How to configure TDI for User Registration and Password Syncronization
- Infrastructure: (Ensure Firewall is turned off or allow the required ports to be opened)
- Machine 1: Active Directory
- Machine 2: TDI
- Machine 3: Domino Server
- Installation:
- Machine 1: Install TDI Plugins for Change Password Detection.
- Install the plugin as per the guidelines :
- Copy the file tdipwflt.dll to the System32 folder of the Windows installation folder. Note that on 64-bit Windows operating systems, the 64-bit DLL of the Password Synchronizer must be put in the System32 folder.
- List the name of the Windows Password Synchronizer DLL (without the ".dll" file extension) in the "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages" Windows registry key. Make sure you put in the name of the 64-bit DLL on a 64-bit Windows platform.
- Execute the registerpwsync.reg file, which is shipped with the Password Synchronizer. This will create a key for the Windows Password Synchronizer in the Windows registry: "HKEY_LOCAL_MACHINE\SOFTWARE\IBM\Tivoli Directory Integrator\Windows Password Synchronizer". It will also set a string value "ConfigFile" that contains the absolute file name of the configuration file of the Windows Password Synchronizer.
- Restart the machine and few extra files like “proxy” should be created in Plugin folder
- Configure following settings in pwsync.props file in TDI Plugin directory
- syncClass=com.ibm.di.plugin.pwstore.jms.JMSPasswordStore
- jms.broker=tcp://<ip_machine2>:61616
- jms.clientId=client1
- Use the pwsync_admin.exe utility to restart the proxy.
- Install the plugin as per the guidelines :
- Machine 2: Install TDI and then apply FP 1 and FP2 (Note: FP2 installation will fail if UpdateInstaller is not replaced as per the documentation in the maintenance folder)
- Machine 3: Domino Server should be installed with ID Vault Configured.
- Machine 1: Install TDI Plugins for Change Password Detection.
- Configuration:
- Machine 2: Import the Assembly lines attached with this document in TDI and update the LDAP, Domino and AD settings
- For Domino User Connector, try IIOP or Local Client setting. Reference documents are attached along with this document.
- Deploy PasswordSync.nsf database which contains Web Service to change passwords for HTTP and ID Vault. (Note: Please ensure to update Web Service properties according to your environment)
- Modify the Configuration Document on Domino Server to “Allow LDAP users write access”.
- Modify the ID Vault policy to ensure that Notes Client doesn't ask to change password after the password is reset via ID Vault.
Download attachment from here: Link
This spots make it simple for individuals to observe what they are searching for. https://onohosting.com/
ReplyDelete