windows 2000 agent - ibmpublib.boulder.ibm.com/tividd/td/itim/sc32-1153-03/... · windows 2000...

IBM Tivoli Identity Manager

Windows 2000 Agent ��

�� 4.5.0

SA30-2135-03

��

IBM Tivoli Identity Manager

�� 4.5.0

SA30-2135-03

��

� �� , �� 93 �� F �� .

��(2003� 8�)

� �� , � �� 4.5.0 � �� .

��

�� . . . . . . . . . . . . . . . . . v

� �� . . . . . . . . . . . . . v

�� . . . . . . . . . . . . . . . . . v

Tivoli Identity Manager �� . . v

�� . . . . . . . . . . . . . . v

�� . . . . . . . . . . . vi

�� . . . . . . . . . . . . vi

�� . . . . . . . . . . . . . vi

� �� . . . . . . . . . . . . vii

� 1 � �� . . . . . . . . . . . . . . 1

�� . . . . . . . . . . . . . . . 1

� � �� . . . . . . . . . . . . . . 1

� 2 � �� . . . . . . . . . . . 3

�� . . . . . . . . . . . . . . . . 3

�� . . . . . . . . . . . . . . 3

1 ��: �� . . . . . . . . . . 4

2 ��: �� . . . . . . 4

3 ��: �� . . . . . . . . . . 4

4 ��: �� . . . . . . . 4

5 ��: �� . . . . . . 4

6 ��: �� . . . . . . . . 4

7 ��: �� . . . . . . . 4

8 ��: �� . . . . . . . . 5

1 ��: �� . . . . . . . . . . . 5

2 ��: �� . . . . . . . 6

3 ��: �� . . . . . . . . . . . 6

4 ��: �� . . . . . . . . 7

5 ��: �� . . . . . . . 7

6 ��: �� . . . . 7

7 ��: �� . . . . . . . . 8

8 ��: �� . . . . . . . . . 9

� 3 � �� . . . . . . . 11

�� . . . . . . . . . . . . . . . 11

�� . . . . . . . . . . 12

�� . . . . . . . . 13

� 4 � �� . . . . . . . . . 15

�� . . . . . . . . . . . . . . . 15

SCHEMA.DSML �� . . . . . . . . . 15

XFORMS.XML �� . . . . . . . . . . 18

CustomLabels.properties �� . . . . . . . 19

�� . . . . . . . . . . . . . . . 19

�� . . . . . . . . . 21

1 ��: �� . . . 22

2 ��: exschema.txt �� . . . . . . 22

3 ��: schema.dsml �� . . . . . . 22

4 ��: xforms.xml �� . . . . . . . 23

5 ��: CustomLabels.properties �� . . 24

6 ��: Tivoli Identity Manager Server� �

�� . . . . . . . . . . . . . . 25

�� . . . . . . . . . . . 25

� 5 � �� . . . . . . 27

�� . . . . . 27

�� . . . . . . . . . . . . . 28

�� . . . . . . . . . . 28

�� . . . . . . . . . . . . 29

�� . . . . . . . . . . . . 30

�� . . . . . . . . . . . . 32

�� . . . . . . . . . . . 34

�� . . . . . . . . 34

�� . . . . . . . . . . . . . . 36

�� . . . . . . . . . . . 36

�� . . . . . . . . . . 38

�� . . . . 39

�� . . . . . . . . . . 39

�� . . . . . . . . . . . . 40

�� . . . . . . . . . . . . . . . 41

�� . . . . . . . . . 41

� 6 � �� . . . . . . . . . . . . 45

SSL � �� . . . . . . . . . 45

��-�� SSL� �� . . . . . . 46

�� Tivoli Identity Manager �� . . . . 47

� �� . . . . . . . 47

�� . . . . . . . . 49

� �� . . . . . . . . . 50

request.pem �� . . . . . . . . . 50

�� . . . . . . . . . . . . 51

PKCS12 �� . . . . . . 51

�� . . . . . . . . . . . . 51

CA � �� . . . . . . . . . . . . . 52

�� . . . . . . . . . . . . 53

� � . . . . . . . . . . . . . . . 53

� � �� . . . . . . . . . . . . . 53

�� A. �� . . . . . . . . . . 55

�� . . . . . . . . . . . . . . . 55

Windows 2000 Agent �� . . . . . . 63

�� . . . . . . . . . . . 63

�� . . . . . . . . . 63

�� . . . . . . . . . . . 64

�� . . . . . . . . . . . . . . . . 64

PostalCountry . . . . . . . . . . . . 66

�� B. �� . . . . . . . . . . 71

�� . . . . . . . . . . . . . . . 71

�� . . . . . . . . . . . . 71

� �� . . . . . . . . . . . . . . 71

�� . . . . . . . . . . . . . . 71

�� . . . . . . . . . . . . . 72

�� C. �� SCHEMA.DSML �� . . . . . 73

�� D. �� XFORMS.XML �� . . . . . . 87

�� E. �� CustomLabels.properties �� . . 91

�� F. �� . . . . . . . . . . . . 93

�� . . . . . . . . . . . . . . . . . 94

�� . . . . . . . . . . . . . . . . . 97

iv IBM Tivoli Identity Manager: Windows 2000 Agent ��

��

Tivoli Identity Manager Windows 2000 Agent(Windows 2000 Agent)� IBM Tivoli

Identity Manager Server� Windows 2000� ��

�� . �� Tivoli Identity Manager� �

�� Windows 2000� �� . � ��

Windows 2000 Agent� �� .

� ��

� � �� Windows 2000® ��

� �� . � �� Windows 2000 ��

� �� . ��

��. �� Windows 2000 ��

� ��.

��

Tivoli Identity Manager ��

� �� . ��

� �� .

Tivoli Identity Manager �� .

v Tivoli Identity Manager� ��

�� Tivoli Identity Manager ��

��.

v Tivoli Identity Manager Policy and Organization Administration Guide

Tivoli Identity Manager �� .

v Tivoli Identity Manager Server Configuration Guide

��.

��

Tivoli Identity Manager� �� .

v Tivoli Software Library� ��, ��, �, �� Tivoli

�� . Tivoli Software Library� �� .

http://www.ibm.com/software/tivoli/library/

v Tivoli Software Glossary�� Tivoli ��

�� . Tivoli Software Glossary� Tivoli Software Library � �

�� Glossary �� .

http://www.ibm.com/software/tivoli/library

��

� �� IBM �� Tivoli Software Library�� PDF(Portable

Document Format) �� HTML(Hypertext Markup Language) ��

�� .

http://www.ibm.com/software/tivoli/library

�� Product

manuals �� . � �� Tivoli Software Information Center ��

�� .

�� , �� , �� , ��

�� .

�: PDF �� Adobe Acrobat � ��

� ��(�� → �� )� ��.

��

�� .

v �� HTML � �� PDF � ��

� �� .

v ��

� �� .

��

IBM Tivoli �� IBM Tivoli

Software Support � �� .

http://www.ibm.com/software/sysmgmt/products/support/

�� , �� IBM Software Support Guide� �

�� .

http://techsupport.services.ibm.com/guides/handbook.html

vi IBM Tivoli Identity Manager: Windows 2000 Agent ��

� �� .

v ��

� ��

� �� , ��

� ��.

�� .

�� , �� ( ��

�� ).

�� .

v ��

�� vii

viii IBM Tivoli Identity Manager: Windows 2000 Agent ��

� 1 � ��

� �� Windows 2000 Agent ��

� �� . � ��

� �� .

��

�� , ��, ��

v �� .

v �� Windows 2000 Agent� �� .

v Windows 2000 Agent� Tivoli Identity Manager Server� ��

� �� .

v Tivoli Identity Manager Server� �� .

v �� Tivoli Identity Manager Server� ��.

v �� .

� ��

Windows 2000 Agent �� Windows 2000 Agent

�� .

