When user authentication is performed using only the LDAP repository, and without using Interstage Single Sign-On authentication infrastructure, the LDAP environment is built using this procedure.
To use the Interstage Directory Service with LDAP authentication, create an environment for the Interstage Directory Service by following the steps below.
Note
If an environment for the Interstage Directory Service has already been created, change the settings in the Detailed Settings item to match the Systemwalker Runbook Automation operation.
Refer to the Interstage Application Server Directory Service Operator's Guide for details.
Open the login window for the Interstage Management Console by entering the following URL in a Web browser.
http://<Host name of the Interstage Directory Service>:[port number for the Interstage Management Console]/IsAdmin |
Specify the following login ID and password in the login window, and then click the Login button.
[Windows]
User ID | Password |
|---|---|
Administrator | Password for the administrator |
[Linux]
User ID | Password |
|---|---|
root | Password for the root account |
Open the repository window by selecting System >> Service >> Repository from the tree view (the pane on the left-hand side of the window).
Select the Create tab.
Specify the following items in the General Settings section.
Item name | Description | Input value |
|---|---|---|
Repository Name | Repository name. Item can be specified only when creating a repository. | Optional |
Administrator DN | Administrator of the created repository, using DN (distinguished name) format. Item can be specified only when creating a repository. | LDAP administrator name |
Administrator DN password | Administrator password. Note that $, \, ", and spaces must not be used. | Password for the LDAP administrator |
Administrator DN password (re-enter) | Administrator password (confirmation). | Password for the LDAP administrator |
Public Directory | Directory where the repository will be published, using DN (distinguished name) format. Item can be specified only when creating a repository. | The name of the domain that has been created (in "dc=..." format) Example: ou=interstage,o=fujitsu,dc=dom |
Repository Database | If an RDB is used, more than 10,000 items of entry information can be managed. Item can be specified only when creating a repository. | Standard DB is recommended. |
Database Storage Directory | Directory where the database is stored. The specified directory must already exist. Item can be specified only when creating a repository. Note There is no need to change the storage directory if it located in a directory under "C:\Program Files (x86)" on a machine running 64-bit Windows. | [Windows] Default value: <Interstage installation directory> \Enabler\EnablerDStores\IREP [Linux] Default value: (*1) |
Cache Size | Size of the cache to be used for search processing. | 1000 |
*1: If the specified directory is different from the default, then privilege settings will need to be specified.
Refer to "Operating and Maintaining Repositories" in the Interstage Application Server Directory Service Operator's Guide for details.
Display Detailed Settings and enter the following settings.
Search settings | |
|---|---|
Item name | Input value |
Maximum number of entries that can be searched for | Specify a value greater than the number of users that will be registered with Systemwalker Runbook Automation. Default value: 500 |
Search Timeout | Specify the timeout (in seconds) for authentication processing. Default value: 3600 |
Access log definition | |
|---|---|
Item name | Input value |
Directory | Specify the existing access log storage directory. Note There is no need to change the storage directory if it is located in a directory under "C:\Program Files (x86)" on a machine running 64-bit Windows. |
Point
This procedure lists only mandatory items. Refer to "Operating and Maintaining Repositories" in the Interstage Application Server Directory Service Operator's Guide for information on how to customize other setting items.
Click the Create button - a message informing that creation is complete will be displayed.
Select the name of the repository that has been created, then click the Start button - a message informing that the repository has started will be displayed.
Log out.
To use Active Directory or OpenLDAP, refer to each manual. Note that $, \, ", and spaces must not be used in the OpenLDAP repository administrator password.
