How To Create and Deploy Connectors

Contents
imgc10-in-progress
Contents
The following diagram shows the process you follow to create and deploy a connector using Connector Xpress:
Process Flow
Example: How you create and deploy a basic JNDI connector
The following steps detail the creation and deployment of a basic dynamic JNDI connector. To create a basic JNDI Connector, do the following.
  1. Start Connector Xpress.
    The Connector Xpress main window appears.
  2. Add and configure the connection details of the Provisioning Server where the endpoint you want to manage is located.
  3. If the Provisioning Server does not have a Connector Server configured, create and set a managing Connector Server for the endpoint.
    The configuration determines how your Provisioning Server routes individual endpoints to Connector Servers.
  4. Set up a JNDI data source, and test the connection and authentication details of your JNDI data source.
    Connector Xpress retrieves the schema from this JNDI data source, which lets you map the schema to your new endpoint on the Provisioning Server.
    When you create a project, Connector Xpress automatically creates a class named User Account in the Mapping Tree.
  5. Map the native attributes in the user account class to the relevant provisioning attributes.
  6. Save the project.
    You can save the project for future deployment.
  7. Create an endpoint type on the Provisioning Server you want to manage and deploy the connector to.
  8. Specify the managing Connector Server you want to manage your endpoint type.
    Creating an endpoint type and specifying the managing Connector Server does the following:
    This specifies how your Provisioning Server routes endpoint types or individual endpoints to connector servers.
  9. Deploy the connector to the Connector Server.
    Deploying the metadata creates the new dynamic JNDI Connector.
  10. Acquire, explore, and correlate the endpoint.
    Connector Xpress populates the Provisioning Server with accounts and other objects found in the acquired endpoint.
    Correlating an endpoint is the process of examining accounts on it, and potentially creating users automatically and setting global user attributes from account attributes.
    To manage your objects, you explore the endpoint for your objects and correlate the objects to global users.
Configuring additional JNDI Connector.xml properties:
The following properties must be configured in order to avoid the following issues:
  • '
    forcePagedResults' - Set to False
    When attempting to delete and/or deprovision an Endpoint Account via a custom JNDI connector, the following error occurs: "JNDI: badly behaved endpoint: no response controls returned for support SimplePaging". The account on the endpoint is deleted but the endpoint account reference object in the IMPD remains.
  • 'disableDeleteAssociations' - Input the Endpoint Type and Endpoint Name Values
    When an account on the Oracle Directory Server Endpoint is deleted, the Static Groups that had a reference to that account lose all account references (not just the reference to the deleted account).
    In order to resolve this error the 'disableDeleteAssociations' property has to be added.
    Note:
    The
    disableDeleteAssociations
    property is applicable only when referential integrity is defined on the endpoint.
  • 'testOnBorrow' - Set to True
    Set
    testOnBorrow
    to
    true
    , when you receive connection reset errors with the JNDI (DYN) connector which does not recover until the JCS is restarted:
    <property name="testOnBorrow"> <value>true</value> </property>
Follow these steps:
  1. Take a backup of the
    SAMPLE.connector.xml
    file available in the following location:
    CA/Identity Manager/Connector Server/jcs/conf/override/<jndi>/
  2. Rename the
    SAMPLE.connector.xml
    file to
    connector.xml
  3. Open the
    connector.xml
    file using an editor.
  4. Set the value as 'false' for the 'forcePagedResults' property
    <property name="forcePagedResults"> <value>false</value> </property>
  5. Input the Endpoint Name and Endpoint Type values in the 'disableDeleteAssociations' property.
    Note:
    Comment these lines if you do not want to use
    disableDeleteAssociations
    property, else you may encounter null pointer exception.
    <property name="disableDeleteAssociations">
    <list>
    <value><EndpointType:EndpointName></value>
    <value><EndpointType:EndpointName></value>
    </list>
    </property>
  6. To increase the number of connections from CA Connector (Java) Server to endpoint, locate the following lines:
    <property name="maxActive">
    <value>20</value>
    </property>
    And, change to:
    <property name="maxActive">
    <value>1000</value>
    </property>
  7. Save the file.
  8. Restart JCS.
If there are any special characters in your Endpoint Name, input the corresponding html character codes connector.xml file.
Example:
&#92 for backslash
Connector Deployment
You can use Connector Xpress to configure metadata settings and to deploy the connector. Connector Xpress lets you save metadata settings to a project file and then deploy a connector from that file. For example, you can use a project file when you move connectors from a test environment to a production environment to ensure that you have the same settings.
Deploy the Connector
Once you have created a connector, you can deploy the metadata for that connector to a Provisioning Server.
This procedure assumes that you have created the connector server configuration.
Follow these steps:
  1. Open the existing project that contains the metadata you want to deploy.
    Connector Xpress opens the project and displays the metadata in the Edit pane of the Connector Xpress window.
  2. In the Provisioning Servers tree, expand the Provisioning Servers node and then choose the server where you want to deploy the connector.
    The Provisioning Server Password Required dialog appears.
  3. Complete the fields on the dialog to specify the password for the server, and click then OK.
  4. Expand the server, and then right-click Endpoint Types, then click Create New Endpoint Type.
    The Create New Endpoint Types dialog appears.
  5. Complete the fields on the dialog to define the name of your new endpoint type, then click OK.
    In some cases, a delay occurs before endpoint management screens are available. To check the status of the screen creation, use View Submitted Tasks in the User Console or configure a workflow process to send an email notification when the deployment completes.
  6. Right-click on your new endpoint and select Acquire Endpoint.
    The Create New Endpoint dialog appears.
  7. Complete the fields on the dialog to specify the name and password for your new endpoint, then click OK.
  8. (Optional) Under the endpoints node, right-click on your new endpoint and choose Explore/correlate endpoint.
    The Explore/Correlate Endpoint dialog appears.
  9. Complete the fields on the dialog to specify how Connector Xpress explores and correlates the endpoint, then click OK.
    Connector Xpress deploys the connector to the Provisioning Server.
Remove a Connector
You can use Connector Xpress to undeploy connectors. Undeploying a connector deletes the connector from the Provisioning Server and from CA IAM Connector Server.
When you use Connector Xpress to undeploy a connector, a Delete Endpoint Type task is created.
When an approver rejects a Delete Endpoint Type task, some screens are not removed. We strongly recommend that the approver approves every request to remove an endpoint.