� 1 ��

�� .� 2 �� . ��

�� .� 3 ��

��

Tivoli Identity Manager Server� ��

�� . Tivoli Identity Manager Server

� �� Tivoli Identity Manager Server�

�� . Tivoli Identity Manager Server� �

�� , Tivoli Identity Manager

Server� Windows 2000� �� .� 4 �� Windows 2000 Active Directory��

Windows 2000 Agent� ��

��. � � �� .� 5 ��

��

agentCfg �� . agentCfg ��

� ��, ��

�� .� 6 �� CertTool �� . CertTool ��

�� , ��, ��

� ��.

�� A �� .�� B ��

��.�� C �� SCHEMA.DSML

��

�� SCHEMA.DSML �� .

�� D �� XFORMS.XML

��

�� XFORMS.XML �� .

�� E �� CustomLabels.

properties ��

�� CustomLabels.properties �� .

�� F �� .

2 IBM Tivoli Identity Manager: Windows 2000 Agent ��

� 2 � ��

� �� Windows 2000 Agent ��

�. � ��

�. �� .

��

�� Windows 2000 Agent� �� , ��

�� . Windows 2000 Agent� ��

�� .

� 1. ��

�� 32�� x86 �� , � 128MB� ��

� 100MB� ��

� ��.

�� .

v Active Directory� �� Windows 2000 Server

v Windows 2003 Server

v Windows XP Workstation

�� TCP/IP �� Tivoli Identity Manager

Server� �� .

�� IBM® Windows NT ��

� �� .

�� Windows 2000 Agent ��

�� .

�� IBM �� Tivoli Identity Manager

Application Server� Windows 2000 Server � ��

� ��. ��

�� .

��

Windows 2000 Agent� ��

�� . �� . �

��

�� .

� ��, Windows 2000 Agent� �� Windows �� ,

�� .

1 ��: ��

Tivoli Identity Manager Windows 2000 Agent �� IBM � ��

�� . � �� IBM ��

� ��.

�� Windows 2000 Agent� ��.

Windows 2000 Agent �� C:\Tivoli\Agents\Win2000Agent

��. �� 5 �� 1 ��: �� .

2 ��: ��

�� 6 �� 2 ��: �� .

3 ��: ��

DAML �� Tivoli Identity Manager Server� ��

�� . �� 6 �� 3 ��: ��

��.

4 ��: ��

�� . � DAML �� Tivoli Identity Manager

Server� �� . �� 7 �� 4 ��: ��

�� .

5 ��: ��

Tivoli Identity Manager Server� �� . ��

� 7 �� 5 ��: �� .

6 ��: ��

Windows 2000 Agent� Tivoli Identity Manager Server� ��

�. �� 7 �� 6 ��: ��

��.

7 ��: ��

Tivoli Identity Manager Server�� . ��

8 �� 7 ��: �� .

8 ��: ��

�: �� .

Windows 2000 Active Directory��

��.

�� 9 �� 8 ��: �� .

1 ��: ��

Windows 2000 Agent� �� . ��

�� .

Tivoli Identity Manager Windows 2000 Agent �� IBM � ��

�� . � �� IBM ��

� ��.

�� .

1. IBM � �� Windows 2000 Agent �� zip �� .

2. Windows 2000 Agent �� zip �� .

3. �� ...� �� , �� Setup.exe� ��

��. :

C:\Temp\Setup.exe

�� .

4. �� .

�� .

5. �� . � ��, ��

��.

6. �� .

�� .

� 2 �� 5

7. �� .

�� .

8. �� .

�� .

9. �� .

2 ��: ��

Windows 2000 Agent� Windows 2000 Server� ��

�� . �� .

Windows 2000 Agent �� Windows 2000 Agent �

�� .

3 ��: ��

Windows 2000 Agent� DAML �� Tivoli Identity Manager Server

�� . �� . ��

� �� DAML �� . �� 28 ��

� �� .

�: DAML �� . � ��

� �� 45 �� 6 �� .

�� 1. ��

4 ��: ��

DAML �� . � �� CA(Certificate

Authority)�� CA� ��

�. Windows 2000 Agent� �� . � ��

� �� 45 �� 6 �� .

� �� , Tivoli Identity Manager Server� � CA� ��

�. �� Tivoli Identity Manager Server Configuration Guide� ��

��.

�: �� DAML �� . ��

�� .

5 ��: ��

�� Tivoli Identity Manager Server� ��

� �� . Tivoli Identity Manager Server

� �� 11 �� 3 ��

�� .

�: �� , � ��

��. Tivoli Identity Manager ��

�. � ��

��. �� Tivoli Identity Manager ��

� ��.

6 ��: ��

DAML ��

�� . ��

� �� .

�: � �� . ��

�� Tivoli Identity Manager Server� �� .

�� Tivoli Identity Manager Server� ��.

1. �� .

�� 28 �� .

2. �� DAML� ��.

3. SRV_NODENAME� ��.

� 2 �� 7

4. Tivoli Identity Manager Server� �� IP ��

�� Enter� ��.

�� .

5. SRV_PORTNUMBER� ��.

6. Tivoli Identity Manager Server� ��

� �� Enter� ��.

�� .

7. SRV_USERNAME� ��.

�� Enter� ��.

�� .

9. SRV_PASSWORD� ��.

�� Enter� ��.

�� .

7 ��: ��

Tivoli Identity Manager Server��

�� . �� Tivoli Identity Manager Policy and Organization

Administration Guide� ��.

Windows 2000 Agent� �� Directory Server�

��. � � OU �� DC �� . ��

��. �� .

�� Directory Server� �� .

dc=irvine,dc=IBM,dc=com

�� .

dc=engineering,dc=irvine,dc=IBM,dc=com

��

��. �� , ��

��.

�: �� . ��

� ��

��.

8 ��: ��

�� Windows 2000 Active Directory�� ,

Tivoli Identity Manager Agent� � �� Windows 2000 Agent

�� . � �� 15 �� 4

�� .

� 2 �� 9

� 3 � ��

� �� . Windows 2000 Agent� Tivoli

Identity Manager Server� ��

� �� .

� �� Tivoli Identity Manager Server� Windows 2000 Agent ��

�� . � ��

�� . �� .

�, � �� . ��

�� .

2. �� , Tivoli Identity Manager Server��

�� .

3. WebLogic Application Server ��

� �� . ��

��, ��

�� .

4. WebSphere Application Server ��, ��

�� Network Deployment Manager� ��

� �� . ��

�� .

��

�� Tivoli Identity Manager Server� Windows 2000 Agent ��

�� , �� . Windows 2000

Agent �� .

� 2. ��

�� Tivoli Identity Manager

Server� �� .

� �� Tivoli Identity Manager Server� �� root

�� .

��

1. root� Tivoli Identity Manager Server� ��.

2. IBM � �� Windows 2000 Agent �� zip �� zip �

�� .

�: �� IBM ��

�� .

3. �� .

v UNIX® �� Tivoli Identity Manager Server� ��:

– �� .

# cd /tmp

��, tmp� �� .

– �� Windows 2000 Agent ��

��.

# ./w2kprofile_<operating system>.bin

��, <operating system> aix, solaris �� hpxxxx� � ��

� �� .

�� .

v Windows� �� Tivoli Identity Manager Server� ��:

�� ...� �� , ��

�� w2kprofile.exe� ��. � ��, �� .

C:\temp\w2kprofile.exe

�� .

4. �� .

Tivoli Identity Manager � �� .

5. �� Tivoli Identity Manager Server � ��

��. �� ...� ��

� ��.

�� .

�: �� Tivoli Identity Manager Server � ��

�� , ITIM� ��

��.

�� .

6. �� .

�� .

��

��.

�� .

7. �� .

��

� �� . �� , ��

�� remote_resources �� . � ��, �� .

Windows:

C:\itim\data\remote_resources\nt40profile\

/itim/data/remote_resources/nt40profile/

� 3 �� 13

� 4 � ��

Windows 2000 Active Directory� ��

� � ��. Windows 2000 Agent� �� Windows 2000 ��

��. �� (��) ��

��. � �� Windows 2000 Agent� ��

� �� .

�: �� .

��

Windows Active Directory�� Windows 2000 Agent�

�� .

v exschema.txt �� .

v Tivoli Identity Manager Server�� schema.dsml �� .

v customlabels.properties �� .

v configure_remote_services �� .

