Remote Loader AD driver Configuration

Hi

I am new with IDM and try to solve some issue.
On Windows Servers I didn't have any issue with AD driver for connection.

But when I change to Linux machines and IDM is on Linux machines with Remote Loader i have issue how to configure AD (Active Directory) driver.

Please

  • 0  

    Give us some details please?  Generally for this version is not critical other than to say the RL version should be pretty close to the Engine version due to SSL/TLS differences.

    1) WHat have you tried? 

    2) Is your RL on a Domain Controller?

    3) Is your RL on a member server?

    4) Do you have password filters for Pub channel publisher events?

  • 0 in reply to   

    Thx for answer

    When I had infrastructure on Windows servers - i didn’t had any issue because I ws using native driver addriver.dll. And it works

    But Now I switched to Linux (SLES) environment

    What I have:

    - AD Server (windows 2019) Domain Controller

    - SLES 15.6 - full IDM stock: Engine, RL, App, Reporting, console

    - SLES 15.6 - iManager, Designer and Analyzer

    What I try to get?

    I want to deploy driver to IDM for AD .

    I have RL on Linux which is not joined to domain

    I would like to sync AD with IDM which is on SLES (linux)

    Is it possible to configure RL on SLES which will be used for communication?

    Or do I need install RL on any member of AD ? (Windows machine)

    I try to use Linux but I don’t know what JAR class shoudl I use or any other configuration.

    I can’t use addriver.dll on SLES

    RL is not a member od domain

    for point 4 - I don’t have implemented any filter because I cant joind

    it is Lab Env and I don’t use TLS for communication for know

    RL and IDM Engine is on the same machine (the same version) - installed together

  • 0   in reply to 

    Thank you the details make it much clearer.  Each driver has its own requirements.  The AD driver in particular, must run the shim on a Windows device.  Usually server.  You cannot use the RL on Linux to run the addriiver.dll it must be on a WIndows server.

    Joining Linux to a domain via SAMBA or the like will not suffice alas, needs the full Windows subsystems of a Windows server.

    You can use a member server or a DC.  There is some discussion which is better. (DC"s have caching turned off, whereas file servers do not. and for some things that may matter)  The syntax of the conect string differs depending on which type of Windows box the RL is running on.

    If you are running the RL on a DC, the connection string is blank I believe. 

    If you are running the RL on a member server the connect string is the IP/DNS Name of a DC to contact

    In both cases, the auth ID is domain\username of the service account.

    Once you get that far, come back with further quesions I would think.

  • 0 in reply to   

    Thx for clarification but it is a little bit strange ;)

    what about JRemoteLoader and Java classes? Is it possible to make RL using Java CLasses?

    For many systems it can be done

    I will install RL on DC and will see . I tried do not install additional machine and don’t install anything on DC. Will see.

    I will back to you and will see. 
    From Technical point of view it should be possible.

    I installed all IDM on Windows machines but IDM 4.9 has some issue with configurator. I send request to NetIQ and wait for answer

    Will see maybe I will check again with version 4.8

    Thx

  • 0   in reply to 

    I understand you point.  Consider it this way.  The SAP drivers need to run the RL on a platform that supports the sapJCO.jar, which also requires native (per platform) libraries. 

    The DLL file for the AD driver only runs on a Windows machine.  (Please do not try and use WINE or the like)

    The Remote Loader, via RPM is the fancy version with start/stop scripts and some minor utilities.  The Java Remote Loader is the bare minimum assuming you have nothing but Java.  So that would not help here either.

    How about this counter example?  The UA Driver, RRSD, and DCS drivers cannot run as Remote Loaders since they make direct NCP calls, which require running in an eDirectory instance.  So those are not possible either.

    I think my point is, that it is not as uncommon as you seem to think.  In general many shims can run as remote loaders.  Many but not all.

  • 0 in reply to   

    Thx

    I am new with IDM and now I see more clearly than on Begining:)

    Thank you

    I have to redesign lab:)

    R

  • 0 in reply to 

    Hi

    With RL on Windows machine works fine.

    thx for clarification