Configuration Examples
The following examples are configuration YAML files for the IBM® Security Verify Directory Integrator container.
Note: Details on the configuration entries that are supported by the containers can be found in the YAML Specification.
Verify Directory Integrator Base
The following YAML shows the minimum configuration to start a IBM® Security Verify Directory Integrator Base container.
general:
license:
key: "insert-license-key-here"
accept: true
server:
assembly-line-file: "insert-assembly-line-xml-file-here"
assembly-lines:
- "insert-assembly-line-name-here"
The following example is a more typical and complete YAML configuration.
debug:
startup: false
runtime: all
general:
memory:
minimum: 256
maximum: 512
logging:
json-logging: false
license:
accept: true
key: "insert-license-key-here"
server:
assembly-line-file: "insert-assembly-line-xml-file-here"
assembly-lines:
- "insert-assembly-line-name-here"
exit-on-completion: false
keyfile:
keys:
- label: "server-key"
key: "@/var/IBM/svdi/config/server.key"
Verify Directory Integrator SCIM
The following YAML shows the minimum configuration to start a IBM® Security Verify Directory Integrator SCIM container.
general:
license:
key: "insert-license-key-here"
accept: true
scim:
ldap-servers:
group-details:
search-base: o=ibm,c=us
urls:
- ldap://ldap.ibm.com:9389
user-details:
search-base: o=ibm,c=us
server:
location: https://scim.ibm.com/v1
The following example is a more typical and complete YAML configuration.
debug:
startup: false
runtime: all
general:
memory:
minimum: 256
maximum: 512
logging:
json-logging: false
license:
accept: true
key: "insert-license-key-here"
scim:
ldap-servers:
group-details:
search-base: o=ibm,c=us
urls:
- ldaps://ldap.ibm.com:9636
user-details:
search-base: o=ibm,c=us
server:
location: https://scim.ibm.com/v1
authentication:
realm: ibm.com
tenants:
map-names: true
base: o=ibm,c=us
users:
- access:
- all
ldap-name: cn=root
ldap-password: passw0rd1
name: scim-admin
password: passw0rd
keyfile:
trusted-certificates:
- "@/var/IBM/svdi/config/ca.crt"
Verify Directory Integrator FDS
The following YAML shows the minimum configuration to start a IBM® Security Verify Directory Integrator FDS container. The container image makes the FDS Console available on port 1098. If needed, expose this port to enable external access. For additional details on the FDS Console, refer to Accessing the Federated Directory Server console
general:
license:
key: "insert-license-key-here"
accept: true
fds:
connection:
ibm-directory:
authentication:
name: cn=root
password: passw0rd1
target-container: o=ibm,c=us
url: ldap://ldap.ibm.com
type: ibm-directory
endpoints:
- ibm-directory:
authentication:
name: cn=root
password: passw0rd1
target-container: o=ibm,c=us
url: ldap://endpoint.ibm.com
name: my-target
flows:
- name: "my-flow"
source:
name: "my-target"
schedule:
type: timer
The following example is a more typical and complete YAML configuration.
debug:
startup: false
runtime: all
general:
memory:
minimum: 256
maximum: 512
logging:
json-logging: false
license:
accept: true
key: "insert-license-key-here"
fds:
config-source: yaml
ui:
authentication:
local:
- name: admin
password: passw0rd
type: local
enabled: true
connection:
ibm-directory:
authentication:
name: cn=root
password: passw0rd1
target-container: o=ibm,c=us
url: ldaps://ldap.ibm.com:636
type: ibm-directory
endpoints:
- ibm-directory:
authentication:
name: cn=root
password: passw0rd1
target-container: o=ibm,c=us
url: ldaps://endpoint.ibm.com
name: my-target
flows:
- name: "my-flow"
source:
name: "my-target"
schedule:
type: timer
timer:
time:
minute: "0,30"
keyfile:
trusted-certificates:
- "@/var/IBM/svdi/config/ca.crt"