�� .

�� Windows 2000 Agent� ��

� �� .

SCHEMA.DSML ��

schema.dsml �� .

<?xml version=“1.0” encoding=“UTF-8”?><dsml><directory-schema>(List of attributes)

(List of classes follow the attributes)

</directory-schema></dsml>

�� IDTivoli Identity Manager Server� LDAP �� Tivoli Identity

Manager �� , ��, ��, ��. LDAP Directory Server

� � � � �� OID(Object Identifier)� �� . �� Tivoli

Identity Manager� � �� OID� � ��.

OID� �� .

enterprise ID.product ID.agent ID.object ID.instance ID

enterprise ID� IBM� �� 1.3.6.1.4.1.6054��.

product ID� �� schema.dsml �� 3��

agent ID� Windows 2000 Agent� �� 26��.

object ID� 2��. �� ID� 2� ��.

instance ID� �� .

��

� schema.dsml �� . �� schema.dsml ��

�� Tivoli Identity Manager Server �� .

�: �� schema.dsml ��

�� .

<attribute-type single-value = “true” ><name>erSampleHome</name><description>User home directory</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.100</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax></attribute-type>

�: ��  �� .

�� . �� <attribute-type

single-value =“true”> �� . �� true �

false� ��.

<name>...</name> �� . IBM�� Windows

2000 Active Directory�� erW2k

� �� . �� Windows Active Directory� ��

� �� , �� . ��

� �� xforms.xml �� . ��/��

� �� 18 �� XFORMS.XML ��

��.

�� <description>...</description> �� .

OID� <object-identifier>...</object-identifier> ��

�. OID� �� OID�

�� . �� schema.dsml ��

� �� 1� �� .

� � <syntax>...</syntax> �� . ��

�� .

� 3. � � � ��

��

�� 1.3.6.1.4.1.1466.115.121.1.6

�� 1.3.6.1.4.1.1466.115.121.1.7

�� 1.3.6.1.4.1.1466.115.121.1.15

UTC �� 1.3.6.1.4.1.1466.115.121.1.24

�� 1.3.6.1.4.1.1466.115.121.1.27

��

schema.dsml �� . �� ,

�� . schema.dsml ��

� �� .

� �� . ��

�� .

�� attribute ref ��

required = “true”� required = “false”� ��.

� 4 �� 17

��

�� . ��

schema.dsml �� .

�� .

<class superior=“top” ><name>erSampleAccount</name><description>Sample Account</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.101</object-identifier><attribute ref = “eruid” required = “true” /><attribute ref = “erAccountStatus” required = “false” /><attribute ref = “erSampleGroups” required = “false” /><attribute ref = “erSampleHome” required = “false” /><attribute ref = “erSampleDesc” required = “false” /><attribute ref = “erPassword” required = “false” /></class>

� �� erSampleAccount�� eruid��. �

�� erAccountStatus� ��

��.

XFORMS.XML ��

xforms.xml �� Tivoli Identity Manager Server �� Windows 2000 Agent

�� . Windows 2000 Agent� �� xforms.xml

�� .

xforms.xml �� .

<?xml version=“1.0” encoding=“UTF-8”?><EnRoleTransformations>(attribute transformations)

</EnRoleTransformations>

�� xforms.xml �� .

Windows Active Directory Server� � �� , Windows

2000 Agent� Tivoli Identity Manager Server�� xforms.xml ��

�� .

<EnroleAttributeName=“attributename ” RemoteName=“attributename” ConvertReplaceToAddDelete=“true”>

��, attributename Windows Active Directory Server� � �� .

��

�� Tivoli Identity Manager Server� �� .

�� xforms.xml �� EnRoleAttribute �� . Name Tivoli

Identity Manager Server � LDAP Directory Server��

��. RemoteName �� .

� ��, �� GROUP��

��, GROUP �� .

��

Windows 2000 Agent xforms.xml ��

� Tivoli Identity Manager Server� ��. � ��

�� .

xforms.xml �� Windows 2000 Agent �� $Agent_Install\data ��

� ��.

xforms.xml �� Tivoli Identity Manager Server �� $ENROLE_HOME/data/

remote_resources/w2kprofile �� .

CustomLabels.properties ��

CustomLabels.properties �� (�� )� ��

� ASCII ��. � �� .

Attribute=Text

Attribute� xforms.xml �� . Text� ��

�� .

�: Attribute� �� . �� Tivoli Identity Manager Server ��

��.

##Sample Agent Label Definitions#ersamplegroups=Groupsersamplehome=Home Directoryersampledesc=Description

��

�� .

� 4 �� 19

ERSCHEMA.TXT ��

W2KString1W2KIntegerW2KDateW2KBooleanW2KMultiValueString

SCHEMA.DSML ��

SCHEMA.DSML File<?xml version=“1.0” encoding=“UTF-8”?><dsml>

<directory-schema>...<attribute-type single-value=“true”>

<name>erW2KString1</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.100</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value=“true”>

<name>erW2KInteger</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.101</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.27</syntax>

</attribute-type>

<attribute-type single-value=“true”><name>erW2KDate</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.102</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value=“true”>

<name>erW2KBoolean</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.103</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type>

<name>erW2KMultiValueString</name>

<description>List of string values</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.104</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type>...

<class superior=“top”>

<name>erW2KAccount</name><description>Windows account.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.1</object-identifier>...<attribute ref=“erW2KBoolean” required=“false”/><attribute ref=“erW2KDate” required=“false”/><attribute ref=“erW2KInteger” required=“false”/><attribute ref=“erW2KMultiValueString” required=“false”/><attribute ref=“erW2KString1” required=“false”/>

</class>...

</directory-schema></dsml>

XFORMS.XML ��

<?xml version=“1.0” encoding=“UTF-8”?>- - - <EnRoleTransformations>

...<EnRoleAttribute Name=“erW2KString1” RemoteName=“erW2KString1” /><EnRoleAttribute Name=“erW2KInteger” RemoteName=“erW2KInteger” /><EnRoleAttribute Name=“erW2KDate” RemoteName=“erW2KDate” /><EnRoleAttribute Name=“erW2KBoolean” RemoteName=“erW2KBoolean” /><EnRoleAttribute Name=“erW2KMultiValueString” RemoteName=“erW2KMultiValueString”ConvertToAddDelete=“true” />

</EnRoleTransformations>

## Win2KAgent Labels definitions#...erW2KString1=W2KString1erW2KInteger=W2KIntegererW2KDate=W2KDateerW2KBoolean=W2KBooleanerW2KMultiValueString=W2KMultiValueString

��

�� Windows Active Directory ��

Windows 2000 Agent �� . ��

�� .

� 4 �� 21

1 ��: ��

Windows�� Windows Active Directory ��

�� Windows Active Directory Server� �� . Windows

Active Directory� � �� Microsoft Windows ��

�� .

v ��

v UTC ��

IBM�� Tivoli Identity Manager� ��

erW2K� �� .

2 ��: exschema.txt ��

exschema.txt �� Windows Active Directory Server� ��

��. Windows 2000 Agent� Windows Active Directory Server� ��

�� .

1. Windows 2000 Agent �� .

2. �� .

3. �� exschema.txt �� .

� �� Windows 2000 Agent� data �� .

4. �� .

�: � � �� .

5. �� .

6. �� .

Windows �� .

3 ��: schema.dsml ��

Windows 2000 Agent schema.dsml �� Windows ��

��. Windows Active Directory Server��

�� .

� �� Tivoli Identity Manager Server� �� .

$ENROLE_HOME/data/remote_resources/w2kprofile/schema.dsml

� �� 15 �� SCHEMA.DSML ��

��.

1. Tivoli Identity Manager Server �� .

�: � �� .

2. $ENROLE_HOME/data/remote_resources/w2kprofile �� .

3. �� schema.dsml �� .

4. �� .

OID� �� 1� �� . � ��, ��

�� OID 1.3.6.1.4.1.6054.3.26.2.67� �� OID

1.3.6.1.4.1.6054.3.26.2.68� �� .

