Post by Saurav Saraff Post by Saurav Saraff Post by John Dell'Oso Post by email@example.com
I need to create user in ISAM after fetching user details from some source. I have gone through the TAM connector doc from IBM, but unable to follow the exact implementation of TAM connector. Any explanation or pointer on this would be appreciated.
I have already done the configuration of ISAM java runtime. I have visited the TAM Connector doc. But I am unable to follow the exact implementation of this connector. It would be great if you could provide some details on TAM connector with example of its implementation.
My current understanding: If i need to create user in ISAM using TDI, TAM connector can help me. Please help me understand how will the user be created in TAM?
Just read that TAM connector creates user in SecAuthority=default suffix. Can anyone explain "SecAuthority=default suffix"?
When you are working with a system it is important to understand how the system works - so you should really get some information about what TAM/ISAM really is...
Now - you seem to work with the "old" TAM Connector which is using the TAM Java API - I would recommend (unless you are going to use the GSO box) to move to the newer ISAMV2 Connector which is much faster and easier as it it based on the ldap Direct Java api.
Now - back to your question.
ISAM (aka TAM) uses 2 suffixs in its model for users. The one suffix (which may actually reside in a different ldap - this is called federated ldap) is where the "standard" inetorg person resides with all the standard ldap attributes and memberships. The ISAM specific data (eg whether a user/group is actually an ISAM user/group) is stored in another suffix (aka as a Domain) - ISAM supports multiple security domains in the same ldap - the "Default" domain that is created ootb is the Secuthority=Default suffix.
I hope this clarifies a little bit - but again - you need to familiarize yourself with the ISAM fundamental concepts - else you will probably hurt yourself ;-)