GitHubContribute in GitHub: Open doc issue|Edit online

Plug-in API properties file

Run the com.tivoli.pd.rgy.until.RgyConfig tool to create and set up the API properties file for the plug-in with the IBM Java runtime environment.

Note: An IBM Java runtime environment is in the tdi_install_dir/jvm/jre/bin folder.

Syntax

java -cp tdi_install_dir/jars/com.tivoli.pd.rgy.jar 
     com.tivoli.pd.rgy.util.RgyConfig properties_file_destination  
     create Default Default "ldaphostname:389:readwrite:5" 
     "DN" DN_password

Parameters

properties_file_destination

Specifies the full path to the file that is created when you run this command.

The default value is the following relative path: LDAPSync/ISAM_API.properties.

ldaphostname:port:

settings

Specifies the following details:

  • Host name of the LDAP server with which IBM Security Access Manager is configured. The LDAP server host name is specified in the Security Access Manager runtime configuration file.
  • Port number of the LDAP server. The default value is 389. You can change this value.
  • The setting, which is :readwrite:5.

Enclose the entire value,

ldaphostname:port:

settings, in double quotation marks.

DN

Specifies the LDAP Distinguished Name (DN) for authenticating to IBM Security Access Manager. Enclose the value in double quotation marks.

DN_password

Specifies the corresponding password for the DN.

Example

java -cp tdi_install_dir/jars/com.tivoli.pd.rgy.jar
     com.tivoli.pd.rgy.util.RgyConfig 
     sdi_solution_dir/LDAPSync/ISAM_API.properties
     create Default Default "ldapSamServer:389:readwrite:5"  "cn=root" cnrootpassword

Default in the command statement corresponds to the IBM Security Access Manager domain with which it is to be integrated and the value that is set in the IBM Security Access Manager plug-in AssemblyLine parameters.

The result looks similar to the following properties file, where the property settings reflect the values that were specified when the RgyConfig tool was run.

#IBM Tivoli Access Manager
#Mon Dec 03 10:40:06 MHT 2013
ldap.ssl-enable=false
ldap.bind-pwd={obf2}dwTRqM+riTiJyfwSscdYIsiAAb2aAXkqmJrtiJm2Hp4\=
ldap.bind-dn=cn\=root
ldap.mgmt-version=6.1.1
ldap.svrs=ldapSamServer \1:389\:readwrite\:5;
local_domain=Default
ldap.mgmt=true
mgmt_domain=Default
delFromRegistry=true 

Complete the following for the configuration to take effect:

  1. Copy the newly created ISAM_API.properties file to the sdi_solution_dir/LDAPSync directory.
  2. Restart IBM® Security Verify Directory Integrator.