�: IBM�� .

� ��, �� OID: 1.3.6.1.4.1.6054.3.26.2.100��

��. �� Windows� ��

�� OID� �� .

5. �� .

6. schema.dsml �� .

4 ��: xforms.xml ��

Windows 2000 Agent � Tivoli Identity Manager Server �� xforms.xml �

� � �� . �� 18 ��

�XFORMS.XML �� .

�� Tivoli Identity Manager Server� �� xforms.xml ��

xforms.xml �� .

�� xforms.xml ��

2. �� .

3. � �� xforms.xml �� .

4. �� .

��, attributename � �� .

EnroleAttributeName Windows Active Directory� �� .

RemoteName Tivoli Identity Manager Server� �� .

� 4 �� 23

�: � �� , ��

ConvertReplaceToAddDelete=“true”� �� .

5. xforms.xml �� .

Tivoli Identity Manager Server� xforms.xml ��

IBM�� xforms.xml �� Tivoli Identity

Manager Server� xforms.xml �� . �� Tivoli

Identity Manager Server�� xforms.xml ��

��.

�: Tivoli Identity Manager Server� xforms.xml� �� , �

� Windows 2000 Agent� �� xforms.xml �� .

1. Tivoli Identity Manager Server �� .

�: � �� .

3. � �� xforms.xml �� .

4. �� .

��, attributename � �� .

EnroleAttributeName Windows Active Directory� �� .

RemoteName Tivoli Identity Manager Server� �� .

�: � �� , ��

ConvertReplaceToAddDelete=“true”� �� .

5. xforms.xml �� .

5 ��: CustomLabels.properties ��

�� schema.dsml �� Windows 2000 Agent �

�� . �� . ��

�� Directory Server �� . ��

�� CustomLabels.properties ��

�� . �� 19 �� CustomLabels.properties ��

� ��.

� �� $ENROLE_HOME/data/remote_resources/w2kprofile ��

2. �� CustomLabels.properties �� .

3. �� .

attribute=label

�: �� .

4. �� .

6 ��: Tivoli Identity Manager Server� � ��

schema.dsml � CustomLabels.properties �� , ��

�� Tivoli Identity Manager Server

� �� . ��

��.

1. Tivoli Identity Manager Server� �� $ENROLE_HOME/bin/solaris,

$ENROLE_HOME/bin/aix, $ENROLE_HOME/bin/hpux �� $ENROLE_HOME\bin\nt

�� .

� ��, Solaris �� Tivoli Identity Manager Server� �

� ��, $ENROLE_HOME/bin/solaris �� . Windows ��

� �� Tivoli Identity Manager Server� ��

$ENROLE_HOME\bin\nt �� .

2. configure_remote_services �� .

v UNIX �� Tivoli Identity Manager Server:

# ./configure_remote_services.sh w2kprofile

v Windows �� Tivoli Identity Manager Server:

configure_remote_services.cmd w2kprofile

�: Tivoli Identity Manager Server� �� 10� ��

��. �� 10� �� . ��

� Tivoli Identity Manager Server� �� .

��

�� Windows 2000 Agent �� . ��

��. �� Windows 2000 Agent� �� .

�� . ��

� �� Tivoli Identity Manager Policy and Organization Administration Guide

� ��.

� 4 �� 25

� 5 � ��

� �� agentCfg� �� Windows 2000

Agent �� . � ��

�� .

��

�� Windows 2000 Agent �� agentCfg ��

� �� .

1. �� , ��

��.

DOS � �� .

2. �� bin �� .

Windows 2000 Agent �� , �� .

cd \Tivoli\Agents\Win2000Agent\bin

3. �� agentCfg -agent Win2000Agent� ��.

Enter configuration key for Agent ’Win2000Agent’:

�� agentCfg� ��

�. -hostname � �� 41 ��

�� .

4. Windows 2000 Agent� �� .

�� . �� 28 ��

�� .

Win2000Agent 4.4.1021 Agent Main Configuration Menu-------------------------------------------A. Configuration Settings.B. Protocol Configuration.C. Event NotificationD. Change Configuration Key.E. Activity Logging.F. Registry Settings.G. Advanced Settings.H. Statistics

X. Done

Select menu option:

� �� .

v �� A� ��, ��

v �� B� ��, ��

v �� C� ��, 32 ��

v �� D� ��, 36 ��

v �� E� ��, 36 ��

v �� F� ��, 38 ��

v �� G� ��, 40 ��

v �� H� ��, 41 ��

��

�� Windows 2000 Agent �� .

1. �� A(Configuration Settings)� ��.

Windows 2000 Agent� �� . �� Windows 2000

Agent �� .

Configuration Settings-------------------------------------------Name : Win2000AgentVersion : 4.4.1021ADK Version : 4.27ERM Version : 4.27enRole Version : 4.0License : NONEAsynchronous ADD Requests : TRUE (Max.Threads:3)Asynchronous MOD Requests : TRUE (Max.Threads:3)Asynchronous DEL Requests : TRUE (Max.Threads:3)Asynchronous SEA Requests : TRUE (Max.Threads:3)Available Protocols : DAML, FTPConfigured Protocols : DAMLLogging Enabled : TRUELogging Directory : C:\Tivoli\Agents\Win2000Agent\LogLog File Name : Win2000Agent.logMax. log files : 3Max.log file size (Mbytes) : 1Debug Logging Enabled : TRUEDetail Logging Enabled : FALSE

Press any key to continue

2. �� .

��

�� DAML �� FTP� �� Tivoli Identity Manager Server� ��

� ��. �� DAML� ��

��. � �� DAML ��

� �� . FTP� ��

�� .

��. �� .

1. �� B(Protocol Configuration)� ��.

�� . ��

�� . DAML ��

Agent Protocol Configuration Menu-----------------------------------Available Protocols: DAML, FTPConfigured Protocols: DAMLA. Add Protocol.B. Remove Protocol.C. Configure Protocol.

X. Done

Select menu option

2. �� .

v �� A� ��, ��

v �� B� ��, ��

v �� C� ��, 30 ��

�� X� ��.

��

1. �� A(Add Protocol)� ��.

� ��

��. �� , �� .

2. �� .

�� . ��

�� . 30 ��

� �� .

��

1. �� B(Remove Protocol)� ��.

�� . ��

�� , �� .

2. �� .

��

�� . ��

�� .

� 5 �� 29

��

1. �� C(Configure Protocol)� ��.

�� .

2. �� .

�� .

�: �� .

�� DAML �� .

DAML Protocol Properties--------------------------------------------------------------------A. PORTNUMBER 45580 ;Protocol Server port number.B. USERNAME ****** ;Authorized user name.C. PASSWORD ****** ;Authorized user password.D. SRV_NODENAME 192.168.6.40 ;Event Notif. Server name.E. SRV_PORTNUMBER 443 ;Event Notif. Server port number.F. SRV_USERNAME ****** ;Event Notif. user name.G. SRV_PASSWORD ****** ;Event Notif. Server password.H. VALIDATE_CLIENT_CE FALSE ;Require client certificate.

X. Done

Select menu option:

3. �� .

DAML �� .

� 4. DAML ��

��

A(PORTNUMBER) �� .

Modify Property ’PORTNUMBER’:

�� . : 7004

�� .

B(USERNAME) �� .

Modify Property ’USERNAME’:

�� . : admin

�� .

C(PASSWORD) �� .

Modify Property ’PASSWORD’:

�� . : *******

�� .

� 4. DAML �� (��)

��

D(SRV_NODENAME) �� .

Modify Property ’SRV_NODENAME’:

�� . : 192.168.6.152

Tivoli Identity Manager Server� IP �� DNS ��

��.

E(SRV_PORTNUMBER) �� .

Modify Property ’SRV_PORTNUMBER’:

� ��. : 7004

�� .

F(SRV_USERNAME) �� .

Modify Property ’SRV_USERNAME’:

�� . : admin

�� .

G(SRV_PASSWORD) �� .

Modify Property ’SRV_PASSWORD’:

�� . : *****

�� .

H(VALIDATE_CLIENT_CE) �� .

