Sailpoint Direct Connectors Administration and Configuration Guide for Version 7.3
Total Page:16
File Type:pdf, Size:1020Kb
SailPoint Direct Connectors Version 7.3 Administration and Configuration Guide Copyright © 2018 SailPoint Technologies, Inc., All Rights Reserved. SailPoint Technologies, Inc. makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. SailPoint Technologies shall not be liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material. Restricted Rights Legend. All rights are reserved. No part of this document may be published, distributed, reproduced, publicly displayed, used to create derivative works, or translated to another language, without the prior written consent of SailPoint Technologies. The information contained in this document is subject to change without notice. Use, duplication or disclosure by the U.S. Government is subject to restrictions as set forth in subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 for DOD agencies, and subparagraphs (c) (1) and (c) (2) of the Commercial Computer Software Restricted Rights clause at FAR 52.227-19 for other agencies. Regulatory/Export Compliance. The export and re-export of this software is controlled for export purposes by the U.S. Government. By accepting this software and/or documentation, licensee agrees to comply with all U.S. and foreign export laws and regulations as they relate to software and related documentation. Licensee will not export or re-export outside the United States software or documentation, whether directly or indirectly, to any Prohibited Party and will not cause, approve or otherwise intentionally facilitate others in so doing. A Prohibited Party includes: a party in a U.S. embargoed country or country the United States has named as a supporter of international terrorism; a party involved in proliferation; a party identified by the U.S. Government as a Denied Party; a party named on the U.S. Government's Specially Designated Nationals (SDN) List; a party prohibited from participation in export or re-export transactions by a U.S. Government General Order; a party listed by the U.S. Government's Office of Foreign Assets Control as ineligible to participate in transactions subject to U.S. jurisdiction; or any party that licensee knows or has reason to know has violated or plans to violate U.S. or foreign export laws or regulations. Licensee shall ensure that each of its software users complies with U.S. and foreign export laws and regulations as they relate to software and related documentation. Copyright and Trademark Notices. Copyright © 2018 SailPoint Technologies, Inc. All Rights Reserved. All logos, text, content, including underlying HTML code, designs, and graphics used and/or depicted on these written materials or in this Internet web site are protected under United States and international copyright and trademark laws and treaties, and may not be used or reproduced without the prior express written permission of SailPoint Technologies, Inc. “SailPoint Technologies & Design,” “IdentityIQ,” “IdentityNow,” “AccessIQ,” “Identity Cube,” “Managing the Business of Identity” and the SailPoint logo are registered trademarks of SailPoint Technologies, Inc. “SecurityIQ,” “SailPoint,” “Identity is Everything” and “The Power of Identity” are trademarks of SailPoint Technologies, Inc. None of the foregoing marks may be used without the prior express written permission of SailPoint Technologies, Inc. All other trademarks shown herein are owned by the respective companies or persons indicated. Revision History The following table describes the revision history of SailPoint Direct Connectors Administration and Configuration Guide for version 7.3: Version Description 7.1 Included the following important changes: • Deprecating support for Tenrox, Rally and ALES Connector • IQService: Support for Windows FIPS compliant mode • New Connectors: SCIM 2, SAP HANA, Web Services and RACF via LDAP • Workday Connector Enhancements: - It is a Standard Deployment Connector now - Future data - Delta Aggregation - Extensible account schema including schema attributes • Administrator Permissions changes for SAP HANA Connector • Deleted the Password Interceptor appendix from the guide. For more information about Password Interceptor for Active Directory and IBM i, see https://community.sailpoint.com/docs/DOC-3257 • Multiple group support in Tivoli, SunOne, and OpenLDAP LDAP Connectors • RSA Connector: Support for Extended Attributes such as mobile number • SAP HR/HCM Connector Enhancements - support for future hire and future data - enhancement for supporting different models to detect employee’s manager - Administrator permissions changes 7.1 Patch 1 Includes the following important changes: • Changes in Workday Connector • Moved the following Connectors to the Integration Guide: - Mainframe Integration Module: Agent Connectors, RACF LDAP - Enterprise Resource Planning Integration Modules: PeopleSoft, SAP Portal-User Management Web Service, Siebel, SAP, Oracle E-Business Suite and NetSuite Connector The ‘Component Interface’ appendix related to PeopleSoft Connector also moved to Integration Guide. - Healthcare Integration Module: Epic Connector • RSA Connector: Support for RSA Authentication Manager 8.2 • Azure Active Directory Connector: Support for Pass Through Authentication SailPoint Direct Connectors Administration and Configuration Guide Version Description 7.2 Includes the following important changes: • Deprecating support for CyberArk Connector • Multiforest support for Active Directory • Administrator permissions update in SAP HR/HCM • Azure Active Directory: Support for Pass through Authentication • Sybase Performance Optimization • Changes in Workday Connector 7.3 Includes the following important changes: • Deprecated Connectors: AWS IAM and Microsoft Project Server New Integration Module for Amazon Web Services is available now. This is documented in the SailPoint Integration Guide. • Deprecated support for SharePoint Target and Lieberman Target Collector • New Connector: SharePoint Online, Okta, SuccessFactors and PeopleSoft Campus Solution module supported by PeopleSoft Direct Connector • ServiceNow Connector: - Kingston support - Support for Helsinki is dropped. • Active Directory Connector: Support for Simple Authentication and Security Layer (SASL) • Azure Active Directory Connector: Support for Delta Aggregation (Accounts and Groups) and Partitioning Delta Aggregation (Accounts) • Google Apps Connector: - Support for Role assignments, aggregation and provisioning of custom schema attributes, delta aggregation - G Suite is the new name for formerly called Google Apps. • Web Services Connector: Support for paging, OAuth2 authentication type, paging, XML based request • New platform support for various connectors • SailPoint Oracle Connector now supports managing Oracle Database hosted on Amazon Web Services Relational Database Service (AWS RDS) • SailPoint Microsoft SQL Server Connector now supports managing SQL Server hosted on Amazon Web Services Relational Database Service (AWS RDS) • PeopleSoft Connector: Support for Databases (MSSQL, Oracle, MySQL and so on) SailPoint Direct Connectors Administration and Configuration Guide Table of Contents Revision History . 3 Overview . 1 Connector basics . 1 Connector Licensing . .1 Working of Connectors . .1 Retryable mechanism . 2 Mainframe Connectors . .2 What are Direct Connectors . 3 Application Types for Connectors . 3 Viewing the available connectors . 6 Connector selection . .6 Chapter 1: SailPoint Active Directory Connector . 7 Overview . 7 Supported features . .8 Supported Managed System . .9 Pre-requisites . .10 Administrator permissions . .10 Configuration parameters . .12 Forest Configuration . .12 Domain Configuration . .13 Exchange Configuration . .14 Additional configuration parameters . .14 Configuring searchDNs . .18 Schema attributes . .18 Account attributes . .19 Group attributes . .25 Provisioning Policy attributes . .25 Active Directory Recycle Bin . .30 Pre-requisites . .30 Configuring Recycle Bin . .30 Additional information . .31 Unstructured Target Collector . .31 Creating TLS communication . .32 Using Strong Authentication (SASL) . .33 Chapter 2: SailPoint AIX Connector . .35 Overview . .35 Supported features . ..