Configure Synchronization in the Provisioning Manager

cim1265
cim
Inbound synchronization keeps
Identity Manager
up to date with changes that occur in the provisioning directory. Changes include those made using Provisioning Manager and changes in endpoints for which the Provisioning Server has a connector.
Each Provisioning Server supports a single environment. However, you can configure backup environments on different systems in a cluster in case the current environment is unavailable.
Follow these steps:
  1. In the
    Identity Manager
    server, choose Start,
    Identity Manager
    , Provisioning Manager.
  2. Click System,
    Identity Manager
    Setup.
  3. Complete the Host Name field with the name of the system where the
    Identity Manager
    Server is installed.
  4. Complete the Port field with the application server port number.
  5. Complete the Environment name field with the alias for the environment.
  6. Select Secured Connection if you want the HTTPS protocol to communicate with the
    Identity Manager
    server instead of using HTTP and encrypting the individual notifications.
  7. Click Add.
  8. Repeat steps 3-6 for each of the backup version of the environment.
    If the application server for the current environment is unavailable, the
    Identity Manager
    failovers to a backup environment. You can reorder the current and backup environments to set the failover order.
  9. If it is the first environment, fill in the Shared Secret fields using the password that was entered during the
    Identity Manager
    installation for the user for embedded components.
    These fields do not apply if FIPS is enabled in this installation.
  10. Set the Log Level as follows:
    • No Log--No information is written to the log file.
    • Error--Only error messages are logged.
    • Info--Error and information messages are logged (default).
    • Warning--Error, warning, and information messages are logged.
    • Debug--All information is logged.
  11. Restart the application server before you log in to the environment.
For a log of inbound synchronization operations and any problems that are encountered during synchronization, see the following file:
PSHOME\logs\etanotify<date>.log
Update the Shared Secret
 
Follow these steps:
 
  1. Stop the Application Server
  2. Run pwdtools.bat using the following commands:
    pwdtools.bat -JSAFE -p <Directory shared secret>  
    For example: C:\Program Files (x86)\CA\Identity Manager\IAM Suite\Identity Manager\tools\PasswordTool>pwdtools.bat -JSAFE -p 
    Password Plain Text:
    Password Encrypted value: {PBES}:<some alpha-numeric character string> 
  3. Update the  IMeTASharedSecret parameter in the systemWideProperties.properties file (usually located in \..\iam_im.ear\custom\identitymanager).
  4. Change the value to the Directory shared secret created by the pwdtools command entered previously. For example: \..\iam_im.ear\custom\identitymanager\systemWideProperties.properties IMeTASharedSecret={PBES}:<some alpha-numeric character string> 
  5. Start the Application Server, and then update the Shared Secret field within the Provisioning Manager: select System, CA Identity Manager Setup.