Modify Property ’VALIDATE_CLIENT_CE’:

�� Tivoli Identity Manager Server�

�� .

Tivoli Identity Manager Server� � ��

�� .

�: � �� CertTool� D - H ��

� �� .

4. � �� Enter� ��.

�� .

�: �� Enter� ��

��.

� 5 �� 31

��

�� . �� Tivoli Identity Manager Server�

�: �� . ��

�� .

1. �� C(Event Notification)� ��.

�� .

Event Notification Menu--------------------------------------------------------------* Reconciliation interval : 1 day(s)* Next Reconciliation time : 23 hour(s) 56 min(s). 23 sec(s).* Configured Contexts : Jupiter, dd309A. EnabledB. Time interval between reconciliations.C. Set Processing cache size. (currently: 50 Mbytes)D. Start event notification now.E. Set attributes to be reconciled.F. Reconciliation process priority. (current: 1)G. Add Event Notification Context.H. Modify Event Notification Context.I. Remove Event Notification Context.J. List Event Notification Contexts.

X. Done

Select menu option:

2. �� .

�: �� A� �� .

� 5. ��

��

A � �� , ��

�� .

v �� , �� .

B(Time interval between

reconciliations)

�� .

Enter new interval([ww:dd:hh:mm:ss])[00:01:00:00:00]:

�� .

� �� Enter� �

��.

� 5. �� (��)

��

C(Set processing cache

�� .

Enter new cache size[5]:

�� .

� �� Enter� �

��.

D(Start event notification

� �� .

E(Set attributes to be

reconciled)

�� . �� 34 ��

�� .

F(Reconciliation process

priority)

�� .

Enter new thread priority [1-10]:

�� .

� �� Enter� �

��.

G(Add Event Notification

Context)

�� .

Context name :

� �� Enter� ��. � ��

��.

H(Modify Event

Notification Context)

�� . �� 34 �

�� .

I(Remove Event

Notification Context)

�� . ��

�� .

Delete context context1? [no]:

�� Enter� ��, ��

�� Enter� ��.

J(List Event Notification

Contexts)

�� .

Context Name : Context1Target DN :erservicename=context1,o=IBM,ou=IBM,dc=com--- Attributes for search request ---{search attributes listed}-----------------------------------------------

3. �� B, C, E �� F� � �� Enter� ��.

�� .

�: �� .

� 5 �� 33

��

�� . �� (: ��

��) � � � ��.

1. �� E(Set attributes to be reconciled)� ��.

�� .

Event Notification Entry Types-------------------------------------------A. USERB. GROUPX. DoneSelect menu option:

2. �� A� ��

�� B� ��.

�� .

�: �� .

Event Notification Attribute Listing-------------------------------------(a) ** (b) ** (c) **(d) ** (e) ** (f) **(g) ** (h) ** (i) **(j) ** (k) ** (l) **(m) ** (o) ** (q) **(r) ** (s) ** (t) **

(p)rev page 1 of 3 (n)ext-----------------------------

X. DoneSelect menu option:

3. �� .

�� . ��

�� .

��

1. �� H(Modify Event Notification Context)� ��.

�� .

Modify Context Menu------------------------------A. Context1B. Context2C. Context3X. DoneSelect menu option:

2. �� .

�� .

A. Set attributes for searchB. Target DN:C. Delete Baseline DatabaseX. DoneSelect menu option:

�� A� �� .

�� B� �� DN ��

�� C� �� 36 ��

�� .

��

1. �� A(Set attributes for search)� ��

��.

�� .

Reconciliation Attributes Passed to Agent for Context: Context1--------------------------------------------------------------------------------------------------------A. Add new attributeB. Modify attribute valueC. Remove attributeX. DoneSelect menu option:

2. �� .

�� .

�� DN ��

1. �� B(Target DN)� ��.

�� .

Enter Target DN:

2. �� DN� �� Enter� ��.

�� DN �� .

erservicename=nameofservice,o=organizationname,ou=tenantname,dc=com

DN� � �� .

erservicename

��

o ��

� 5 �� 35

ou �� (tenant)� ��. �� , �

� �� .

dc=com

��

�� DN� �� .

��

� ��

� �� .

�� C(Delete Baseline Database)� ��

��.

��

�� .

��

�� Windows 2000 Agent �� . � �

� �� .

1. �� D(Change Configuration Key)� ��.

2. � �� Enter� ��.

Enter new configuration key for Agent ’Win2000Agent 4.4.1021’:

�� Enter� ��. ��

�� .

�: �� .

�� .

Configuration key successfully changed.

�� .

��

��. �� , Tivoli Identity Manager� ��

�� Win2000Agent.log� �� .

1. �� E(Activity Logging)� ��.

�� . ��

��.

Agent Activity Logging Menu-------------------------------------A. Activity Logging (Enabled).B. Logging Directory (current: C:\Tivoli\Agents\Win2000Agent\Log).C. Activity Log File Name (current: Win2000Agent.log).D. Activity Logging Max. File Size ( 1 mbytes)E. Activity Logging Max. Files ( 3 )F. Debug Logging (Enabled).G. Detail Logging (Disabled).H. Base Logging (Disabled).X. DoneSelect menu option:

2. �� .

�: �� A(Activity Logging)� ��

� 6. ��

��

A(Activity Logging) � �� , Tivoli Identity Manager� ��

�� .

v �� , �� .

B(Logging Directory) �� . : C:\Log ��

��, � ��

��.

� �� Enter� �

��.

C(Activity Log File Name) �� . �� ,

� �� .

� �� Enter� �

��.

D(Activity Logging Max

File Size)

� � ��(: 10). ��

� �� . �� MB��. ��

� �� .

� �� Enter� �

��.

E(Activity Logging Max

Files)

� � ��(�: 100). : 5. ��

�� .

� �� Enter� �

��.

� 5 �� 37

� 6. �� (��)

��

F(Debug Logging) � �� , ��

� �� .

�� .

v �� , �� .

G(Detail Logging) � �� , ��

� �� .

�: �� . ��

�� , �� .

�� .

v �� , �� .

H(Base Logging)� �� , �� ADK � ��

�� .

v �� , �� .

3. �� B, C, D �� E� � �� Enter� ��.

�� .

�: �� .

��

��.

1. �� F(Registry Settings)� ��.

�� .

Win2000Agent 4.4.1021 Agent Registry Menu-------------------------------------------A. Modify Non-encrypted registry settings.B. Modify encrypted registry settings.C. Multi-instance settings.X. DoneSelect menu option:

2. �� .

��

�: � �� .

1. �� A(Modifying Non-encrypted Registry Settings)�

��.

�� .

Agent Registry Items---------------------------

01. ENROLE_VERSION ’4.0’--------------------------------

A. Add new attributeB. Modify attribute valueC. Remove attributeX. DoneSelect menu option:

2. �� .

v A) Add new attribute

v B) Modify attribute value

v C) Remove attribute

v X) Done

3. � �� Enter� ��.

4. �� A �� B� �� Enter� ��

�� .

��

� �� .

�: � �� .

1. �� C(Multi-instance Settings)� ��.

Windows 2000 Agent �� .

Win2000Agent 4.4.1021 Agent Instance Class Menu--------------------------------------------------------------------------------------------------------------A. Select instance class.X. Done.

2. �� .

3. �� Enter� ��.

��.

� 5 �� 39

��

�� .

v ��

1. �� G(Advanced Settings)� ��.

�� . �� .

Win2000Agent 4.4.1021 Advanced Settings Menu-------------------------------------------A. Single Thread Agent (current:TRUE)B. ADD max. thread count. (current:3)C. MODIFY max. thread count. (current:3)D. DELETE max. thread count. (current:3)E. SEARCH max. thread count. (current:3)F. Allow User EXEC procedures (current:FALSE)G. Archive Request Packets (current:FALSE)H. UTF8 Conversion support (current:TRUE)I. Pass search filter to agent (current:FALSE)J. Thread Priority Level (1-10) (current:4)X. DoneSelect menu option:

2. �� .

�: �� UTF8 Conversion support � ��

FALSE� �� .

