Service/Target form details

Complete the service/target form fields.

You must create a user account for the adapter on the managed resource. The accounts must be able to remotely connect to the PostgreSQL and must have sufficient privileges to administer PostgreSQL users.

Table 1. Required privileges and their descriptions
Privilege	Description
CREATEROLE	Database administrator authority
SUPERUSER	Security administrator authority
SELECT on pg_authid	User must have select access on table `pg_authid`

On the PostgreSQL Connection tab:

Service name

Specify a name that defines the adapter service on the IBM® Security Identity server.

Note: Do not use forward (/) or backward slashes (\) in the service name.

Description

Optional: Specify a description that identifies the service for your environment.

Tivoli Directory Integrator location

Specify the URL for the IBM Security Directory Integrator instance. The valid syntax for the URL is rmi://ip-address:port/ITDIDispatcher, where ip-address is the IBM Security Directory Integrator host and port is the port number for the RMI Dispatcher.

The default URL for the default SDI1 instance is rmi://localhost:1099/ITDIDispatcher.

The following table shows the ports that are open in the firewall for every instance that is created. However, usage of these port numbers do not support high availability.

Table 2. Ports
Instance	Ports
SDI1	1199, 1198, 1197, 1196, 1195, 1194
SDI2	2299, 2298, 2297, 2296, 2295, 2294
SDI3	3399, 3398, 3397, 3396, 3395, 3394
SDI4	4499, 4498, 4497, 4496, 4495, 4494
SDI5	5599, 5598, 5597, 5596, 5595, 5594
SDI6	6699, 6698, 6697, 6696, 6695, 6694
SDI7	7799, 7798, 7797, 7796, 7795, 7794
SDI8	8899, 8898, 8897, 8896, 8895, 8894
SDI9	9999, 9998, 9997, 9996, 9995, 9994
SDI10	11099, 11098, 11097, 11096, 11095, 11094

For a high availability implementation, use any of these port numbers.

1099
2099
3099

PostgreSQL Server Host

Specify the host IP or name on which the PostgreSQL server is running.

PostgreSQL Server Port

Specify the TCP port on which the PostgreSQL server is running. You can specify 5432 to use the default PostgreSQL port.

PostgreSQL Database Name

Specify the database name of the PostgreSQL database that you want to manage, for example POSTGRES.

PostgreSQL Administration User Account

Specify the name of the user who has access to the PostgreSQL resource and who can do administrative operations.

PostgreSQL Administration User Password

Specify the password for the user.

On the Dispatcher Attributes tab:

Assembly Line File System Path

Optionally, you can specify the path from where the Dispatcher loads the assembly lines. If you do not specify a file path, the Dispatcher loads the default assembly lines from the adapter’s profile

For example:

Windows operating system:: C:\Program Files\IBM\SDI\V7.2\profiles
UNIX and Linux operating system: /opt/IBM/SDI/V7.2/profiles

Disable Assembly Line Caching: Select the check box to disable the assembly line caching in the dispatcher for the service. When disabled, the assembly lines for the Add, Modify, Delete, and Test operations are not cached.
When enabled, the entire assembly line object is saved in the cache. The connection to the PostgreSQL resource is maintained. The next request that the adapter receives can reuse this connection. Creating a new connection to the PostgreSQL resource can take a lot of time. Caching data can save time and resource utilization.
Max Connection Count: Specify the maximum number of assembly lines that the dispatcher can run simultaneously for the service. Enter 10 if you want the dispatcher to run a maximum of 10 assembly lines simultaneously for the service. If you enter 0 in the Max Connection Count field, the dispatcher does not limit the number of assembly lines that are run simultaneously for the service.

On the Status and information tab

Contains read only information about the adapter and managed resource. These fields are examples. The actual fields vary depending on the type of adapter and how the service form is configured. The adapter must be running to obtain the information. Click Test Connection to populate the fields.

Last status update: Date: Specifies the most recent date when the Status and information tab was updated.
Last status update: Time: Specifies the most recent time of the date when the Status and information tab was updated.
Managed resource status: Specifies the status of the managed resource that the adapter is connected to.
Adapter version: Specifies the version of the adapter that the service uses to provision request to the managed resource.
Profile version: Specifies the version of the profile that is installed in the IBM Security Identity server.
TDI version: Specifies the version of the Security Directory Integrator on which the adapter is deployed.
Dispatcher version: Specifies the version of the dispatcher.
Installation platform: Specifies summary information about the operating system where the adapter is installed.
Adapter account: Specifies the account that is running the adapter binary file.
Adapter up time: Date: Specifies the date when the adapter started.
Adapter up time: Time: Specifies the time of the date when the adapter started.
Adapter memory usage: Specifies the memory usage for running the adapter.

If the connection fails, follow the instructions in the error message. Also

Verify the adapter log to ensure that the test request was successfully sent to the adapter.
Verify the adapter configuration information.
Verify service parameters for the adapter profile. Verify parameters such as the work station name or the IP address of the managed resource and the port.