Connection details

After you have deployed and registered the connector, you will need to establish a connection to your application. Without an active connection, you will not be able to perform any of the operations described in the application on-boarding sections.

To establish a connection, follow the steps described below:

  • Login to the webconsole and go to Provisioning -> Managed system
  • If you are new to OpenIAM and a sample configuration exists, then find that application on open configuration using the Actions button. If you want to create a new configuration, then click on the Create Managed System menu option.
  • Complete the form as described below. The example below uses OpenLDAP, but the concepts apply to all managed system configurations.

Managed system connection details

Complete the form using the table below.

Field nameDescription
ConnectorName of the connector that will be used by the managed system configuration
Managed system nameName of this application that is meaningful to the business
DescriptionDescription of this application. The description will be used in the service catalog to help end-users gain more information about the application
ManualCheckbox which indicates if this application is a "Manual" application. Meaning that no connector is available and automated provisioning is not supported. If you have a connector for the application, then leave this off.
ActiveCheckbox which indicates if this configuration is active. Only active configurations can process life-cycle events. To make an application "Active", ensure that this field is checked.
Show on user change password screenOpenIAM provides the option for end-users to change their password in a single application. If this application is to be shown on the change password screen, the ensure that this field is checked.
All users provisioned with this managed systemThere are times when all users should be provisioned to an application regardless of business rules or role memberships. To enable this behavior for your application, ensure that this field is checked.
Host URLThis is the URL to connect to your application, tenant, etc.
PortPort that OpenIAM should use to connect to the application. For example, LDAP can be port 389,636,etc.
Communication ProtocolDefines if OpenIAM should communicate using SSL or Clear. The option that you select here must also be supported by the target application.
Login IDService account Id which will be used by OpenIAM to connect to the application.
PasswordPassword for the service account
Object primary key for userThe unique attribute in the target application that the connector will use to find an existing users. Examples of Primary keys can be: uid in LDAP, sAMAccountName in ActiveDirectory, etc.
Base DN for UserThis value is relevant only for a directory. It defines the DN under which the user will be created. Its a way to limit the reach of the connector.
Search Base DN for UserThis value is relevant only for a directory.This is part of the directory where the connector is allowed to search to find matching users. This is used to limit the reach of the connector.
Search scopeThis value is relevant only for a directory. You can select a value like Subtree, OneLevel or Object. It determines if the connector will search through subtrees or not.
Target system typeThis value is relevant only for a directory. Since the ldap connector can be used with a variety of directories such as OpenLDAP, Okta Directory services, eDirectory and Active Directory - These options allow the connector to compensation for brand specific nuances between directories.
CategoryThis is the category in the service catalog where this application will be listed. Leave it blank to avoid having this application listed in the catalog.

If the configuration is set to "Active", OpenIAM will perform a test connection in a few minutes. Return back to the managed system list and you will see the status on the connector. If the connection is successful, then you will see a green status as shown here. If it fails, it will be shown in red.

Managed system connection details