18
Identity Manager 3.6.1 Null Service and Loopback Service Drivers Implementation Guide
no
vd
ocx
(e
n)
17
Sep
te
m
be
r 20
09
3.1.2 Configuring the Driver Settings
After you import the driver configuration file, the Loopback Service driver will run. However, there
are many configuration settings that you can use to customize and optimize the driver. The settings
are divided into categories such as Driver Configuration, Engine Control Values, and Global
Configuration Values (GCVs). The settings are described in
Appendix A, “Driver Properties,” on
page 27
.
If you do not have the Driver Properties page displayed in Designer:
1
Open your project.
2
In the Modeler, right-click the driver icon or the driver line, then select
Properties
.
3.1.3 Configuring the Driver Policies
The basic driver configuration does not include any policies. To have the driver perform any work,
you need to create the appropriate policies. For information about creating policies, see the
Policies
in Designer 3.5
guide.
3.1.4 Deploying the Driver
After a driver is created in Designer, it must be deployed into the Identity Vault.
1
In Designer, open your project.
2
In the Modeler, right-click the driver icon or the driver line, then select
Live > Deploy
.
3
If you are authenticated to the Identity Vault, skip to
Step 5
; otherwise, specify the follow
information:
Host:
Specify the IP address or DNS name of the server hosting the Identity Vault.
Username:
Specify the DN of the user object used to authenticate to the Identity Vault.
Password:
Specify the user’s password.
4
Click
OK
.
5
Read the deployment summary, then click
Deploy
.
6
Read the successful message, then click
OK
.
7
Click
Define Security Equivalence
to assign rights to the driver.
The driver requires rights to objects within the Identity Vault. The Admin user object is most
often used to supply these rights. However, you might want to create a DriversUser (for
example) and assign security equivalence to that user. Whatever rights that the driver needs to
have on the server, the DriversUser object must have the same security rights.
7a
Click
Add
, then browse to and select the object with the correct rights.
7b
Click
OK
twice.
8
Click
Exclude Administrative Roles
to exclude users that should not be synchronized.
You should exclude any administrative User objects (for example, Admin and DriversUser)
from synchronization.
8a
Click Add, then browse to and select the user object you want to exclude.
8b
Click
OK
.