Skip to main content

By clicking Submit, you agree to the developerWorks terms of use.

The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

  • Close [x]

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

By clicking Submit, you agree to the developerWorks terms of use.

All information submitted is secure.

  • Close [x]

developerWorks Community:

  • Close [x]

Hello World: Tivoli Identity Manager

Manage user accounts in an LDAP directory

Wes Wardell, Staff Software Developer, IBM
Author photo
Wes Wardell is currently working in the SOA Advanced Technology Design Center in the IBM Toronto Lab. In 2005, he co-authored one of IBM's Redbooks about IBM Tivoli Identity Manager version 4.5.1. He holds a degree in computing and computer electronics from Wilfrid Laurier University, Canada.

Summary:  Welcome to the eleventh tutorial in the "Hello, World" series, which provides high-level overviews of various IBM® software products. This tutorial offers an introduction to Tivoli® Identity Manager Express V4.6. It includes practical, hands-on exercises in which you will set up Tivoli Identity Manager Express to manage accounts in an LDAP user directory.

View more content in this series

Date:  12 Mar 2007
Level:  Introductory PDF:  A4 and Letter (1306 KB | 32 pages)Get Adobe® Reader®

Activity:  36984 views

Preparing ITIM

The sections that follow will walk you through the setup and usage of Tivoli Identity Manager Express, showing you how to centrally manage user accounts. Some of the setup details will vary between the different systems that ITM can manage (DB2, Lotus Notes, Windows, LDAP, etc.), but the general process is the same. For this example, you'll focus on managing an LDAP user directory. You'll use the ITIM Web interface to accomplish the following tasks:

  • Defining an ITIM service for interacting with the LDAP directory
  • Managing LDAP accounts: retrieving existing LDAP accounts into ITIM, and deleting an LDAP entry
  • Adding a user into ITIM
  • Configuring the identity policy that governs how user IDs will be created in the LDAP directory
  • Mapping user attributes to LDAP attributes
  • Creating an LDAP account for the new user

This tutorial makes use of the Tivoli Directory Server installed as part of your ITIM installation. Before you can begin these tasks, you'll need to set up the sample data. Download the file sample.ldif and run the following commands in a command window:

  1. Stop Tivoli Directory Server:
    net stop idsslapd-ldapdb2

  2. Create the suffix:
    idscfgsuf -s o=ibm,c=us

  3. Restart Tivoli Directory Server:
    net start idsslapd-ldapdb2

  4. Import the users (replace the user ID cn=root and password hell0ADM with the values you used when installing ITIM):
    idsldapadd -D cn=root -w hell0ADM -i sample.ldif

3 of 13 | Previous | Next


Zone=Service management, Security, Tivoli
TutorialTitle=Hello World: Tivoli Identity Manager