Scribd Logo
Upload

Welcome to Scribd!

  • Non-Authoritative Applications - 2

    Uploaded by

    Saeed Nashar
    6 views27 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views27 pages

    Non-Authoritative Applications - 2

    Uploaded by

    Saeed Nashar

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 27

    JDBC, LDAP and Active Directory Connectors

    Fundamentals of IdentityIQ Implementation


    JDBC Connector

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 41


    JDBC Applications
    Connection Settings

    DB user/password

    DB URL

    JDBC Driver

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 42


    JDBC Applications
    Query Settings

    Optional custom statement


    for testing connection

    SQL statement for pulling


    all accounts

    SQL statement for pulling


    single account

    Note: Filtering supported by query Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 43
    JDBC Applications
    Merging

    Merge
    Configuration

    Note: Sorting incoming data speeds up aggregation when merging


    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 44
    JDBC Applications
    Connector Rules • Runs for every result row
    • Converts incoming data into map

    • Performs final conversion to


    Resource Object
    • Runs once for each account or
    group
    • Runs after merging

    • Performs merging processing


    • If default merge capabilities aren’t
    enough, a rule here can control
    merging

    • Handles Provisioning Operations


    • All in single rule or per operation
    • More on this later
    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 45
    JDBC Processing
    Application Yes
    ----
    -----
    ----
    -----
    -----
    Creation Correlation

    No

    Customization

    Resource
    Connector Objects

    Notes: Map To ResourceObject

    JDBC
    • No PreIterate or PostIterate MergeMaps Resource
    • All rules are iterative
    JDBC Build Map

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 46


    Knowledge Check

    Copyright ©© SailPoint
    Copyright SailPoint Technologies,
    Technologies, Inc.
    Inc. 2017.
    2017. All
    All rights
    rights reserved.
    reserved. 47
    LDAP Connector

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 48


    LDAP Connector
    Application Types
    • ADAM - Direct
    • SunOne – Direct
    • IBM Tivoli DS - Direct Read Only
    • Novell eDirectory - Direct
    • Oracle Internet Directory - Direct
    • OpenLDAP – Direct
    • LDAP
    • Read only

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 49


    LDAP Connector
    Connection Information

    SSL/Auth Type
    Credentials

    Host/Port

    For Pass
    Through
    Authentication

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 50


    LDAP Connector
    Search DN and Filtering

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 51


    LDAP Processing
    Application Yes
    ----
    -----
    ----
    -----
    -----
    Creation Correlation

    No

    Customization

    Resource
    Connector Objects
    Notes:
    • Schema is predefined
    • Connector operation is to filter incoming Filter
    LDAP accounts/ groups
    LDAP
    • Application rule processing is consistent with
    other apps

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 52


    Knowledge Check

    Copyright ©© SailPoint
    Copyright SailPoint Technologies,
    Technologies, Inc.
    Inc. 2017.
    2017. All
    All rights
    rights reserved.
    reserved. 53
    Active Directory
    Connector

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 54


    Active Directory
    Configuration Settings

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 55


    Active Directory Connector
    Provisioning and IdentityIQ Authentication

    Connection Info for


    IQService for
    Provisioning

    For Pass Through


    Authentication

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 56


    Active Directory Connector
    Connection Information
    • Auto-discover or manually enter domains
    • Specify servers or serverless bind

    Authorization
    Information per
    Domain
    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 57
    Active Directory Connector
    Search DN and Filtering

    DN Information for
    Searching

    Filtering
    Information

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 58


    Active Directory Processing
    Application Yes
    ----
    -----
    ----
    -----
    -----
    Creation Correlation

    No

    Customization

    Resource
    Connector Objects
    Notes:
    • Schema is predefined
    • Connector operation is to filter incoming Filter
    AD accounts/groups
    AD
    • Application rule processing is consistent
    with other apps

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 59


    Other Connectors
    • Each connector will vary
    • Connector settings
    • Connector rules
    • Each connector is consistent
    • Application Rules
    • How correlation, creation, customization is handled
    • Schema (Account and Group)

    • More information
    • Product Documentation:
    SailPoint Direct Connectors Administration and Configuration Guide
    • Compass:
    Connector and Integration Deployment Center

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 60


    Knowledge Check

    Copyright ©© SailPoint
    Copyright SailPoint Technologies,
    Technologies, Inc.
    Inc. 2017.
    2017. All
    All rights
    rights reserved.
    reserved. 61
    Next Step?

    Practice
    Exercises

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 71


    Exercise Preview
    Section 1, Exercises 7, 8
    Systems of Record
    Users
    Users Groups
    Employee
    #8
    LDAP
    (Directory)
    File
    (HR)
    Contractor #7 PRISM
    Users Groups
    JDBC
    File #7 (Purchasing)
    (Contractor Maintenance)
    TRAKK
    Users
    PAM JDBC
    Financials (Time Tracking)
    PAM PAM
    Users Groups
    Systems
    Of
    File File File
    (Financial App) Interest
    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved.
    (Financial App) 73
    Exercise Preview
    Section 1, Exercise 9
    • Exercise #9: Exploring the Identity Refresh Task
    • Filter refresh to constrain the Identity Cubes that are refreshed

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 74


    Exercise Preview
    Section 1, Exercises 9 and Extension Exercises
    • Exercise #9: Exploring the Identity Refresh Task
    • Filter refresh to constrain the Identity Cubes that are refreshed

    Copyright © SailPoint Technologies, Inc. 2017. All rights reserved. 75

    You might also like