� 7. DAML ��

��

A(Single Thread Agent) �� .

B(ADD max. thread count) � �� .

C(MODIFY max. thread count) � �� .

D(DELETE max. thread count) � �� .

E(SEARCH max. thread count) � �� .

F(Allow User EXEC procedures) �� pre- � post-exec ��

��. � ��

��. � �� .

G(Archive Request Packets) ��

��. � �� FTP ��

�� . ��

� �� .

� 7. DAML �� (��)

��

H(UTF8 Conversion support) � �� .

I(Pass search filter to agent) ��

��

�� .

�� . �

�� .

J(Thread Priority Level (1-10)) �� .

3. � �� Enter� ��.

�� .

��

1. �� H(Statistics)� ��.

�� .

Win2000Agent 4.4.1021 Agent Request Statistics--------------------------------------------------------------------Date Add Mod Del Ssp Res Rec

-----------------------------------------------------------------

11/15/02 000001 000000 000000 000000 000000 000001

-----------------------------------------------------------------

X. Done

2. �� X� ��.

��

�� agentCfg ��

��.

1. �� Windows 2000 Agent bin �� .

v �� X� ��.

v 27 �� 1 � 2� ��

��.

2. �� agentCfg -help� �� .

�� .

� 5 �� 41

-version ; Show version-hostname < value> ; Target nodename to connect to (Default:Local host IP address)-findall ; Find all agents on target node-list ; List available agents on target node-agent <value> ; Name of agent-tail ; Display agent’s activity log-schema ; Display agent’s attribute schema-portnumber <value>; Specified agent’s TCP/IP port number-netsearch <value> ; Lookup agents hosted on specified subnet-confidencetest ; Confidence test-setup ; Confidence test setup-help ; Display this help screen

�� .

� 8. � � �

-version agentCfg �� .

-hostname <value> �� -hostname ��

��.

v -findall

v -list

v -tail

v -agent

�� IP �� .

-findall ��

�� . �� -list �� . ��

�� -hostname �� .

-list ��

��. �� Windows 2000 Agent� ��

��. �� -hostname �� .

-agent <value> �� . ��

�� . ��

-hostname �� . �� -tail ��

� � �� .

-tail �� -agent ��

��. ��

-hostname �� .

-schema �� -agent ��

��.

-portnumber <value> �� TCP/IP �� -agent ��

�� .

-netsearch <value> �� -agent ��

�� .

-confidencetest �� , ��, ��, ��

�� . � �� Tivoli Identity

Manager Server ��

��.

-setup �� .

� 8. � � � (��)

-help agentCfg� �� .

3. �� agentCfg � �� .

�� agentCfg� �� .

� 9. �

��

-argument : agentCfg -list ��

� � �� IP ��

�. Tivoli Identity Manager Server� �� 44970

��.

Agent(s) installed on node ’127.0.0.1’-----------------------Win2000Agent (44970)

-argument <value> : agentCfg -agent Win2000Agent ��

� � Windows 2000 Agent ��

� �� agentCfg �� .

-argument <value>-argument

��

-argument -argument <value>

: agentCfg -list -hostname 192.9.200.7 ��

� � IP �� 192.9.200.7 ��

��. Windows 2000 Agent� �� 44970�

��.

Agent(s) installed on node ’192.9.200.7’------------------Win2000Agent (44970)

-argument <value> -argument <value> : agentCfg -agent Win2000Agent -hostname

192.9.200.7 ��

� � IP �� 192.9.200.7 �� agentCfg �

�� . Windows 2000 Agent

�� .

� 5 �� 43

� 6 � ��

� �� (CertTool)� �� Tivoli Identity Manager

�� (digital certificate)� �� .

� � �� SSL(Secure Sockets Layer) �� .

�� , �� CA(Certificate Authority) �� CA�

� �� . ��

� �� .

� �� Tivoli Identity Manager ��

� ��. SSL� �� Tivoli Identity Manager Server �� IBM

Tivoli Identity Manager System Configuration Guide� ″Managing Digital

Certificates″ � ��.

�: �� , ��

�� .

SSL � ��

��. Tivoli Identity Manager ��

SSL(Secure Sockets Layer) �� .

SSL �� ID� ��

� �� . �� SSL ��

�� . � ��(��)� ��

�� ID� �� . ��

�� .

SSL� �� .

v SSL � ��

��.

v �� SSL � �� ID� ��

��.

v ″��″ ��

�� ID� ��.

v �� CA(Certificate Authority)

� �� (�� )� �� . �� CA � ��

�� .

v �� , �� CA��

�� .

�: �� SSL� �� Tivoli Identity Manager� � ��

� �� .

��-�� SSL� ��

�� WebSphere �� WebLogic Application Server�� Tivoli Identity Manager

�� . � �� Tivoli Identity Manager Server� ��

�� (��-��)� �� .

�� :

v Tivoli Identity Manager Server � �� SSL��

v RSA SSL-C �� Open SSL� ��.

Tivoli Identity Manager �� , Tivoli Identity

Manager Server� � CA �� .

�: �� ″ITIM ��″� IBM Tivoli Identity Manager Server�

��.

�� 2. ��-�� SSL� ��

� Tivoli Identity Manager Server� �� . � Tivoli

Identity Manager Server� �� CA �� . ��

� CA � �� .

��

�� Windows 2000 Agent � �� CertTool ��

�� .

1. �� , ��

��.

Microsoft Windows DOS � �� .

2. �� bin �� .

Windows 2000 Agent �� , �� .

cd \Tivoli\Agents\Win2000Agent\bin

3. �� CertTool -agent Win2000Agent� ��.

�� .

Main menu - Configuring agent: Win2000Agent------------------------------

A. Generate private key and certificate requestB. Install certificate from fileC. Install certificate and key from PKCS12 fileD. View current installed certificate

E. List CA certificatesF. Install a CA certificateG. Delete a CA certificate

H. List registered certificatesI. Register certificateJ. Unregister a certificate

X. Quit

Choice:

�� :

�� CSR(Certificate Signing Request)� ��

�� . ��

� ��.

A CA(Certificate Authority)� �� CSR(Certificate Signing Request)

� �� .

� 6 � �� 47

B �� . � �� CA� �� A� �� CSR

� �� .

C �� PKCS12 � ��

��. �� A � B� �� , ��

� � PKCS12 �� .

D �� .

�� SSL� �� :

�� (�� )� ��

��.

�� .

� �� CA � �� . CA � Tivoli Identity

Manager �� Tivoli Identity Manager Server��

� �� .

E �� CA �� . �� CA � � ��

��.

F � CA�� CA ��

��. CA � �� X.509, 2� �� PEM ��

G �� CA � � �� .

�� SSL �� :

�� (�� )� ��

��.

�� .

� �� Tivoli Identity Manager Server� ��

�� . � �� SSL ��

� Tivoli Identity Manager Server� �� . ��

� CA � �� Tivoli Identity Manager Server� ��

�� , �� Tivoli Identity

Manager Server�� .

H �� .

I � �� . �� Base 64 �� X.509 ��

��.

J �� (�)��.

� �� .

v �� A� ��, ��

v �� B� ��, 51 ��

v �� C� ��, 51 �� PKCS12 ��

v �� D� ��, 51 ��

v �� E� ��, 52 �� CA � ��

v �� F� ��, 52 �� CA � ��

v �� G� ��, 52 �� CA � ��

v �� H� ��, 53 ��

v �� I� ��, 53 ��

v �� J� ��, 53 ��

�� X� ��.

��

�� Windows 2000 Agent �� .

1. �� A(Generate a private key and certificate request)

� ��.

Enter values for certificate request (press enter to skip value)-------------------------------------------------------------------------

2. �� Enter� ��.

Organization:

3. �� Enter� ��.

Organizational Unit:

4. �� Enter� ��.

Agent Name:

5. �� Enter� ��.

Email:

6. �� Enter� ��.

Country:

7. �� (�� ) � Enter�

��.

� 6 � �� 49

State:

�: �� CA(Certificate Authority)� �� 2��

8. �� Enter� ��.

Locality:

9. �� Y� �� N� �� Enter

� ��.

