On 12/28/18 5:13 AM, alekz wrote:
> On 2018-12-27 18:04, Steven Williams wrote:
>> On 12/27/18 9:26 AM, alekz wrote:
>>> Hello,
>>>
>>> The docs for 3.5 say that we must install a separate instance of OSP
>>> for use with IG even if already have OSP installed for IDM:
>>>
>>> https://www.netiq.com/documentation/.../b1djgc1j.html
>>>
>>>
>>>
>>> (Conditional) Even if you installed OSP with Identity Manager 4.5 or
>>> later, if you want to use OSP as your authentication service, you
>>> must install a separate instance of OSP for use with Identity
>>> Governance.
>>>
>>> This is confusing since in the part that documents "Integrating
>>> Single Sign-on Access with Identity Manager"
>>>
>>> https://www.netiq.com/documentation/...l480bru7u.html
>>>
>>>
>>> it says:
>>>
>>> "Identity Governance must use the same authentication server that the
>>> identity applications use. "
>>>
>>> and there is an entire chapter called "Using the Same Authentication
>>> Server as Identity Manager#"
>>>
>>> My question is, if I want SSO between IG and IDM, do I need to
>>> install a separate instance of OSP for IG or not?
>>>
>>> Thanks!
>>>
>>>

>> Greetings,
>>
>> 1) ID Gov requires min version of OSP to be 6.3.0
>>
>> 2) I will notify the documentation team to correct the Conditional
>> statement, because IDM 4.5 would not have the correct min version of
>> OSP.* When IDM 4.7.2 releases, it will include version 6.3.0 of OSP.
>>
>>
>> To be able to SSO between ID Gov and the Identity Apps, the "same" OSP
>> has to be used.* The reason why I have quotes is because you could
>> have a cluster of OSPs so it would not be the 1 same OSP, but N number
>> of OSPs that are properly configured in a Cluster.
>>
>>
>>
>> The following note is a different part of the docs:
>>
>> "
>> NOTE: To integrate Identity Governance 3.5 with NetIQ Identity
>> Manager, you must have NetIQ Identity Manager 4.7.2, at a minimum. For
>> Single Sign On (SSO) between Identity Governance 3.5 and NetIQ
>> Identity Manager 4.7, you must have OSP 6.3.0 available in 4.7.x patch
>> and later versions of NetIQ Identity Manager, at a minimum.
>> "
>>

> Hi,
>
> So it has to be the "same" OSP and it has to be 6.3.0.
>
> One more question, once IDM 4.7.2 with OSP 6.3.0 comes out, I should
> copy uaconfig-ig-defs.xml from the IG server to the OSP server for
> integration purposes.
>
> But I can't find it on the IG server. It has both OSP 6.3.0 och IG 3.5
> installed. Is it because I run them both on the same server so there is
> no need for the file? I.e. do I have to reinstall IG and select
> "external authentication server"?
>
> Thanks again Steven!
>
>

Greetings,

1) The documentation is being corrected on this. As you noticed the
uaconfig-ig-defs.xml file is no longer provided with ID Gov 3.5. It
will be provided with the upcoming IDM patch.


2) For a "clean" environment I would suggest re-installing and select
"external authentication server" once the upcoming IDM patch is available.


--
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus