Use the Profiles population wizard 

Use the Profiles population wizard to populate the IBM Connections Profiles database with data from the LDAP directory.


Before starting

Ensure that you have created a Profiles database, and installed and configured Tivoli Directory Integrator and an LDAP directory.

Notes:


About this task

To populate the Profiles database...


Procedure

  1. Log in to your database server as the root user or system administrator.

  2. (AIX and Linux™ only) Grant display authority to all users by running the following commands under the root user or system administrator:

      xhost + // Grant display authority to other users

      Note: If granting display authority to all users is a security concern for you, change the command to grant display authority to a specific user or users. For more information about this command, consult your AIX or Linux administrator guide.

      echo $DISPLAY // Echo the value of DISPLAY under the root user

  3. Log into the system where Tivoli Directory Integrator is installed.

  4. Copy the Wizards directory from the IBM Connections installation media to the system where Tivoli Directory Integrator is installed.

      Important: Microsoft™ Windows™: If you are installing from disk or ISO, change the permissions for the Wizards folder from Read Only to Write or the population wizard will fail.

  5. Run the following script from the Wizards directory:

    • AIX: ./populationWizard.sh

    • Linux: ./populationWizard.sh

        Note: If the wizard does not run correctly, you might need to edit the populationWizard.sh file and enter the correct JRE/JVM path for your system The populationWizard.sh file expects the path to be jvm/linux/jre/bin.

    • Microsoft Windows: populationWizard.bat

  6. On the Welcome page of the wizard, click Launch Information Center to open the IBM Connections Information Center in a browser window. Click Next to continue.

  7. Select Default settings or, if you are resuming an earlier session, click Last successful default settings and click Next.

      Note: This page is shown only if you have already used the wizard to populate the Profiles database.

  8. Enter the location of Tivoli Directory Integrator and then click Next.

  9. Select a database type and click Next.

  10. Enter the following information about the database, and then click Next:

      Host name

        The name of the system that hosts the database.

      Port

        The communications port for connecting to the database. Add a new port number or choose one of the following default port numbers:
        DB2

          50000

        Oracle

          1521

        SQL Server

          1433

      Database name

        The default name of the database is PEOPLEDB.
        Note: There is no default name for the Oracle database, Instead, enter the name of the database instance.

      JDBC driver library path

        Enter the path to the JDBC driver on the host machine. For example: IBM/sqllib/java.
        DB2

          You can find the db2jcc.jar and db2jcc_license_cu.jar files in the IBM/DB2/v9.5/SQLLIB/java directory.

        Oracle

          You can find the ojdbc14.jar file in the oracle/product/10.2.0/db_1/jdbc/lib directory.

        SQL Server

      User ID

        Enter your user ID. This must be a database user who has write access to the Profiles database. For DB2, the default value is LCUSER. For Oracle and SQL Server, default value is PROFUSER. These user names are automatically created when you create the database.

      Password

        Enter your password.

  11. Enter the following properties for the LDAP server, and then click Next:

      LDAP server name

        The host name or IP address of the LDAP server.

      LDAP server port

        The default port is 389. If SSL is selected, the default port is 636.

      Use SSL communication

        Select the check box to enable SSL.

  12. (Optional) Create an empty truststore file where you can store trusted LDAP server certificates. (Complete this step if you want to use SSL. If you already have a truststore file that contains your LDAP server certificates, you can skip this step.) The Profiles population wizard downloads the LDAP server certificates from your LDAP directory for you.

    1. Start the iKeyman utility by running the following file:

      • AIX or Linux: <TDI_Install_directory>/jvm/jre/bin/./ikeyman

      • Windows: <TDI_Install_directory>\jvm\jre\bin\ikeyman.exe

        where <TDI_Install_directory> is the directory where Tivoli Directory Integrator is installed.

        Note: On the Windows 7 and Windows 2008 operating systems, right-click ikeyman.exe and select Run as administrator.

