iManager 2.6 (for Identity Manager 3.5.1) or iManager 2.7 (for Identity Manager 3.6).

  2. Go to Roles and Tasks > Identity Manager Utilities and select New Driver or Import Configuration (depending on the version of the plug-ins you are using).

    For Identity Manager 3.5.1, use the New Driver link.

    For Identity Manager 3.6, use the Import Configuration link.

  3. To create the driver in an existing driver set, select In an existing driver set, click the object selector icon, select a driver set object, click Next, and continue with Step 4.

    or

    If you need to create a new driver set (for example, if you are placing the User Application driver on a different server from your other drivers), select In a new driver set, click Next, then define the new driver set properties.

    1. Specify a name, a context, and a server for the new driver set. The context is the eDirectory™ context where the server object is located.

    2. Click Next.

  4. Click Import a driver configuration from the server (.XML file).

  5. Select the User Application driver configuration file from the drop-down list. The file name is:

    UserApplication_3_6_1-IDM3_5_1-V1.xml

    If this file is not in the list, the Role Service driver might not be installed correctly. Refer to Section 2.6.1, Installing the Role Service Driver by Using the GUI.

  6. Click Next.

  7. You are prompted for parameters for your driver. (Scroll to view all.) Make a note of the parameters; you need them when you install the Roles Based Provisioning Module.

    Field

    Description

    Driver Name

    The name of the driver you are creating.

    Authentication ID

    The distinguished name of the User Application Administrator. This is a User Application Administrator to whom you are giving rights to administer the User Application portal. Use the eDirectory™ format, for example admin.orgunit.novell, or browse to find the user. This is a required field.

    Password

    Password of the User Application Administrator specified in the Authentication ID.

    Application Context

    The User Application context. This is the context portion of the URL for the User Application WAR file. The default is IDM.

    Host

    The hostname or IP address of the application server where the Identity Manager User Application is deployed.

    If the User Application is running in a cluster, type the dispatcher’s hostname or IP address.

    Port

    The port for the host you listed above.

    Allow Override Initiator:

    Select Yes to allow the Provisioning Administrator to start workflows in the name of the person for whom the Provisioning Administrator is designated as proxy.

  8. Click Next.

  9. Click Define Security Equivalences to open the Security Equals window. Browse to and select an administrator or other Supervisor object, then click Add.

    This step gives the driver the security permissions it needs. Details about the significance of this step can be found in your Identity Manager documentation.

  10. (Optional, but recommended) Click Exclude Administrative Roles.

  11. Click Add, select users you want to exclude for driver actions (such as administrative roles), click OK twice, then click Next.

  12. Click OK to close the Security Equals window, then click Next to display the summary page.

  13. If the information is correct, click Finish or Finish with Overview.

IMPORTANT:The driver is turned off by default. Leave the driver off until the Roles Based Provisioning Module has been installed.