Accept these values (y/n)?

� �� .

10. PEM � �� Enter� ��.

Enter name of file to store PEM cert request (Enter to cancel):

11. Enter� ��.

�� .

�� CA� �� .

��

�� .

Enter values for certificate request (press enter to skip value)-----------------------------------------------------------------Organization: ibmOrganizational Unit: engineeringAgent Name: ntagentEmail: admin@ibm.comCountry: USState: CaliforniaLocality: IrvineAccept these values (y/n)? yGenerating key pair and certificate request ...Enter name of file to store PEM cert request (Enter to cancel) : request.pemCertificate request written to request.pem. Press Enter to continue.

request.pem ��

��

�� . � �

� �� CA(Certificate Authority)��

��.

�: �� , ��

�� (�� )� �� bin ��

��.

1. �� B(Install certificate from file)� ��.

�� .

Enter name of certificate file:

2. � �� Enter� ��.

�� .

PKCS12 ��

�� PKCS12(.pfx) ��

�� . � ��

� � ��.

�: � �� bin �� .

: C:\Tivoli\Agents\<agentname>\bin

1. �� C(/ph>(Install certificate and key from PKCS12 file)

� ��.

2. � � �� PKCS12 �� Enter�

��.

Enter name of PKCS12 file:

: DamlSrvr.pfx

3. �� Enter� ��.

Enter password:

� � �� .

��

�� D(View currently installed certificates)� ��

� �� .

�� D(View currently installed certificates)� ��.

� 6 � �� 51

�� . ��

��.

The following certificate is currently installed.Subject: c=US,st=California,l=Irvine,o=DAML,cn=DAML Server

CA ��

�� CA �� .

�� E(List CA certificates)� ��.

�� CA �� . �� .

Subject: o=IBM,ou=SampleCACert,cn=TestCAValid To: Wed Jul 26 23:59:59 2006

CA ��

�� CA �� .

1. �� F(Install a CA certificate)� ��.

�� .

2. � �� Enter� ��.

� �� .

e=admin@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Engineering,cn=EngInstall the CA? (Y/N)

3. Y� �� Enter� ��.

CA � �� CACerts.pem �� .

CA ��

�� CA �� .

1. �� G(Delete a CA certificate)� ��.

�� CA �� .

0 - e=admin@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Engineering,cn=Eng1 - e=support@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Support,cn=SupportEnter number of CA certificate to remove:

2. �� CA � �� Enter� ��.

CA �� CACerts.pem �� .

��

��. ��

� ��.

�� H(List registered certificates)� ��.

�� . �� .

0 - e=admin@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Engineering,cn=Eng1 - e=support@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Support,cn=Support

��

�� .

1. �� I(Register certificate)� ��.

�� .

2. �� Enter� ��.

�� .

e=admin@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Engineering,cn=EngRegister this CA? (Y/N)

3. Y� �� Enter� ��.

�� .

��

�� .

1. �� J(Unregister a certificate)� ��.

�� . �� .

0 - e=admin@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Engineering,cn=Eng1 - e=support@ibm.com,c=US,st=California,l=Irvine,o=IBM,ou=Support,cn=Support

2. � �� Enter� ��.

�� .

3. Y� �� Enter� ��.

�� .

� 6 � �� 53

�� A. ��

Windows 2000 Agent� Tivoli Identity Manager ��

�� . Tivoli Identity Manager �� Tivoli Identity Manager Server

�� .

��

� �� Windows 2000 Agent� ��. �� Tivoli

Identity Manager Server� Windows 2000 Agent��

�� .

�� Windows 2000 Agent�� . �

�� .

� 10. ��

�� Directory Server ��

AccountExpirationDate erW2KExpirationDate ��

� �

AllowDialin erW2KAllowDialin ��

��

AllowEncryptedPassword erW2KAllowEncryptedPassword ��

��

BadLoginCount erW2KBadLoginCount ��

� �

��

CallbackNumber erW2KWTSCallbckNumber DialinCallBack� ��

� ��

��

CallbackSettings erW2KWTSCallbckSettings ��

��

CannotBeDelegated erW2KCannotBeDelegated ��

� � ��

��

Company erCompany ��

��

� 10. �� (��)

Container erW2KContainer ��

�� . ��

� ��.

�� . ��

�� .

��

ContainerName erW2KContainerName ��

ContainerDN erW2KContainerDN �� DN ��

Department erDepartment ��

��

Description description ��

��

DialinCallback erW2KDialinCallback ��

��.

��

DomainName erW2KDomainName ��

��

DomainUser erW2KDomainUser Active Directory� � � ��

� �� ID

��

DomainPassword erW2KDomainPassword Active Directory� ��

�� ID� ��

��

DontExpirePassword erW2KPasswordNeverExpires ��

��

Division erDivision �� (��) � ��

��

EmailAddress mail ��

��

EmployeeID erW2KEmployeeID �� ID ��

��

FaxNumber erW2Kfax ��

��

FirstName givenName ��

��

ForcePasswordChange erW2KPasswordForceChange ��

��

FullName cn �� (�� ) ��

��

Group erW2KGroup ��

� 10. �� (��)

GroupCommonName erW2KGroupCommonName ��

GroupDN erW2KGroupDN �� DN ��

GroupType erW2KGroupType ��

GroupName erW2KGroupName ��

GroupNameAlias erW2KGroupNameAlias ��

HomeDirectory erW2KHomeDir ��

� �� . � ��

� �� UNC ��

��.

\\machine\share\path

��

HomeDirectoryDrive erW2KHomeDirDrive UNC ��

��

�� ‘d:’

��

HomeDirNtfsAccess erW2KHomeDirNtfsAccess �� NTFS ��

��

HomeDirShare erW2KHomeDirShare � �� .

�� $� ��

��.

��

HomeDirShareAccess erW2KHomeDirShareAccess ��

��

HomePage erW2KHomePage �� URL(Uniform

Resource Locator)

��

Initial erW2KInitial ��

��

IsAccountLocked erW2KIsAccountLocked ��

� ��

��

Languages erW2KLanguages ��

��

LastFailedLogin erW2KLastFailedLogin ��

� ��

� �

LastLogin erW2KLastLogon ��

� �

LastLogoff erW2KLastLogoff ��

��

� �

�� A. �� 57

� 10. �� (��)

LastName sn ��

��

LoginHours erLogonTimes ��

� ��. ��

��

�� .

��

�� (LT)

(1�� )

LoginScript erW2KLoginScript ��

��

LoginWorkstations erW2KLoginWorkstations ��

�� , BSTR �

� ��.

��

Manager erW2KManager �� ID

� �� ID

��

MaxStorage erMaxStorage ��

�(KB)

��

NamePrefix erW2KNamePrefix �� (: Ms. ��

��

NameSuffix erW2KNameSuffix �� (: Jr. �� III.) ��

��

NoChangePassword erW2KNoChangePassword ��

��

OfficeLocations erW2KOfficeLocations ��

��

OtherName erW2KOtherName �� (: �� ) ��

��

PasswordExpirationDate erPasswordExpiresOn ��

� �

PasswordLastChanged erW2KPasswordLastChange ��

� �

PasswordMinimumLength erW2KPasswordMinimumLength � �� Long

��

PasswordRequired erW2KPasswordRequired ��

��

PostalCity I �� (Directory

Server �� l� ��)

��

� 10. �� (��)

PostalCountry c �� . ��

� �� 66 ��

�PostalCountry � ��.

��

PostalPoBox postOfficeBox ��

��

PostalState st �� /� ��

��

PostalStreet street ��

��

PostalZipCode postalCode ��

��

Profile erProfile ��

��

RequireUniquePassword erW2KRequireUniquePassword � ��

� ��

��

SmartCardRequired erW2KSmartCardRequired ��

� ��

��

TelephoneHome homePhone ��

��

TelephoneMobile mobile ��

��

TelephonePager pager ��

��

TelephoneWork telephoneNumber ��

��

Title title ��

��

TrustedForDelegation erW2KTrustedForDelegation ��

�� , ��

��

UserStatus erAccountStatus ��

��

�� /�� .

