Sailpoint comes with a method to integrate and interact with other vendor Identity Management applications through a  supported integration module called the Provision Integration Module (PIM).
The supported vendor systems are:
  • Oracle Identity Manager (OIM)
  • Sun (now Oracle) Java System Identity Manager (SIM)
  • IBM Tivoli Identity Manager (TIM)
  • NetIQ Novell Identity Manager
  • BMC ESS
  • BMC Remedy Access
For Sailpoint to work on currently (as of this writing at least) non-supported systems (such as Microsoft Active Directory, LDAP, SQL serve, etc.) the BMC Provisioning Module is best to be used. These connector integrations should thus be configured as read-write connectors. Additionally , all individual connectors come with configuration pdf files so please feel free to read these before attempting any of the following.
Steps involved in utilizing the BMC Provisioning Module include the following :
    1. SailPoint IdentityIQ Connector Manager should be installed and configured.
    2. The Connector gateway should be configured and running as system service. This service should always be running (don’t forget that!!!).
      • Configure Init.xml contained in the ConnectorGateway folder.
      • Execute the install.bat file which creates a service (as shown below)

<SM>
<!– Connector Manager/Agents Hostname or IP Address–>
<hostname>host name of sailpoint connector </hostname>
<!–Connector Manager/Agents port number–>
<port>Port no</port>
<!– Use “AS400″ for AS400 system and “MAINFRAME” for Mainframes and leave empty in all other cases.–>
<platform></platform>
</SM>

<Server>
<!– Connector Gateway port number–>
<port>5700</port>
<!– Delay(in seconds) between two retry attempts while connecting to Connector Manager/Agents–>
<sm_connect_retry>3</sm_connect_retry>
</Server>

  1. Install and configure the individual connectors:
  • (Active Directory, LDAP, Lotus Notes..) using the SailPoint IdentityIQ Connector Manager installed in the first step.
  • (Provisioning Manager). MSCS- Managed System Configuration Set should be configured for the connectors(Active Directory, LDAP, Lotus Notes, etc.). This name will be used in the Sailpoint Application setup.

Once the Provisioning manager is installed, create a new application and choose the one ending with “Full” in the list (example: if we want to add a PM for Active Directory then we need to choose Active Directory Full from the list).

That’s it!  Good luck and sound off below if you have any questions!

  • Post published:8 novembre 2012
  • Post category:IAM / IBM / Technologie
  • Temps de lecture :3 min de lecture