    2. Click Key Database File from the menu bar and then click New.

    3. Select JKS or PKCS12 as the key database type.

    4. Save the new file to an appropriate location and click OK.

    5. Enter a password in the Password Prompt dialog box and then confirm the password. Click OK.

        Note: You need this password when you use the Profiles population wizard.

    6. Exit the iKeyman utility.

      The Profiles population wizard can use the new truststore file to communicate with your LDAP server in SSL handshaking mode. It can also use the file when fetching data from your LDAP.

  13. Optional: If you selected SSL when you entered the LDAP properties, you are asked to enter the following keystore properties:

      Truststore file

        File where trusted server certificates are stored. Used when SSL handshaking is performed.

      Keystore password

        Password to access the keystore.

      Keystore type

        Format of the trusted server certificate. Currently only JKS and PKCS12 are supported in Java™.

      If the LDAP server certificate is not in the truststore, an Accept permanently message appears that asks you to permanently accept the certificate in the truststore file. If you do not accept it, the wizard cannot connect to the LDAP server with SSL and will not continue with the population task.

  14. Enter the authentication details for the Bind distinguished name (DN) and Bind password, and then click Next.

      Note: The Profiles population wizard does not support anonymous binding for LDAP. If you wish to populate the Profiles database using anonymous binding, populate the database manually.

  15. Enter the details of the Base distinguished name (LDAP user search base) and LDAP user search filter, and then click Next.

  16. Map LDAP attributes or JS Functions to the Profiles database fields.

      For more information about each attribute and function, see Table 2 in the Mapping fields manually topic.

      Notes:

      • For each user in the LDAP, Tivoli Directory Integrator will create a row in the database, mapping each LDAP attribute or JavaScript™ function to the corresponding column in the database. The wizard automatically validates each mapping. If you need to change the default mapping, select the required LDAP attributes or JavaScript functions and create or modify the field.

      • The uid, guid, dn, surname, and displayName attributes are always required.

  17. Optional: You can choose to run the following additional tasks:

      Countries

        Add country data to each profile.

      Departments

        Add department data to each profile.

      Organizations

        Add organization data to each profile.

      Employee types

        Add employee-type data to each profile.

      Work locations

        Add location data to each profile.

      Select Yes if you want to mark the profiles of each manager.

      Notes:

      • For all the entries in this list (except Mark managers), you need to prepare corresponding CSV files with the required information. An Employee Type CSV file might include regular=IBM Employee and manager=IBM Manager. You can edit the profiles-config.xml file to specify whether you want to display the code or the value, where regular or manager are the employee type codes stored in LDAP and IBM Employee or IBM Manager are the values.

      • Examine the CSV files in the Wizards/TDIPopulation/TDISOL/<OS>/samples directory, where <OS> is your operating system, to see the input file format of the optional tasks:

          Countries task

            isocc_sample.csv

          Departments task

            deptinfo_sample.csv

          Organizations task

            orginfo_sample.csv

          Employee types task

            emptype_sample.csv

          Work locations task

            workloc_sample.csv

  18. Review the Summary page to ensure that the information you entered in the previous panels is correct. To make changes, click Back to return to the relevant page and edit the information. Otherwise, click Configure to begin populating the database.

  19. Review the message on the Result page. If necessary, click View log to examine the log in detail. Click Finish to exit the wizard.

Results

The Profiles population wizard has populated the Profiles database with data from your LDAP directory.


Parent topic

Add LDAP data to the Profiles database

Related concepts
Administer Profiles


Related tasks


Use the Profiles population wizard in silent mode
Manually populating the Profiles database
Mapping fields manually
Populating the Profiles database

Related reference
Attribute mapping for Profiles
Population functions for populating ID into PROF_GUID
SQL Server 2005 JDBC 2 driver
Microsoft hotfix for the JDBC 2 driver

+

Search Tips   |   Advanced Search