立即与支持人员聊天
与支持团队交流

Active Roles 8.1.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector Objects and operations supported by the SCIM Connector Example of using the Generic SCIM Connector for data synchronization
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

Creating an IBM RACF connection

To create a new connection

  1. In the Synchronization Service Console, open the Connections tab.
  2. Click Add connection, then use the following options:
    • Connection name: Type a descriptive name for the connection.

    • Use the specified connector: Select IBM RACF Connector.

  3. Click Next.

  4. On the Specify connection settings page, use the following options:

    • Server: Type the fully qualified DNS name of the IBM RACF server running the LDAP service. Type the fully qualified DNS name of the IBM RACF server running the LDAP service.

    • Port: Type the fully qualified DNS name of the IBM RACF server running the LDAP service.

    • User name: Specify the fully distinguished name (DN) of the account that the application will use to access the IBM RACF LDAP directory service

    • Password: Specify the password of the user account that the application will use to access the IBM RACF LDAP directory service.

    • Test Connection: Click this button to verify the specified connection settings.

  5. Click Next.

  6. Click Finishto create a connection to IBM RACF connector.

Modifying an IBM RACF connection

To create a new connection

  1. In the Synchronization Service Console, open the Connections tab.

  2. Click Connection Settings below the existing IBM RACF connection you want to modify.

  3. On the Connection Settings tab, click the Specify connection settings item to expand it and use the following options:

    • Server: Type the fully qualified DNS name of the IBM RACF server running the LDAP service. Type the fully qualified DNS name of the IBM RACF server running the LDAP service.

    • Port: Type the fully qualified DNS name of the IBM RACF server running the LDAP service.

    • User name: Specify the fully distinguished name (DN) of the account that the application will use to access the IBM RACF LDAP directory service

    • Password: Specify the password of the user account that the application will use to access the IBM RACF LDAP directory service.

    • Test Connection: Click this button to verify the specified connection settings.

  4. Click Save.

Example of mapping for dataset information

The IBM RACF connector can be used to synchronize IBM RACF dataset information. The LDAPX exit must be installed and configured for this functionality to be supported.

The examples in this topic shows how IBM RACF dataset information can be synchronized. IBM RACF dataset names contain asterisk (*) characters and as such cannot be synchronized to Active Directory which does not allow asterisk characters in names. As such, the example shows a synchronization to a Microsoft SQL database. It is assumed that Microsoft SQL Server and Microsoft SQL Server Manager have been installed and configured.

Creating SQL database and table

Using Microsoft SQL Server Manager, create a database called IBM RACF_Datasets. Within that database, create a table called Datasets with the following columns:

Column Name

Data Type

Audit

 nchar(100)

Create_Group

nchar(10)

Owner

nchar(10)

UACC

nchar(10)

UID (database key)

nchar(100)

Create a connection to this database and table with the ARSS Microsoft SQL Server Connector.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级