Chat now with support
Chat with Support

Identity Manager 8.0 - LDAP Connector for IBM AS/400 Reference Guide

System Variables

The following system variables need to be defined for the attribute mappings. For more detailed information about variables, see the One Identity Manager Target System Synchronization Reference Guide.

Table 1: System variables
Name Value
IdentDomain The name of your AS/400 domain e.g. AS400_001
UserLocation Parent DN of your AS/400 user container, e.g. CN=ACCOUNTS,OS400-SYS=AS4001.MYCOMPANY.COM
GroupLocation Parent DN of your AS/400 group container, e.g. CN=ACCOUNTS,OS400-SYS=AS4001.MYCOMPANY.COM
Related Topics

Domain Filter Setting

A domain filter needs to be created to identify information that has been retrieved from the AS/400 database to keep it separate from other imported data.

  1. Update the One Identity Manager schema so that all entries are included.
    1. In the Synchronization Editor, open your AS/400 project.
    2. Select the category Configuration | One Identity Manager connection.
    3. Then in the "General" section on the right-hand side, click Update schema.
    4. Click on Yes in the next two dialog boxes.
    5. Click Ok when completed.
  2. In the Manager
    1. Select the category LDAP | Domains.
    2. In the result list toolbar, click .
    3. Enter at least the following general master data on the General tab.
      Table 2: Domain Master Data

      Property

      Description

      Display name Display name e.g. AS400 Domain 001
      Distinguished name Distinguished name of the domain e.g. OS400-SYS=AS4001.MYCOMPANY.COM
      Domain Domain name e.g. AS400_001
      Structural object class Structural object class representing the object type, enter DCOBJECT
    4. Save the changes.
  3. In the Synchronization Editor, open your AS/400 project.
    1. Select the category Configuration | One Identity Manager connection.

    2. Select the Scope view and click Edit scope.

    3. Select the object type LDPDomain in the Scope hierarchy list and set the Object filter to: Ident_Domain =’$IdentDomain$’.
    4. Save the changes.

For more detailed information about scopes, see the One Identity Manager Target System Synchronization Reference Guide.

Related Topics

User Mapping Information

This section shows a possible mapping between a user account in AS/400 and the standard One Identity Manager database table called LDAPAccount. User and group information on the AS/400 is stored in the same container, so a filter needs to be set up to tell these apart.

  • When creating the user mapping, add a new schema class as follows.
    Table 3: Schema class settings

    Property

    Value

    Schema type os400-usprf
    Display name user_os400_usrprf
    Class name user_os400_usrprf
    Select objects: Condition os400_gid='*NONE'
    Select objects: Ignore case Activated
  • Map the LDAPAccount (all) schema class to this new schema class, user_os400_usrprf for this user mapping.

For more detailed information about setting up mappings, see the One Identity Manager Target System Synchronization Reference Guide.

Detailed information about this topic

Mandatory AS/400 User Attributes

When creating a user in the AS/400 database, the following LDAP attributes must be defined:

  • objectclass
  • os400-profile
Related Topics
Related Documents