Configuring provisioning for Postgres

Edit online

This configuration provisioning guide provides the basic information that is needed to install and configure the Postgres adapter. The adapter enables connectivity between the IBM® Verify server and a system that runs the Postures database server.

Before you begin

Note: Postgres provisioning is not supported for trial subscriptions.
  1. Make sure Security Directory Integrator (SDI) v7.2 (PN CJ30YML) is installed in your operating system. Refer https://www.ibm.com/support/knowledgecenter/SSIGMP_1.0.0/com.ibm.itim_pim.doc/dispatcher/install_config/dispatcher_html_mstr.htm.
    Table 1. SDI part numbers

    The eAssembly and part numbers for Security Directory Integrator
    eAssembly number Operating system eImage number
    CJ30YML ®AIX CIS7MML
    ®Linux CIS7TML
    Solaris CIS7UML
    ®Windows CIS7QML
    For more information, refer IBM Security Directory Integrator Version 7.2 Download Document.
    Note: The default document is for AIX. Scroll down to step 3 to select your operating system.
  2. Install and configure Security Directory Verify Adapter RMI Integrator dispatcher for Security Directory Integrator v7.2 (PN CC7ZMML). Refer https://www.ibm.com/support/pages/ibm-security-identity-adapters-v7x and SDI Dispatcher Installation and Configuration.
  3. To onboard the Postgres application, refer Onboarding the Postgres Application.

About this task

Provisioning provides the following features.

Create new users
New users that are created through Verify are also created in the Postgres application.
Delete users
Deactivating the user or disabling the user's access to the application through Verify deletes the user in the Postgres application.
Modify user profile
Updates made to the user's profile through Verify are pushed to the Postgres application.
User suspends and restore
Suspending a user through Verify deactivates the user and restoring the user through Verify activates the user in the Postgres application.
User synchronization and remediation
Synchronization fetches all the Postgres application users, creates the users on Verify, and according to the remediation policy, modifies the attributes. Group synchronization fetches all the target application groups in Verify.
Fine grained entitlement
Fine grained entitlement is supported for the Postgres application. Synchronization fetches all Postgres application groups. Users can be added to or removed from groups.

Procedure

  1. Login to Verify as an administrator.
  2. Select Applications > Applications.
  3. Select Add application.
  4. Select application of type Postgres.
  5. To configure user provisioning in Verify, the following information is needed:
    • Tivoli Directory Integrator location
    • PostgreSQL Server Host
    • PostgreSQL Server Port
    • PostgreSQL Database Name
    • PostgreSQL Administration User Account
    • PostgreSQL Administration User Password
    • Identity agent
    • Description
    • Days password will expire