- play_arrow What's New for Administrators
- play_arrow Overview of JSA Administration
- play_arrow User Management
- play_arrow License Management
- play_arrow System Management
- System Management
- System Health Information
- JSA Component Types
- Data Nodes
- Network Interface Management
- JSA System Time
- NAT-Enabled Networks
- Off-site Hosts Management
- Managed Hosts
- Configuration Changes in your JSA Environment
- Deploying Changes
- Restarting the Event Collection Service
- Shutting Down a System
- Restarting a System
- Collecting Log Files
- Changing the Root Password on Your JSA Console
- Resetting SIM
- play_arrow JSA Set Up Tasks
- JSA Set Up Tasks
- Network Hierarchy
- Automatic Updates
- Manual Updates
- Configuring System settings
- IF-MAP Server Certificates
- SSL Certificates
- IPv6 Addressing in JSA Deployments
- Advanced Iptables Rules Examples
- Data Retention
- System Notifications
- Custom Offense Close Reasons
- Configuring a Custom Asset Property
- Index Management
- Restrictions to Prevent Resource-intensive Searches
- App Hosts
- Checking the Integrity Of Event and Flow Logs
- Adding Custom Actions
- Managing Aggregated Data Views
- Accessing a GLOBALVIEW Database
- play_arrow Event Data Processing in JSA
- Event Data Processing in JSA
- DSM Editor Overview
- Properties in the DSM Editor
- Property Configuration in the DSM Editor
- Opening the DSM Editor
- Configuring a Log Source Type
- Configuring Property Autodetection for Log Source Types
- Configuring Log Source Autodetection for Log Source Types
- Configuring DSM Parameters for Log Source Types
- Custom Log Source Types
- Custom Property Definitions in the DSM Editor
- Event Mapping
- Exporting Contents from the DSM Editor
- play_arrow Using Reference Data in JSA
- play_arrow Juniper Networks X-Force Integration
- play_arrow Managing Authorized Services
- play_arrow Backup and Recovery
- play_arrow Flow Sources Management
- play_arrow Remote Networks and Services Configuration
- play_arrow Server Discovery
- play_arrow Domain Segmentation
- play_arrow Multitenant Management
- Multitenant Management
- User Roles in a Multitenant Environment
- Domains and Log Sources in Multitenant Environments
- Provisioning a New Tenant
- Monitoring License Usage in Multitenant Deployments
- Rules Management in Multitenant Deployments
- Network Hierarchy Updates in a Multitenant Deployment
- Retention Policies for Tenants
- play_arrow Asset Management
- play_arrow Configuring JSA to Forward Data to Other Systems
- Forward Data to Other Systems
- Adding Forwarding Destinations
- Configuring Forwarding Profiles
- Configuring Routing Rules to Forward Data
- Using Custom Rules and Rule Responses to Forward Data
- Configuring Routing Rules to Use the JSA Data Store
- Viewing Forwarding Destinations
- Viewing and Managing Forwarding Destinations
- Viewing and Managing Routing Rules
- play_arrow Event Store and Forward
- play_arrow Security Content
- play_arrow SNMP Trap Configuration
- play_arrow Protect Sensitive Data
- play_arrow Log Files
- play_arrow Event Categories
- play_arrow Common Ports and Servers Used by JSA
- play_arrow RESTful API
Creating and Managing User Information Source
Use the UISConfigUtil utility to create, retrieve, update, or delete user information sources.
Creating a User Information Source
Use the UISConfigUtil utility to create a user information source.
Before you create a user information source, you must install and configure your Tivoli Directory Integrator server. For more information, see Configuring the Tivoli Directory Integrator Server.
When you create a user information source, you must identify the property values required to configure the user information source. The following table describes the supported property values:
Property | Description |
---|---|
tdiserver | Defines the host name of the Tivoli Directory Integrator server. |
tdiport | Defines the listening port for the HTTP connector on the Tivoli Directory Integrator server. |
hostname | Defines the host name of the user information source host. |
port | Defines the listening port for the Identity and Access Management registry on the user information host. |
username | Defines the user name that JSA and Log Manager use to authenticate to the Identity and Access Management registry. |
password | Defines the password that is required to authenticate to the Identity and Access Management registry. |
searchbase | Defines the base DN. Note: All users that are referenced in all groups must be found in a search from the searchbase. |
search filter | Defines the search filter that is required to filter the groups that are retrieved from the Identity and Access Management registry. |
Using SSH, log in to your JSA Console as the root user.
User name: root
Password: <password>
To add a user information source, type the following command: UISConfigUtil.sh add <name> -t <AD|ISAM|ISIM|ISFIM> [-d description] [-p prop1=value1,prop2=value2...,propn=valuen]
Where:
<name> Is the name of the user information source you want to add.
<AD|ISAM|ISIM|ISFIM> Indicates the user information source type.
[-d description] Is a description of the user information source. This parameter is optional.
[-p prop1=value1,prop2=value2,...,propn=valuen] Identifies the property values required for the user information source. For more information about the supported parameters, see Creating a User Information Source.
For example:
/UISConfigUtil.sh add "UIS_ISIM" -t ISIM -d "UIS for ISIM" -p "tdiserver=nc9053113023.tivlab.austin.ibm.com,tdiport=8080, hostname=vmibm7094.ottawa.ibm.com,port=389, username=cn=root,password=password,\"searchbase=ou=org,DC=COM\",\ "searchfilter=(|(objectClass=erPersonItem)(objectClass=erBPPersonItem) (objectClass=erSystemUser))\""
Retrieving User Information Sources
Use the UISConfigUtil utility to retrieve user information sources.
Using SSH, log in to your JSA Console as the root user.
User name: root
Password: <password>
Choose one of the following options:
Type the following command to retrieve all user information sources: UISConfigUtil.sh get <name>
Type the following command to retrieve a specific user information source: UISConfigUtil.sh get <name>
Where <name> is the name of the user information source you want to retrieve.
For example:
[root@vmibm7089 bin]# .UISConfigUtil.sh get "UIS_AD"
Editing a User Information Source
Use the UISConfigUtil utility to edit a user information source.
Using SSH, log in to your JSA Console as the root user.
User name: root
Password: <password>
Type the following command to edit a user information source: UISConfigUtil.sh update <name> -t <AD|ISAM|ISIM|ISFIM> [-d description] [-p prop1=value1,prop2=value2,...,propn=valuen]
Where:
<name> Is the name of the user information source you want to edit.
<AD|ISAM|ISIM|ISFIM> Indicates the user information source type. To update this parameter, type a new value.
[-d description] Is a description of the user information source. This parameter is optional. To update this parameter, type a new description.
[-p prop1=value1,prop2=value2,...,propn=valuen] Identifies the property values required for the user information source. To update this parameter, type new properties. For more information about the supported parameters, see Creating a User Information Source.
For example:
./UISConfigUtil.sh update "UIS_AD_update" -t AD -d "UIS for AD" -p "searchbase=DC=local"
Deleting a User Information Source
Use the UISConfigUtil utility to delete a user information source.
Using SSH, log in to your JSA Console as the root user.
User name: root
Password: <password>
Type the following command to delete a user information source:
UISConfigUtil.sh delete <name>
Where <name> is the name of the user information source you want to delete.
The collected user information is stored in a reference data collection in the JSA database. If no reference data collection exists, a new reference data collection is created. If a reference data collection was previously created for this user information source, the reference map is purged of previous data and the new user information is stored. For more information about reference data collections, see Reference Data Collections for User Information.