Description:

This Technical Document is a supplement for Technical Document TEC520582. Since IM r12.5 SP7, an all-new JIAM has been introduced. This version of JIAM differs significantly from previous SP's and its internal architectural changes have made some of the steps in Technical Document TEC520582 no longer applicable. Most of the steps are still applicable and this Technical Document provides the steps for those that aren't.

Solution:

Follow the steps as ordered below:

1. Install Provisioning SDK IM r12.5 SP6 and take a copy of the entire folder <Provisioning SDK>\admin\jars, and all its files. Uninstall Provisioning SDK IM r12.5 SP6.
   
   
2. Install Provisioning SDK IM r12.5 SP7 (or whichever SP that you're upgrading to). Rename the original folder <Provisioning SDK>\admin\jars to some other name, i.e. iars_org. Copy the jars folder from SP6 into <Provisioning SDK>\admin.
   
   
3. Refer to Technical Document TEC520582 and perform all the steps as described, except those under the following headings:
   
   
   1. Relationship Mapping Issue
      
      
   2. Update jndimap file
      
      
   3. Change Attribute Member Field Type
      
      
   4. Implement Getter and Setter for New Attribute
      
      
   5. Tell JIAM Old Attribute Value is Provided By the New Attribute
      
      
   6. Configure Identity Manager Environments to load JIAM Extension jar
      
      
   7. Discovering the JiamObjectType
      
      
   8. For the SDK endpoint type this results in the following names: EndPoint, NativeGroup, Account, Policy. For relating an account to a group you would pick out the name NativeGroup.Setup Metadata to allow object to be linked to
      
      
   9. Running the RoleDefGenerator tool (we will do this at the end)
      
      
4. At this point, you should have:
   
   
   1. Got your custom C++ connector working with IM Provisioning Manager (WIN 32 GUI). You should be able to acquire endpoint and provision accounts. If not, please review the previous steps before continue.
      
      
   2. Built jiamSDKExt.jar, although we won't need this jar file. You should also have performed the manual changes on sdk_jndimap.xml as described in Technical Document TEC520582.
      
      
   3. Built metadata using the ptconvert tool. You should also have performed the manual changes on the metadata as described in Technical Document TEC520582.
      
      
5. sdk_Jndimap changes:
   
   Edit sdk_jndimap.xml and change the class for the following beans:
   
   
   1. com.ca.jiam.customconnector.sdk.impl.SDKEndPointImpl
      to
      com.ca.iam.model.impl.IAMEndPointImpl
      
      
   2. com.ca.jiam.customconnector.sdk.impl.SDKAccountImpl
      to
      com.ca.iam.model.impl.IAMAccountImpl
      
      
   3. com.ca.jiam.customconnector.sdk.impl.SDKGroupImpl
      to
      com.ca.iam.model.impl.IAMObjectImpl
      
      
   4. com.ca.jiam.customconnector.sdk.impl.SDKPolicyImpl
      to
      com.ca.iam.model.impl.IAMPolicyImpl
      
      There is no need to change the class for container beans as these should have already been commented out following the previous Technical Document.
      
      
6. Metadata changes:
   
   
   1. Rename your metadata XML file to "SDK Namespace.xml"
      
      
   2. Add jiamObjectType and imIsCapabilityObject to class eTSDKGroup so it becomes:

      <class name="eTSDKGroup">       <extends>CommonObjects.COS_comobject</extends>       <metadata name="jiamObjectType">            <value>                   <strValue>SDKGroup</strValue>            </value>       </metadata>       (other metadata)

   3. Change the baseType of eTSDKGroupMembers (for both Account and Policy) from strValue to flexiStrValue of type DN:

      <property name="eTSDKGroupMembers">  <doc>Group Memberships</doc>  <value default="false">   <setValue>    <baseType default="false">     <flexiStrValue type="DN"/>    </baseType>   </setValue>  </value>  (other metadata)

7. Update jiam.jar
   
   The jiam.jar from your IMS installation needs to be updated. Follow the steps below:
   
   
   1. Create a temp folder and create a directory structure as follows:

      <TEMP_ROOT>|- jiam.jar|-[ com]|- [ca]      |-[ iam]             |- [model]                      |- [impl]                              |- [datamodel]                                      |- SDK Namespace.xml                      |- [options]                              |- [sdk]                                     |- [impl]                                             |- sdk_jndimap.xml

   2. Copy <IAM_IM.EAR>\library\jiam.jar to <TEMP_ROOT> as depicted above. Also keep another copy of this jiam.jar in somewhere safe as back-up.
      
      
   3. Copy metadata "SDK Namespace.xml" to <TEMP_ROOT>\com\ca\iam\model\impl\datamodel as depicted above
      
      
   4. Copy sdk_jndimap.xml to <TEMP_ROOT>\com\ca\iam\model\options\sdk\impl as depicted above
      
      
   5. Open a Command Prompt and change directory to <TEMP_ROOT>. Execute the following command:
      
      jar -uvf jiam.jar "com\ca\iam\model\impl\datamodel\SDK Namespace.xml" "com\ca\iam\model\options\sdk\impl\sdk_jndimap.xml"
      
      This will add the 2 XML files into jiam.jar.
      
      
   6. Copy this updated copy of jiam.jar back into <IAM_IM.EAR>\library and replace the original (make sure you have already made a back-up copy).
      
      
8. Generate and deploy custom roledef:
   
   
   1. Run the Roledef generator (more info on this tool can be found in the user guide):
      
      RoleDefGenerator.bat -m "SDK Namespace.xml" "SDK Namespace"
      
      
   2. Refer to the IM Programming Guide on how to deploy the generated SDK_Namespace.jar
      
      Note: When adding SDK Group to an Account or Template, you will find that the Group search screen does not have a column for the group name. You can make a copy of the Group search screen and add the name column. Refer to the User guide on how to do this.