ideiio Connect – Bridge install Guide (Original)
Cisco Secure Email Cloud Gateway
Introduction
ideiio Connect is a tool for synchronizing identity data between different applications using a variety of different technologies. Connect provides basic identity mapping capabilities to transfer identity data to and from identity sources and for user provisioning.
Attention
This document only pertains to the Directory Service Sync Tool. Please disregard this document if you are not utilizing or deploying the Directory Service Sync Tool.
Architecture
ideiio Connect uses the SCIM 1.1 data format for synchronization between source and target identity data. In most use cases, ideiio acts as the SCIM 1.1 source of data into Connect, sending identity information to provisioning targets.
ideiio Connect can run purely in the cloud as a SaaS service, or the ideiio connect bridge agent can be installed locally to synchronize data between systems that are not exposed to the internet. This document will describe the installation process for the ideiio connect bridge agent.
Installation
This section describes the process to install a new ideiio bridge. To upgrade an existing bridge, refer to the upgrade section of this document.
VM Requirements
OS Recommended Disk Size RAM Processor Cores Debian Linux 300 GB (minimum) 32 GB Dual Note: Please wait for installation services before deploying any VM in a customer environment.
Prerequisites
• Java8 or Java11
• A database server (MySQL or MariaDB is recommended)
Prepare the installation package
Unzip the distribution to a temporary working directory.
unzip ideiio-Bridge-<version>.zip
You will configure the Bridge in the temporary directory and then use the install script to install files to the proper locations.
Download Database Drivers
Download and copy any required JDBC drivers/connectors to the lib directory. For example, the MySQL connector and Oracle Driver are not included in the distribution due to licensing restrictions.
cp mysql-connector-java-x.y.z.jar <temp working dir>/lib/
Create the Application Database
ideiio Bridge requires a database for its application tables. The update-db-schema.sh script will set up the database. First, edit the script and update the database connection information.
db_host='localhost'
db_port=3306
db_user='dbuser'
db_pass='changeme'
Edit the mysql/create.sql script and update the password and server for the ideiiobridge user. Replace the password changeit with a secure password for the ideiiobridge user. Make sure to record this password. It is needed later. The login location, denoted by the % character in the commands below should also be replaced by the bridge server’s IP address or hostname.
-- Create the ideiio Bridge user
CREATE USER IF NOT EXISTS 'ideiiobridge'@'%' IDENTIFIED BY 'changeit';
-- Grant the ideiio Bridge user permissions
GRANT INSERT, UPDATE, DELETE, SELECT ON ideiiobridge.* TO 'ideiiobridge'@'%';
Then run the database setup script.
sudo bin/update-db-schema.sh
Update the config.json (if needed)
The bridge agent installation package is fully configured with the configuration provided in the ideiio Connect manager. If any information is missing from the cloud config, the configuration can be updated manually.
vi <temp working dir>/etc/config.json
Run the installation script
Now the installation script can be run. The script will create the bridge user, place the files in the correct locations, and install the bridge as a service. It needs root access to run, so use sudo to run it.
sudo bin/install.sh
The ideiio bridge is now running with the default configuration including the default port of 4646. The following section will provide information about advanced configuration.
Updated 4 months ago