Reconfiguring the directory server connection

Reconfigure the directory server if the directory server configuration changes.

  1. Make a backup of the directory server.

    On the server running IBM Security Directory Server for IBM Security Identity Manager, complete the following steps.

    1. Log on as an Administrator with root privileges.

    2. Open a command window.

    3. Go to the TDS_HOME/sbin directory and enter the following command:

      db2ldif -s ldap_suffix -o ldap_output_file -I ldap_instance_nam.

      where.

      ldap_suffix is the name of the suffix. For example: dc=com.

      ldap_output_file is the name of the ldif output file. For example: old_ldif_data.ldif.

      ldap_instance_name is the name of the LDAP server instance, which can be obtained through the IBM Security Directory Server Instance Administration tool.

    4. Use the backup of the schema file V3.modifiedschema from the OLD_ITDS_INSTANCE_HOME\etc directory of the IBM Security Directory Server instance home directory.
  2. Restore the backup of the database. Install a version of IBM Security Directory Server that ISIM supports. For this reconfiguration, ensure that you take the following actions:

    • Create and use the same root suffix.
    • Use the same encryption seed value as the old directory server instance. If not, we must export the data from the old directory server instance to use the seed and salt keys from the new instance.

    Copy the contents of ISIM directory server backup ldif file and schema file to the target server.. To restore the directory server data on the target directory server, complete the following steps:

    1. Log on as an Administrator with root privileges.
    2. Stop the LDAP server.
    3. Copy the schema file V3.modifiedschema that you copied over from the previous server to the NEW_ITDS_INSTANCE_HOME\etc directory of the IBM Security Directory Server instance. If we customized or modified the schema files, manually merge the changes into the new schema files.

    4. From TDS_HOME/sbin, run the command:

      bulkload -i OLD_ITDS_TEMP_DATA\ldif_output_file -I ldap_instance_nam.

      where.

      OLD_ITDS_TEMP_DATA is the temporary directory location of the IBM Security Directory Server data you copied over from the previous server. For example, C:\temp\51data\ids\.

      ldif_output_file is the name of the file that you exported in a previous task. For example, old_ldif_data.ldi.

      ldap_instance_name is the name of the LDAP server instance. For example, itimldap. We can obtain use the IBM Security Directory Server Instance Administration tool to obtain the instance name.

      See Bulkload command errors.

    5. Stop and start the IBM Security Directory Server to activate the changes.
  3. Reconfigure the IBM Security Directory Server.

    1. From ISIM administrative console, go to Menu > Directory Server Configuration.

    2. Select the directory server and click Reconfigure. Provide the details and click Save Configuration.
    3. Restart the Identity server to complete the process.

Parent topic: Virtual appliance configuration