Installing in the Verify Governance virtual appliance

Edit online

For Verify Governance target management, you can install an IBM Security Verify Adapters or a custom adapter on the built-in Security Directory Integrator in the virtual appliance instead of installing the adapter externally. As such, there is no need to manage a separate virtual machine or system.

About this task

This procedure is applicable for a selected list of Identity Adapters. See the Identity Adapters product documentation to determine which adapters are supported in Identity Governance and Intelligence, and which can be installed on the virtual appliance.

All Identity Governance and Intelligence supported adapters can be installed externally on the virtual appliance. Depending on the adapter, an external Security Directory Integrator may be required.

See the corresponding Adapter Installation and Configuration Guide for the specific prerequisites, installation and configuration tasks, and issues and limitations. See the Adapters Release Notes for any updates to these references.

Procedure

  1. Download the adapter package from the IBM Passport Advantage.
    For example, Adapter-<Adaptername>.zip.
    The adapter package includes the following files:
    Table 1. Adapter package contents
    Files Descriptions
    bundledefinition.json

    The adapter definition file. It specifies the content of the package, and the adapter installation and configuration properties that are required to install and update the adapter.
    Adapter JAR profile
    An Security Directory Integrator adapter always include a JAR profile which contains:
    • targetProfile.json
      • Service provider configuration
      • Resource type configuration
      • SCIM schema extensions
      • List of assembly lines
    • A set of assembly lines in XML files
    • A set of forms in XML files
    • Custom properties that include labels and messages for supported languages.

    Use the Target Administration module to import the target profile.

    Additional adapter specific files
    Examples of adapter specific files:
    • Connector jar files
    • Configuration files
    • Script files
    • Properties files

    The file names are specified in the adapter definition file along with the destination directory in the virtual appliance.
  2. From the top-level menu of the Appliance Dashboard, click Configure > SDI Management.
  3. Select the instance of the Security Directory Integrator for which you want to manage the adapters and click Manage > SDI Adapters
    The SDI Adapters window is displayed with a table that list the name, version, and any comments about the installed adapters.
  4. On the SDI Adapters window, click Install.
  5. On the File Upload window, click Browse to locate the adapter package and then click OK.
    For example, Adapter-<Adaptername>.zip.
  6. Provide the missing 3rd party libraries when prompted.
    1. On the File Upload for Pre-requisite files window, click Select Files.
      A new File Upload window is displayed.
    2. Browse and select all the missing libraries. For example, httpclient-4.0.1.jar
    3. Click Open.
      The selected files are listed in the File Upload for Pre-requisite files window.
    4. Click OK.
      The missing files are uploaded and the adapter package is updated with the 3rd party libraries.
  7. Enable secure communication.
    1. Select the instance of the Security Directory Integrator for which you want to manage the adapter.
    2. Click Edit.
    3. Click the Enable SSL check box.
    4. Click Save Configuration.
  8. Import the SSL certificate to the IBM® Security Directory Integrator server.
    1. Select the instance of the Security Directory Integrator for which you want to manage the adapter.
    2. Click Manage > Certificates.
    3. Click the Signer tab.
    4. Click Import.
      The Import Certificate window is displayed.
    5. Browse for the certificate file.
    6. Specify a label for the certificate. It can be any name.
    7. Click Save.