Configuring The Identity Server; Enabling Logging For Kerberos Transactions; Configuring The Identity Server For Active Directory - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (30 pages)
Table of Contents
Advertisement
IP Address: Specify the IP address of the Identity Server.
6 Click Add Host.
5.3 Configuring the Identity Server
You need to configure the Identity Server to use the Active Directory server as a user store,
configure a Kerberos authentication class, method, and contract, create a configuration file, enable
logging to verify the configuration, then restart Tomcat. These instructions assume that you have
installed and configured an Identity Server cluster configuration. If you have not, see the
Access Manager 3.1 SP2 Installation Guide
This section covers the following tasks:
"Enabling Logging for Kerberos Transactions" on page 164
"Configuring the Identity Server for Active Directory" on page 164
"Creating the Authentication Class, Method, and Contract" on page 165
"Creating the bcsLogin Configuration File" on page 168
"Verifying the Kerberos Configuration" on page 169
5.3.1 Enabling Logging for Kerberos Transactions
Enabling logging is not required, but it is highly recommended. If Kerberos authentication does not
function after you have finished the configuration tasks, the first step in solving the problem is to
look at the
1 In the Administration Console, click Devices > Identity Servers > Edit > Logging.
2 Enable the File Logging and Echo To Console options.
3 In the Component File Logger Levels section, set Application to debug.
4 Click OK, then update the Identity Server.
5.3.2 Configuring the Identity Server for Active Directory
You need to either configure your Identity Server to use Active Directory as a user store or verify
your existing configuration for your Active Directory user store.
1 In the Administration Console, click Devices > Identity Servers > Edit.
2 Click Local.
3 View your installed user stores.
If you have already configured your Identity Server to use the Active Directory server, click its
name.
If you haven't configured a user store for the Active Directory server, click New.
4 For a new user store, fill in the following fields. For an existing Active Directory user store,
verify the values.
Name: Specify a name of the user store for reference.
164 Novell Access Manager 3.1 SP2 Identity Server Guide
(Linux) or the
catalina.out
and the
Novell Access Manager 3.1 SP2 Setup
(Windows) file.
stdout.log
Novell
Guide.
Advertisement
Table of Contents
Troubleshooting
