The remote loader is used to synchronize data between the meta directory and the connected system (AD, LDAP, MySQL, etc). It is required to open the communication port (default 8090 (TCP) incoming) for the following IP addresses within your firewall:
134.76.9.64/28
For system requirements see: System requirements
Remote loader files: - download -
Remote loader service pack: - download -
Sectigo-chain: - download -
Documentation remote loader installation (NetIQ) P. 47 ff: - link -
Documentation remote loader configuration (NetIQ) P. 32 ff: - link -
Documentation Creating an Administrative Account (NetIQ) P. 26 ff: - link -
PW-Filter installation P 47 ff: - link -
childitem -path C:\Downloads\RemoteLoader4.8Setup -recurse | unblock-file
install.exe
IdentityManagerServer\install.exe
of service pack dirxml_remote.exe
. If you are using the Active Directory driver the user who runs the service needs to be in the local administrator group.
The installation on Linux systems differs between certified systems (eg SLES 15, RHEL 8, etc. see ) and non-certified systems. If you are using a non-certified system eg. Ubuntu the Java remote loader has to be installed.
Remote loader files: - download -
Remote loader service pack: - download -
Sectigo-chain: - download -
Documentation remote loader installation (NetIQ) P. 65ff: - link -
The 32Bit version of glibc has to be installed on x86_64 systems:
yum install glibc.i686
chmod -R 755 * ./idm_linux.bin -i silent -f silent.properties
Remote Loader files: - download -
Sectigo-chain: - download -
Documentation remote loader installation (NetIQ) P. 75ff: - link -
./create_keystore Sectigo-chain.b64
jarlist=`ls /opt/novell/eDirectory/lib/dirxml/classes/*.jar`
jarlist=`ls /<installation path>/lib/*.jar`
Example LDAP Konfiguration
-commandport 8000 -connection "port=8090 keystore='<installation directory>/dirxml.keystore' storepass=dirxml" -trace 4 -tracefile ./trace8000.log -tracefilemax 10M -class com.novell.nds.dirxml.driver.ldap.LDAPDriverShim
./dirxml_jremote -config config8000.txt -sp <remote loader password> <driver object password>
./dirxml_jremote -config config8000.txt
PATH=$PATH:/path/to/java/bin/
#!/bin/sh INSTDIR=/opt/novell/dirxml/bin/x86_64/ STAGEDIR=$INSTDIR/stage USER=ldap export PATH=/usr/local/bin:$PATH cd $INSTDIR case "$1" in stop) kill `ps aux | grep '[d]irxml_remote' | awk '{ print $2}'` ;; start|*) echo -n " rloader" exec > /dev/null 2>&1 touch trace8000.log chown $USER trace8000.log su $USER -c "$INSTDIR/dirxml_jremote -config $INSTDIR/config8000.txt &" ;; esac
[Unit] Description=IDM Remote Loader After=docker.service [Service] Type=simple ExecStart=/opt/novell/remoteloader/dirxml_jremote -config config8000.txt WorkingDirectory=/opt/novell/remoteloader User=remoteloader Group=remoteloader Restart=on-failure [Install] WantedBy=multi-user.target
Import Univention CA to Keystore to allow self signed LDAP certificate LDAP Certificate must also be available in Keystore
keytool -import -trustcacerts -alias univention-ca -file /opt/idm/univention-ca.pem -keystore dirxml.keystore keytool -import -trustcacerts -alias ldap -file /opt/idm/ldap.pem -keystore dirxml.keystore