Connectors via RPM
This section describes how to deploy, start and register your connectors in an RPM deployment.
All the connectors which were part of the RPM distribution can be found in the /usr/local/openiam/connectors/bin/
directory. If the connector you are looking for was not part of the distribution, download it from the OpenIAM website and copy it to the above directory. Ensure that the connector files are owned by openiam
chown openiam:openiam [file name]
To start the connector, use the following command: systemctl start openiam-connector@[connector_name]
For example, to start the SCIM connector do the following operation:
systemctl start openiam-connector@scim-connector-rabbitmq
Important disclaimer
OpenIAM provides out of the box set of connectors. These connectors use default queue, we highly recommend use out of the box connectors to avoid misconfiguration and worthless over complication of the solution.
Deploy of remote connectors
Remote connector is a connector deployed outside OpenIAM environment. All Microsoft application connectors are remote connectors.
To allow remote connectors to connect to RabbitMQ, we should allow access to port 5672. For example On CentOS 7 you can open ports with command firewall-cmd --add-port=5672/tcp --permanent. After run command firewall-cmd --reload. Also make sure other network configurations do not block this port. Before starting connector you can test connection by call telnet command:
telnet 10.98.0.1 5672
where 10.98.0.1 IP address of host where RabbitMQ is installed
Register the connector
After a connector has been started, it must be registered with OpenIAM so that it can receive messages that are being sent by the other services in OpenIAM. These messages will tell the connector what to do. Examples of messages include:
- Find a user
- Create a user
- Reset a password
To register a connector, go to: Webconsole -> Provisioning -> Connectors
You will see a list of connectors that have already been registered out-of-the-box. Unless you are working with a custom connector, your connector should already be registered on this list. To configure, click on the actions button next to the connector and you will see the screen below.
Make note of the value in the first Connector Queue
as you will need to add this to the server side connector configuration as well.
Note: You can replace the queue name value with any unique alpha-numeric word with no spaces.
Adding the queue name to the connector configuration
To add the queue name of the connector configuration, follow the steps described below.
-Dorg.openiam.connector.queue=LDAP_Connector_1_Request-Dorg.openiam.connector.queueResponseName=LDAP_Connector_1_Response