Table of Contents
Advertisement
Enabling Logging for Kerberos Transactions
Enabling logging is not required, but it is highly recommended. If Kerberos authentication does not
function after you have finished the configuration tasks, the first step in solving the problem is to
look at the
1 In the Administration Console, click Devices > Identity Servers > Edit > Logging.
2 Enable the File Logging and Echo To Console options.
3 In the Component File Logger Levels section, set Application to debug.
4 Click OK, then update the Identity Server.
Configuring the Identity Server for Active Directory
You need to either configure your Identity Server to use Active Directory as a user store or verify
your existing configuration for your Active Directory user store.
1 In the Administration Console, click Devices > Identity Servers > Edit.
2 Click Local.
3 View your installed user stores.
If you have already configured your Identity Server to use the Active Directory server, click its
name.
If you haven't configured a user store for the Active Directory server, click New.
4 For a new user store, fill in the following fields. For an existing Active Directory user store,
verify the values.
Name: Specify a name of the user store for reference.
Admin name: Specify the name of the administrator of the Active Directory server.
Administrator-level rights are required for setting up a user store. This ensures read/write
access to all objects used by Access Manager.
Admin password and Confirm password: Specify the password for the administrator of the
Active Directory server and confirm the password.
Directory Type: Select Active Directory.
Search Contexts: For a new user store, click New and specify the context of the administrator
of the Active Directory server. For an existing user store, verify that you have an entry for the
context of the administrator and add one if it is missing.
5 (Conditional) For a new Active Directory user store, add a replica. In the Server replicas
section, click New.
5a Fill in the following fields:
Name: Specify a name of the replica for reference. This can be the name of your Active
Directory server.
IP Address: Specify the IP address of the Active Directory server and the port you want
the Identity Server to use when communicating with the Active Directory server.
5b Configure the other fields to fit your security model.
5c Click OK.
6 (Optional) Specify values for the other configuration options.
118 Novell Access Manager 3.1 SP1 Identity Server Guide
(Linux) or the
catalina.out
(Windows) file.
stdout.log
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
Related Products for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009