Special instructions for using Bulk Loader in a tokenized environment:
- If you are using IM 12.5 SP8 or lower - Create non-localized hidden tasks for all the required tasks (Create Org/User, Modify Org/User, Delete Org/User as copies of the original task) - Make sure to create these as hidden tasks so these would not show up anywhere to any end user but is a task dedicated to the bulk loader.
- If you are using IM 12.5 SP9 or later with a tokenized environment - you must be using Task tags in "actionToTaskMapping" field
Special instructions for using Bulk Loader with SiteMinder Authentication:
- Make sure Identity Manager is functioning correctly with SiteMinder protecting it. Establish a normal login to Identity Manager UI using the browser through the web server port (rather than the usual application server port). If basic integration doesn't work, make sure you fix this before moving forwards with using TEWS and bulk loader client.
- Set the isProtectedBySiteMinder variable in the imbulkloadclient.properties file to true.
- Set the serverURL variable in the imbulkloadclient.properties file to reflect the Web Server / Proxy port rather than the application server port.
- Replace the cipher-text password with a plain-text password in the imbulkloadclient.properties file and save the file.
Run the following command:
install-directory\Bulk Loader\bin > imbulkloadclient.bat -e "..\conf\imbulkloadclient.properties" -S
The cipher-text password replaces the plain-text password
- Make sure that the SiteMinder user being used for the admin_id is valid and not locked out or disabled
- Update Web Services configuration via the Management console Home > Environments > <YOUR_ENVIRONMENT> > Advanced Settings > Web Services to use the Basic Authentication for Site Minder.
- Verify SiteMinder domain includes: TEWS realm (protected by same agent as Identity Manager), TEWS rule, TEWS policy (ensure that users tab have users that can authenticate and the rules tab has both realm and rule associated).
- Use SiteMinder Test Tool to test the connectivity, protection, authentication and authorization for the /iam/im/TEWS6/<IMEName> realm.