CA SiteMinder® Federation Standalone Guide › User Directory Connections for Authentication › ODBC Directory Connection

ODBC Directory Connection

You can configure a directory connection to an existing ODBC user store (SQL or Oracle) so CA SiteMinder® Federation Standalone can use it for authentication.

Note: If you plan to connect to an ODBC data source on Solaris, configure the wire protocol driver for the data source. See the wire protocol driver instructions for details.

Follow these steps:

1. Click the User Directory tab.
2. Click Connect to ODBC in the User Directory List section.
3. Configure the settings in this dialog. Parameters marked by red dots are required.

   Note: Click Help for a description of fields, controls, and their respective requirements.

4. Click Failover if you want to set up additional ODBC directories for redundancy.
5. Click Test Connection to validate the connection.

   You can click View Contents to list the contents of the user directory.

   Note: The View Contents button is displayed only if the Universal ID Column value is set.

6. Click Save.

   If your settings are valid, you are redirected to the View User Directories dialog.

   The connection to the ODBC directory is configured.

More Information:

ODBC Data Source on Solaris Configuration Requirement

Configure the Oracle Wire Protocol Driver

Configure the SQL Server Wire Protocol Driver

ODBC Directory Failover Configuration

CA SiteMinder® Federation Standalone can distribute ODBC user directory requests over multiple data source servers for failover.

Note: CA SiteMinder® Federation Standalone does not support load balancing for ODBC user directories.

For failover, CA SiteMinder® Federation Standalone uses one ODBC directory to fulfill requests until that server where that store resides fails to respond. When the default directory does not respond, CA SiteMinder® Federation Standalone routes the request to the next store configured for failover. This process can be repeated over multiple servers. After the default server is able to fulfill requests again, CA SiteMinder® Federation Standalone routes requests back to the original server.

To configure ODBC failover

1. Select the User Directory tab in the UI.
2. Do one of the following:
   • Select Connect to ODBC to create an ODBC user directory connection.
   • Select Action, Modify next to an existing ODBC entry you want to edit.

   The User Directory dialog opens.

3. Click Configure Failover in the Configure ODBC User Directory section of the dialog.

   The ODBC Data Source Failover table displays.

4. Enter the data source name, in the first Failover Node field. Add the names of other data sources in the remaining fields for failover.

   Note: If you are adding a server for failover, the failover directory must use the same type of communication (SSL or non-SSL) as the primary directory. Both directories share the same port number.

   If you only have one entry in the table, then CA SiteMinder® Federation Standalone only supports failover.

Example: ODBC Failover

In this example, a CA SiteMinder® environment contains two user directories, A and B, which must meet the following requirements:

• User directory A must failover to user directory B
• User directory B must failover to user directory A

This configuration requires two failover nodes: the data source name for user directory A and a data source name for user directory B.

ODBC Data Source on Solaris Configuration Requirement

If you are using an ODBC data source on a UNIX system as a user directory, configure the data source in the system_odbc.ini file.

The system_odbc.ini file, located in the federation_install_dir/siteminder/db folder, contains all of the names of the available data sources. In addition, this file contains the attributes that are associated with these data sources. The first attribute is the ODBC driver allocated to CA SiteMinder® Federation Standalone. The remaining attributes are specific to the driver.

When you are updating the file to configure a new data source, you add a new section that describes the data source. You place entries for the SQL Server or Oracle drivers after the section that reads [CA FedManager Data Source]. Do not modify the original text.

Configure the Oracle Wire Protocol Driver

You configure the Oracle wire protocol driver to specify the settings CA SiteMinder® Federation Standalone uses to connect to the data source.

To configure the Oracle wire protocol driver

1. Navigate to the directory federation_install_dir/siteminder/db.
2. Open the system_odbc.ini file in a text editor.
3. Select the section [CA FedManager Data Source] and make a copy of it directly under its current location.
4. Using the copy you created as a template, rename the heading in brackets to something appropriate for your data source.
5. Change the values in the LogonID, Password, HostName, and Service Name entries.

   The modified text for the Oracle data source appears as follows:

   Driver=federation_install_dir/siteminder/odbc/lib/NSora23.so
   Description=DataDirect 5.3 Oracle Wire Protocol
   LogonID=uid
   Password=pwd
   HostName=servername
   PortNumber=1521
   ServiceName=servicename
   CatalogOptions=0
   ProcedureRetResults=0
   EnableDescribeParam=0
   EnableStaticCursorsForLongData=0
   ApplicationUsingThreads=1
   

6. Save the file.

   The Oracle wire protocol driver is configured.

Important! Do not modify other entries in the file, especially anything listed in the [CA FedManager Data Source] section.

Configure the SQL Server Wire Protocol Driver

You configure the SQL wire protocol driver to specify the settings CA SiteMinder® Federation Standalone uses to connect to the database.

To configure the SQL Server wire protocol driver

1. Navigate to the directory federation_install_dir/siteminder/db.
2. Open the system_odbc.ini file in a text editor.
3. Select the section [CA FedManager Data Source] and make a copy of it directly under its current location.
4. Using the copy you created as a template, rename the heading in brackets to something appropriate for your data source.
5. Change the values and add new entries so that the modified text for the SQL Server data source appears as follows:

   Driver=federation_install_dir/siteminder/odbc/lib/NSmass23.so
   Description=DataDirect 5.0 SQL Server Wire Protocol
   Database=database_instance
   Address=host_IP_address, port_number (default: 1433)
   QuotedId=No
   AnsiNPW=No
   

6. Save the file.

   The wire protocol driver is configured.

Important! Do not modify other settings in this file, especially anything listed in the [CA FedManager Data Source] section.