Previous Topic: How to Perform the LDA Connector MigrationNext Topic: Reexplore and Recorrelate the New LDAP DYN Endpoints

Connector GuidesConnectors GuideConnecting to EndpointsLDA Connector Migration to DYN JNDIHow to Perform the LDA Connector MigrationRun the LDA Migration Script

Run the LDA Migration Script

To migrate the LDA connector, run the LDAMigrate scripts.

To run the LDA migration script

  1. If you have made extensions to the LDA schema, copy any relevant LDA extension mapping .txt files to the following directory:

    cs-home/resources/jndi/mappings/

  2. (Windows) Do the following:
    1. Open a command prompt window.
    2. Navigate to following folder of the connector server:

      cs-home/resources/jndi

    3. Enter the following command, including the file names of any custom LDA extension files you have made.

      LDAMigrate

      Example: LDAMigrate mappings\myext1.txt mappings\myext2.txt

  3. (UNIX) Do the following:
    1. Open a terminal window.
    2. Navigate to the bin folder of the connector server:

      cs-home/resources/jndi

    3. Enter the following command, including the file names of any custom LDA extension files you have made:

      LDAMigrate

      Example: LDAMigrate mappings/myext1.txt mappings/myext2.txt.

    Important! (Windows and UNIX) The order in which you specify these files defines the order in which the screens appear for the extensions in the CA IdentityMinder Provisioning Manager, and the CA IdentityMinder GUIs.

    Note: If you do not provide any extension files, the unextended LDA schema is migrated.

  4. If you are running the migration for the first-time, the process prompts you for connection details to a provisioning server.

    The script displays default connection details in square [] brackets.

    Note: For security reasons, the migration process does not echo password characters.

    After the script makes a successful connection to the provisioning server, the script saves all the connection details, except the password. The migration script runs a query that finds all the existing LDA endpoints that are registered on the provisioning server.

  5. When prompted, confirm that you want to review the metadata generated to match your .txt mapping files. Do the following:
    1. Edit the dyn_ldap_metadata.xml file in the following location:

    cs-home/resources/jndi/mappings/dyn_ldap_metadata.xml

    1. Make any manual adjustments required.
    2. Confirm that you want the script to read the manually adjusted file again.
  6. When prompted, confirm that you want clean LDA inclusions.

    Note: If you do not confirm that you want to clean up LDA inclusions, then delete any LDA inclusions manually. Deleting the files helps ensure the roles that reference them are usable, as there is no LDA connector in CA IdentityMinder 12.6.2.

  7. When prompted, confirm that you want to delete the obsolete LDA references.

    Note: You can safely delete the obsolete references as all role to LDA account template links are logged to LDAMigrate.log. Also, the roles are not functional until the LDA references are deleted (either automatically or manually).

  8. When prompted, enter the password for each endpoint.

    When the migration process makes a successful connection to the LDA endpoint, the migration saves the connection details in the provisioning server and the data migration starts.

    The name of the newly created endpoint type is LDAP DYN.