How to change Identity Manager Provisioning Server configuration without Provisioning Manager
search cancel

How to change Identity Manager Provisioning Server configuration without Provisioning Manager

book

Article ID: 263802

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

If you have Provisioning Manager, you set "Automatic Correlation" to yes.
 
However we do not have Provisioning Manager installed in your environment, how do you set this?
 

Environment

Release : 14.x

Resolution

The "Automatic Correlation" setting is stored in the the Provisioning Directory.

You can modify it directly, using ldapmodify (available for config user in vApp), or dxmodify (available for dsa user in vApp), or Jxplorer, or any other LDAP client you like.

You need to connect to Provisioning Server using LDAP client with the following bind DN:

eTGlobalUserName=etaadmin,eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects,dc=im,dc=eta

Port number: 20389

Note: etaadmin is the default Provisioning Server administrator. You may be using a user with a different name.

The entry DN:

eTConfigParamName=Automatic Correlation,eTConfigParamFolderName=Synchronization,eTConfigParamContainerName=Parameters,eTConfigContainerName=Configuration,eTNamespaceName=CommonObjects,dc=im,dc=eta

You need to modify eTConfigParamValue attribute from "no" to "yes"

If using ldapmodify in vApp:

  • ssh to vApp as config user
  • Create LDIF file with the following content:

dn: eTConfigParamName=Automatic Correlation,eTConfigParamFolderName=Synchronization,eTConfigParamContainerName=Parameters,eTConfigContainerName=Configuration,eTNamespaceName=CommonObjects,dc=im,dc=eta
changetype: modify
replace: eTConfigParamValue
eTConfigParamValue: yes

  • Issue this command:

ldapmodify -h <Prov Server IP> -p 20389 -D "eTGlobalUserName=etaadmin,eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects,dc=im,dc=eta" -W -f <LDIF file>

LDIF file auto-corr.ldif is attached for your reference, and can be used in the above ldapmodify command.

Attachments

1681271670168__auto-corr.ldif get_app