Plug-in API properties file
Run the com.tivoli.pd.rgy.until.RgyConfig tool to create and set up the API properties file for the plug-in with the IBM Java runtime environment.
Note: An IBM Java runtime environment is in the tdi_install_dir/jvm/jre/bin folder.
Syntax
java -cp tdi_install_dir/jars/com.tivoli.pd.rgy.jar
com.tivoli.pd.rgy.util.RgyConfig properties_file_destination
create Default Default "ldaphostname:389:readwrite:5"
"DN" DN_password
Parameters
properties_file_destination
Specifies the full path to the file that is created when you run this command.
The default value is the following relative path: LDAPSync/ISAM_API.properties.
ldaphostname:port
:
settings
Specifies the following details:
- Host name of the LDAP server with which IBM Security Access Manager is configured. The LDAP server host name is specified in the Security Access Manager runtime configuration file.
- Port number of the LDAP server. The default value is 389. You can change this value.
- The setting, which is :readwrite:5.
Enclose the entire value,
ldaphostname:port
:
settings, in double quotation marks.
DN
Specifies the LDAP Distinguished Name (DN) for authenticating to IBM Security Access Manager. Enclose the value in double quotation marks.
DN_password
Specifies the corresponding password for the DN.
Example
java -cp tdi_install_dir/jars/com.tivoli.pd.rgy.jar
com.tivoli.pd.rgy.util.RgyConfig
sdi_solution_dir/LDAPSync/ISAM_API.properties
create Default Default "ldapSamServer:389:readwrite:5" "cn=root" cnrootpassword
Default
in the command statement corresponds to the IBM Security Access Manager domain with which it is to be integrated and the value that is set in the IBM Security Access Manager plug-in AssemblyLine parameters.
The result looks similar to the following properties file, where the property settings reflect the values that were specified when the RgyConfig tool was run.
#IBM Tivoli Access Manager
#Mon Dec 03 10:40:06 MHT 2013
ldap.ssl-enable=false
ldap.bind-pwd={obf2}dwTRqM+riTiJyfwSscdYIsiAAb2aAXkqmJrtiJm2Hp4\=
ldap.bind-dn=cn\=root
ldap.mgmt-version=6.1.1
ldap.svrs=ldapSamServer \1:389\:readwrite\:5;
local_domain=Default
ldap.mgmt=true
mgmt_domain=Default
delFromRegistry=true
Complete the following for the configuration to take effect:
- Copy the newly created ISAM_API.properties file to the sdi_solution_dir/LDAPSync directory.
- Restart IBM® Security Verify Directory Integrator.