Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring JIMS Identity Server

 

Starting in JIMS release 1.3, a new component, JIMS Identity Server provides an interface between user firewall functionality on SRX Series device and JIMS. From this release forward, we will refer to the existing JIMS service as Classic JIMS. JIMS Identity Server allows SRX Series device to validate domains, groups, users, and devices using Junos OS command-line interface (CLI). JIMS Identity Server runs as an independent process from the Classic JIMS. JIMS Identity Server continues to respond to the policy validation requests from SRX Series device even if the connection to the JIMS is down.

From this release, JIMS Identity Server is the default identity client. By default, JIMS Identity Server uses port 591 for SRX Series device validation requests and port 8008 to connect with Classic JIMS.

At the time of installation or upgrade to JIMS 1.3, if one of the ports for JIMS Identity Server is not available, the installer prompts you to enter non-conflicting ports. At this point, you can either remove the competing service that is using those port(s) or change the remote side (CSO or SRX Series device) configuration port arguments to install.

See Configure Juniper Identity Management Service to Obtain User Identity Information for the Junos CLI configuration to configure JIMS Identity Server.