Topic
  • 3 replies
  • Latest Post - ‏2013-01-02T21:10:06Z by SystemAdmin
WiseMind
WiseMind
4 Posts

Pinned topic TAM E-SSO integration with IBM Tivoli Directory Server and IBM WAS

‏2012-12-31T12:29:45Z |
Hi,

We were using IBM WAS SSO for single-sign on solution before. Now we want to replace it with TAM E-SSO, could you please help me out how to start? Which product are necessary to download in Linux environment?

We are already using following product line

1. IBM WebSPhere Application Server v7
2. IBM Tivoli LDAP server v6.3
3. WebSPhere SSO settings on WAS A/S

Please advise. And how application's security would be applicable using TAM E-SSO. As we have applications deployed on IBM Websphere A/S.

Thanks
Updated on 2013-01-02T21:10:06Z at 2013-01-02T21:10:06Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    704 Posts

    Re: TAM E-SSO integration with IBM Tivoli Directory Server and IBM WAS

    ‏2012-12-31T17:29:51Z  
    I'd start by reading through the ESSO Deployment Guide, if you already have WAS in house you should be able to install the TAM ESSO IMS Server application on your existing environment if you choose.
    http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.itamesso.doc/IBM_TAM_ESSO_DeploymentGuide_pdf.pdf
  • WiseMind
    WiseMind
    4 Posts

    Re: TAM E-SSO integration with IBM Tivoli Directory Server and IBM WAS

    ‏2013-01-01T07:32:34Z  
    I'd start by reading through the ESSO Deployment Guide, if you already have WAS in house you should be able to install the TAM ESSO IMS Server application on your existing environment if you choose.
    http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.itamesso.doc/IBM_TAM_ESSO_DeploymentGuide_pdf.pdf
    Thanks Daryl for the information provided.

    Could you please tell how things will be going. We have already IBM WAS and IBM Tivoli Directory Server. So how TAM ESSO will interact with these technology?

    Which product should I need to install first and hereafter. As you told me install IMS Server. So what would be architecture? Could you please explain a little? As I have already heard TAM ESSO uses Tivoli Directory Server at backend. so how IBM WAS will interact with them.

    There is little bit confusion here. Please advice.

    Thanks
  • SystemAdmin
    SystemAdmin
    704 Posts

    Re: TAM E-SSO integration with IBM Tivoli Directory Server and IBM WAS

    ‏2013-01-02T21:10:06Z  
    • WiseMind
    • ‏2013-01-01T07:32:34Z
    Thanks Daryl for the information provided.

    Could you please tell how things will be going. We have already IBM WAS and IBM Tivoli Directory Server. So how TAM ESSO will interact with these technology?

    Which product should I need to install first and hereafter. As you told me install IMS Server. So what would be architecture? Could you please explain a little? As I have already heard TAM ESSO uses Tivoli Directory Server at backend. so how IBM WAS will interact with them.

    There is little bit confusion here. Please advice.

    Thanks
    Ok so the first thing you will need is a existing Directory Server.

    IBM Security Access Manager for Enterprise Single Sign-On supports integration with either an Active Directory or any generic LDAP Server. IMS Server uses the WebSphere Application Server Virtual Member Manager component to communicate with these servers.

    IBM Security Access Manager for Enterprise Single Sign-On does not change the directory schema or write any data on the enterprise directory server. The IMS Server connects to the enterprise directory server in the following scenarios:
    • New user registrations
    • Change and reset password requests for deployments with Active Directory password synchronization
    • New machine registration for deployments with Active Directory as the enterprise directory
    • Verification of Active Directory password before resynchronization
    • Search by LDAP attribute

    Only users with accounts in the designated enterprise directory can sign-up for an IBM Security Access Manager for Enterprise Single Sign-On account. Only users with active enterprise directory accounts can access their IBM Security Access Manager for Enterprise Single Sign-On Wallet.

    Supported Directory servers: Microsoft Windows Active Directory, Microsoft Windows Active Directory 2003 Service Pack 2 (x86)
    2008 Service Pack 2 (x86 and x64)
    2008 R2 Service Pack 1 (x64)

    IBM Tivoli® Directory Server (6.2.0 & 6.3.0)

    LDAP compatible directory server (3.0)

    Next you need to make sure your existing WAS environment will meet the requirements.
    WAS App Server 7.0 with the latest fix pack
    WAS HTTP Server 7.0 with the latest fix pack

    Database IBM DB2 (Workgroup and Enterprise Server Edition) with DB2 JDBC driver 4.0 (9.5 and 9.7)

    Oracle DB 10g R2, 11g R1 and 11g R2

    Microsoft SQL Server (Standard and Enterprise Editions) with SQL JDBC driver 3.0

    You middleware will need to be in place prior to you starting the IMS Server installation. The Installtion Guide will take you through the process of working in WebSphere, setting up your profiles in WAS and configuring the Application Server and HTTP Server.

    Depending your requirements for Single IMS Server or Cluster your actual deployment steps are going to very.
    Existing knowledge of WebSphere will be a must for a successful deployment, this is not a installation to learn as you go.

    During the installation of the IMS Server the IMS Configuration Wizard will help guide you through the following tasks.
    • Set up the data sources (DataBase setup).
    • Update certificates.
    • Set up the IMS Server URL.
    • Configure the IMS Server for directory servers.