- Q. Is IDM compatible with Oracle® Java Development Kit (JDK) 11?
- Q. Can IDM be used with OpenJDK™?
- Q. How do I integrate IDM, AM and DS?
- Q. Do I need to change the default symmetric encryption key for production (Pre-IDM 6.5)?
- Q. Does IDM support encryption keys with 256-bit AES encryption?
- Q. How do I configure IDM for case insensitive searching?
- Q. Can IDM be configured to use multiple OpenICF Connector servers and failover with Active Directory® Domain Controllers?
A. Yes, as of IDM 6.5, Oracle JDK 11 is supported. You should only use supported versions to prevent compatibility issues.
A. Yes, OpenJDK is supported in IDM. See Before You Install (Java Requirements) for details of versions.
A. You should refer to Platform Setup Guide for further information.
A. No, you do not. IDM generates a symmetric key and a private key the first time the server is started. See How do I change the symmetric key in IDM 5.x and 6? for further information.
However, you should change the default keystore password as detailed in Change the Default Keystore Password.
A. Yes, IDM does support keys with 256-bit AES encryption and as of Java 9, so does Java. With earlier versions of Java, you must install the Oracle Java JCE unlimited strength jars if you want to use keys with 256-bit AES encryption. See Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files Download for further information and links to download the jars.
A. IDM is case-sensitive, but this can cause issues where valid entries are not found due to their case. This issue also affects queries done using queryFilter as the case-sensitivity of queryFilter depends on the repository's collation. You can resolve this by configuring the repository for case sensitivity as detailed in Reconcile With Case-Insensitive Data Stores.
Q. Can IDM be configured to use multiple OpenICF Connector servers and failover with Active Directory Domain Controllers?
A. No, IDM can only use one OpenICF Connector server at a time. For failover purposes, you should have two or more Active Directory Domain Controllers (DC) with the OpenICF Connector server installed and if one becomes unavailable, your system administrator should change the target IP to another available DC.