NSD1090 How to create and configure a junction

Fact

Nordic Edge Identity Manager

Situation

Identity Manager is able to create a link object in one Directory including information about other Directories. This object is called a Junction.

When junctions are existing, users can login to a Directory with Identity Manager and be able to see and manage object information from other directories. i.e. Microsoft AD, Microsoft ADAM, Novell eDirectory.

The Junction object contains information about how to connect to other directories, which parameters to apply and how the information will be displayed.

The junction information is saved in the directory in XML format

Solution

In the following scenario a junction between an Active Directory (as the primary directory) and a Novell eDirectory (target directory) will be created.

In order to use Junction IM configuration must be modified.

In this example the junction function and policies are configured for the user Administrator.

Start Identity Manager standalone version and open the object that should have the privilege to use junctions.

To configure policies the tab “Policy Manager” must be loaded.

In Policy Manager open the section “Searching-Junction” to manage settings.

Policy settings:

The policy JUNCTION.ENABLE must be set to true for the user to create and use a Junction.

Define the attribute where to store the XML Data in the policy JUNCTION.XML_ATTRIBUTE.

The description attribute is practical for this.

Two other junction settings may be used for “Search Manager”, it is not necessary to adjust these settings for this example.

Create a “View Tab” in the designer tool to save the configuration data needed for a junction object to contact another directory.

Open the designer and select to create a “New View/Edit Tab.

In “Tab Properties” enter the following settings

Click apply and then select following button

Drag it to the tab. 

In the control properties select to save the information to the description attribute.

Then click on “Options for Custom Control”. 

To select a custom comtrol, click the button “View bundled”, select “se.nordicedge.controls.JunctionControl and click OK twice, then Apply.

Now the control is included in the tab.

Save the tab and close the designer tool.

With Identity Manager, browse to the container where the junction configuration should be saved.

In this example a Novell eDirectory organizational unit.

Double click the organizational unit to go into properties.

Select the tab “Junction” and enter information about how to connect to the directory.

Verify the information by clicking the button “Test connection”

After a succesfull connection the search base in Novell eDirectory to manage objects can be configured.

In this case the “Users” organizational unit is selected from the browse button.

The searchfilter is changed from objectclass=* to objectclass=inetorgperson to only allow user objects to be seen.

The search scope is also set to SUB to see the whole directory structure from the selected search base.

Click OK to save the information.

Refresh the view in Identity Manager to see all user objects from eDirectory.

It should now be possible to manage the displayed objects.

Note: The admin user must have the eDirectory forms loaded.

To see a flash guide visit:

http://www.nordicedge.se/showflash.shtml?id=11

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.
Nordic Edge Support – www.nordicedge.se