Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
EmpowerID Linux connector allows organizations to bring the user and group data in their Linux systems to EmpowerID, where it can be managed and synchronized with data in any connected back-end user directories. Once connected, you can manage this data from EmpowerID in the following ways:
Create new users
Edit user attributes
Delete users
Create new groups
Manage group membership
Delete groups
Info |
---|
Additionally, EmpowerID provides Provisioning policies or Resource Entitlements that allow you to automatically provision Linux accounts for any person within your organization based on your policy requirements. For more information on Resource Entitlements, see Configuring Provisioning Policies. |
This topic demonstrates how to connect EmpowerID to Linux and is divided into the following activities:
Connecting EmpowerID to your Linux Server
Configuring attribute flow rules
Configuring the Linux Account Store
Monitoring Inventory
To connect EmpowerID to your Linux Server
On the navbar, expand Admin > Applications and Directories and then click Account Stores and Systems.
On the Account Stores page, click Create Account Store.
Under System Types, search for Linux and then click Linux to select the system type .
Click Submit.
This opens the Linux form, which is where you enter the information needed to connect EmpowerID to the system.
Enter the following information in the Linux form:
Server — Enter the IP address or the FQDN for the server
Name — Enter a name for the account store
User Name — Enter the user name for the account EmpowerID should use to connect to the Linux server. This account should be a super user.
Password — If you want to use password authentication, enter the password for the above user account.
Use Certificate — If you want to use certificate authentication, select this option (check it). Doing so hides the Password field and displays the Certificate and Certificate Password fields.
Certificate — Click Choose File and then browse to and select the appropriate certificate.
Certificate Password — Enter the certificate password.
Is Remote (Requires Cloud Gateway) — This setting appears for account stores with local directories, such as Active Directory, LDAP, SAP, etc. When enabled, this tells EmpowerID to use the Cloud Gateway Connection for that account store. The Cloud Gateway Connection must be installed on an on-premise machine. For installation information, please see Installing the EmpowerID Cloud Gateway Client.
Click Submit to create the account store.
EmpowerID creates the account store and the associated resource system. The next step is to configure the attribute flow between the account store and EmpowerID.
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
To configure account store settings
On the Account Store and Resource System page, click the Account Store tab and then click the pencil icon to put the account store in edit mode.
This opens the edit page for the Linux account store. This page allows you to specify the account proxy used to connect EmpowerID to your Linux system as well as how you want EmpowerID to handle the user information it discovers in the Linux system during inventory. Settings that can be edited are described in the table below the image.Insert excerpt IL:Linux Account Store Settings IL:Linux Account Store Settings nopanel true Edit the account store as needed and then click Save to save your changes.
Next, enable the Account Inbox permanent workflow to allow the Account Inbox to provision or join the user accounts in Domino to EmpowerID Persons as demonstrated below.
Tip |
---|
EmpowerID recommends using the Account Inbox for provisioning and joining. |
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Div | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||
IN THIS ARTICLE
|