Configuring the Tivoli Directory Integrator Server
For JSA to integrate with user information sources, you must install and configure a Tivoli Directory Integrator on a non-JSA host.
No configuration is required on your JSA system; however, you must access your Console to obtain the QRadarIAM_TDI.zip file. Then, install and configure a Tivoli Directory Integrator server on a separate host. Create and import a self-signed certificate.
When you extract the QRadarIAM_TDI.zip file on the Tivoli Directory Integrator server, the TDI directory is automatically created. The TDI directory includes the following files:
QradarIAM.sh, which is the TDI start up script for Linux
QradarIAM.bat, which is the TDI start up script for Microsoft Windows
QradarIAM.xml, which is the TDI xml script and must be stored in the same location as the QradarIAM.properties file
QradarIAM.properties, which is the properties file for TDI xml script
When you install Tivoli Directory Integrator, you must configure a name for the Solutions directory. This task requires you to access the Solutions directory. Therefore, in the task steps, <solution_directory> refers to the name that you gave to the directory.
The following parameters are used to create and import certificates:
Parameter |
Description |
---|---|
<server_ip_address> |
Defines the IP address of the Tivoli Directory Integrator server. |
<days_valid> |
Defines the number of days that the certificate is valid. |
<keystore_file> |
Defines the name of the keystore file. |
-storepass <password> |
Defines the password for keystore. |
- keypass <password> |
Defines the password for the private/public key pair. |
<alias> |
Defines the alias for an exported certificate. |
<certificate_file> |
Defines the file name of the certificate. |