Remote connectors
In many cases, IDM bundles the connectors required to connect to remote resources and assumes the connector runs on the same host as IDM. Sometimes, a connector cannot run on the same host as IDM. This may be for security or network reasons or because IDM runs in the cloud while the resource is on-prem. Connectors that do not run on the same host as IDM are remote connectors. To run remotely, a connector needs a Remote Connector Server (RCS) that runs on the same host as the connector. IDM accesses the connector through the RCS.
Running connectors remotely requires the following high-level steps:
-
Install an RCS and any dependencies required.
-
Install Java RCS (Recommended)
You can also deploy Java RCS in a Docker container.
-
-
RCS contains many bundled connectors, but you can download additional connectors from the ForgeRock BackStage download site, and place the .jar file or .dll file on your remote server in the
/path/to/openicf/connectors/directory.
For a list of supported RCS versions, and compatibility between versions, refer to IDM / ICF Compatibility Matrix.
Install a Remote Connector Server (RCS)
There are two types of RCS:
-
Java: Use the Java RCS if your Java connector needs to run in a different JVM to IDM. Unless the remote resource you are connecting to needs the .NET PowerShell connector, this is the recommended RCS to use.
The system on which you install the Java RCS must run JRE version 11 or later. Disk space and memory requirements depend on the number of connectors you are using and the volume of traffic through the RCS.
You can also deploy Java RCS in a Docker container. -
.NET: Use the .NET RCS if you are using the PowerShell connector to connect to an identity store. IDM communicates with the .NET RCS over the network, and the RCS runs the PowerShell connector.
Install connector dependencies
In most cases, ICF connectors come bundled with all third party libraries needed to run. In some cases, however, you’ll need to download certain libraries (for example, the Database Table connector needs the appropriate JDBC driver for the database you are targeting). For local connectors, place these libraries in the /path/to/openidm/lib/
directory. For remote connectors, place them in the /path/to/openicf/lib/
directory on the RCS.
The following table lists the connector dependencies and indicates which ones must be downloaded:
| Dependencies for bundled connectors | |
|---|---|
Database Table connector |
No external dependencies. However, you must include the JDBC driver for the database that you are targeting in the |
DocuSign connector |
|
PeopleSoft connector |
|
SAP connector |
|