You can configure a directory connection to an existing ODBC user store (SQL or Oracle) so CA SiteMinder® Federation Standalone can use it for authentication.
Note: If you plan to connect to an ODBC data source on Solaris, configure the wire protocol driver for the data source. See the wire protocol driver instructions for details.
Follow these steps:
Note: Click Help for a description of fields, controls, and their respective requirements.
You can click View Contents to list the contents of the user directory.
Note: The View Contents button is displayed only if the Universal ID Column value is set.
If your settings are valid, you are redirected to the View User Directories dialog.
The connection to the ODBC directory is configured.
CA SiteMinder® Federation Standalone can distribute ODBC user directory requests over multiple data source servers for failover.
Note: CA SiteMinder® Federation Standalone does not support load balancing for ODBC user directories.
For failover, CA SiteMinder® Federation Standalone uses one ODBC directory to fulfill requests until that server where that store resides fails to respond. When the default directory does not respond, CA SiteMinder® Federation Standalone routes the request to the next store configured for failover. This process can be repeated over multiple servers. After the default server is able to fulfill requests again, CA SiteMinder® Federation Standalone routes requests back to the original server.
To configure ODBC failover
The User Directory dialog opens.
The ODBC Data Source Failover table displays.
Note: If you are adding a server for failover, the failover directory must use the same type of communication (SSL or non-SSL) as the primary directory. Both directories share the same port number.
If you only have one entry in the table, then CA SiteMinder® Federation Standalone only supports failover.
Example: ODBC Failover
In this example, a CA SiteMinder® environment contains two user directories, A and B, which must meet the following requirements:
This configuration requires two failover nodes: the data source name for user directory A and a data source name for user directory B.
If you are using an ODBC data source on a UNIX system as a user directory, configure the data source in the system_odbc.ini file.
The system_odbc.ini file, located in the federation_install_dir/siteminder/db folder, contains all of the names of the available data sources. In addition, this file contains the attributes that are associated with these data sources. The first attribute is the ODBC driver allocated to CA SiteMinder® Federation Standalone. The remaining attributes are specific to the driver.
When you are updating the file to configure a new data source, you add a new section that describes the data source. You place entries for the SQL Server or Oracle drivers after the section that reads [CA FedManager Data Source]. Do not modify the original text.
You configure the Oracle wire protocol driver to specify the settings CA SiteMinder® Federation Standalone uses to connect to the data source.
To configure the Oracle wire protocol driver
The modified text for the Oracle data source appears as follows:
Driver=federation_install_dir/siteminder/odbc/lib/NSora23.so Description=DataDirect 5.3 Oracle Wire Protocol LogonID=uid Password=pwd HostName=servername PortNumber=1521 ServiceName=servicename CatalogOptions=0 ProcedureRetResults=0 EnableDescribeParam=0 EnableStaticCursorsForLongData=0 ApplicationUsingThreads=1
The Oracle wire protocol driver is configured.
Important! Do not modify other entries in the file, especially anything listed in the [CA FedManager Data Source] section.
You configure the SQL wire protocol driver to specify the settings CA SiteMinder® Federation Standalone uses to connect to the database.
To configure the SQL Server wire protocol driver
Driver=federation_install_dir/siteminder/odbc/lib/NSmass23.so Description=DataDirect 5.0 SQL Server Wire Protocol Database=database_instance Address=host_IP_address, port_number (default: 1433) QuotedId=No AnsiNPW=No
The wire protocol driver is configured.
Important! Do not modify other settings in this file, especially anything listed in the [CA FedManager Data Source] section.
|
Copyright © 2014 CA.
All rights reserved.
|
|