��

userexec erSystemCall ��

��

�� A. �� 59

� 10. �� (��)

UserName eruid �� ID ��

��

UserPassword erPassword ��

��

UPN erW2KUPN ��

��

WtsAllowLogon erWTSAllowLogon ��

��

WtsBrokenTimeout erW2KWTSBrokenTimeout ��

��

WtsCallbackNumber erW2KWTSCallbackNumber Citrix ICA ��: ��

��

WtsCallbackSettings erW2KWTSCallbackSettings Citrix ICA ��: ��

��

�� .

1 - ��

��

�� .

WtsCallbackNumber � ��

� �� .

2 - �� WtsCallbackNumber �

� ��

�� .

��

WtsClientDefaultPrinter erW2KWTSClientDefaultPrinter RDP 5.0 �� Citrix ICA �

��: ��

��

WtsClientDrives erW2KWTSClientDrives Citrix ICA ��: ��

��

WtsClientPrinters erW2KWTSClientPrinters RDP 5.0 �� Citrix ICA �

��: ��

��

� 10. �� (��)

WtsHomeDir erW2KWTSHomeDir ��

��

��. � ��

UNC ��(\\machine\share\path)� �

�� . WTS ��

�� .

��

WtsHomeDirDrive erW2KWTSHomeDirDrive WtsHomeDir �� UNC

��

� ��

��

� ‘d:’

WtsHomeDirNtfsAccess erW2KWTSHomeDirNtfsAccess � ��

��

WtsHomeDirShare erW2KWTSHomeDirShare WTS � ��

�. �� $� ��

��.

��

WtsHomeDirShareAccess erW2KWTSHomeDirShareAccess WTS � ��

� ��

��

WtsInheritInitialProg erW2KWTSInheritInitialProg ��

� �� . �

�� , WtsInitialProgram�

��

��. ��

��

��.

��

WtsInitialProgram erW2KWTSInitialProgram ��

��

�� .

WtsInheritInitialProgram � 1� �

�, ��

��

WtsProfilePath erW2KWTSProfilePath ��

��

�� A. �� 61

� 10. �� (��)

WtsReconnectSettings erW2KWTSReconnectSettings � ��

� ��

0 - ��

� ��

� � � ��. ��

� ��

�� , ��

��

��.

1 - ��

��

� � ��. ��

�� , �

�� .

��

WtsRemoteHomeDir erW2KWTSRemoteHomeDir Windows ��

��

WtsServerName erW2KWTSServerName �� Windows ��

��

WtsShadowSettings erW2KWTSShadowSettings RDP 5.0 �� Citrix ICA �

��: ��

�� . ��

��

��.

��

WtsTimeoutConnections erW2KWTSTimeoutConnections � �� (��)� ��

� . ��

1� ��

�� . WtsBrokenTimeout

� ��

�� . ��

�� . 0

��

��.

Unsigned Long

��

WtsTimeoutDisconnections erW2KWTSTimeoutDisconnections ��

� ��

� ��(��)� �� . 0

��

��.

Unsigned Long

��

� 10. �� (��)

WtsTimeoutIdle erW2KWTSTimeoutIdle � �� (��)� �� .

��

�� , WtsBrokenTimeout

� ��

�� . 0 ��

�� .

Unsigned Long

��

WtsWorkingDir erW2KWTSWorkingDir ��

��

�� Windows 2000 Agent ��. � �

�� .

��

�� .

� 11. ��

��

LoginID � ��

��

�� .

� 12. ��

��

�� Active Directory�� .

� 13. ��

��

�� . ��

�� .

�� A. �� 63

� 14. ��

��

�� . �

� ��

��.

� 15. ��

��

�� Tivoli Identity Manager� ��

��. �� . ��(*)� ��

�� .

� 16. ��

��

AccountExpirationDate

AllowDialin

AllowEncryptedPassword

BadLoginCount*

CannotBeDelegated

Company

Container

Department

Description

DialinCallback

Division

DontExpirePassword

EmailAddress

EmployeeID

FaxNumber

FirstName

ForcePasswordChange

FullName

HomeDirectory

HomeDirectoryDrive

HomeDirNtfsAccess

HomeDirShare

HomeDirShareAccess

HomePage

Initial

IsAccountLocked*

Languages

LastFailedLogin*

LastAccessDate*

LastLogoff*

LastName

LoginHours

LoginScript

LoginWorkstations

Manager

MaxStorage

NamePrefix

NameSuffix

NoChangePassword

OfficeLocations

OtherName

PasswordExpirationDate

PasswordLastChanged*

PasswordMinimumLength

PasswordRequired

PostalCity

PostalCountry

PostalPoBox

PostalState

PostalStreet

PostalZipCode

Profile

RequireUniquePassword

SmartCardRequired

TelephoneHome

TelephoneMobile

TelephonePager

TelephoneWork

TrustedForDelegation

UserAccountDisabled

Systemcall

UserPassword

WtsAllowLogon

WtsBrokenTimeout

WtsCallbackNumber

WtsCallbackSettings

WtsClientDefaultPrinter

WtsClientDrives

WtsClientPrinters

WtsHomeDir

WtsHomeDirDrive

WtsHomeDirNtfsAccess

WtsHomeDirShare

WtsHomeDirShareAccess

WtsInheritInitialProg

WtsInitialProgram

WtsProfilePath

WtsReconnectSettings

WtsRemoteHomeDir

WtsServerName

WtsShadowSettings

WtsTimeoutConnections

WtsTimeoutDisconnections

WtsTimeoutIdle

WtsWorkingDir

�� A. �� 65

PostalCountry �

�� Windows 2000 Agent� �� .

�� PostalCountry ��

� �� . ��

�� . ��

�� .

��

� ��

��

�� (��) ��

��

�� , ��

��

��(��: ��) ��

� ��

��

� � ��(��)

��

�� (��)

��

�� (��) ��

�� (�� )

��

��, ��

��

��(��) ��

��(� �� ) ��

��

�� A. �� 67

��

!��

��

� ��

��

"� ��

#��

��

��(�� ) ��

��

�# ��

��

�� & ��

��

�� (��)

��

�� $

��

��, ��

��

�� A. �� 69

�� B. ��

� �� .

�� , �� . � ��

� �� . ��

�� .

��

��.

��

setupconsole.exe �� .

setupconsole.exe �� Java ��

�� setup.exe� ��. ��

�� .

��

� �� .

<agent or profile install>.exe -is:javaconsole -console

�� GUI� �� . �� Telnet ��

�� .

��

� ��

�� . �� -is:javaconsole -console �

�� GUI �� .

<agent or profile install>.exe -options-record <filename>

� � �� .

<agent or profile install>.exe -options-template <filename>

� � ��

�� . � ��

�� .

<agent or profile install>.exe -options-silent <filename>

� � ��

�� .

��

� �� Windows 2000 Agent �� . ��

� �� . ��

��, �� Windows 2000 Agent ��

�� .

Windows 2000 Agent � �� .

2. Windows �� uninstaller.exe� ��.

�� .

3. �� .

4. �� .

5. �� .

�: �� Windows 2000 Agent ��, ��

�� . Windows 2000 Agent� �

�� .

�� C. �� SCHEMA.DSML ��

<?xml version="1.0" encoding="UTF-8"?><dsml><directory-schema>

<attribute-type single-value="true"><name>erW2KInitial</name>

<description>Middle initial(s) of user’s name.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.1</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax></attribute-type>

<attribute-type single-value="true"><name>erW2KNamePrefix</name>

<attribute-type single-value="true"><name>erW2KNameSuffix</name>

<attribute-type single-value="true"><name>erW2KEmployeeID</name>

<attribute-type single-value="true"><name>erW2KOfficeLocations</name>

<description>Office Location.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.5</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax></attribute-type>

<attribute-type single-value="true"><name>erW2KUPN</name>

<description>User principal name. Domain independent login.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.6</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax></attribute-type>

<attribute-type single-value="true"><name>erW2KContainer</name>

<attribute-type single-value="true"><name>erW2KHomeDir</name>

<attribute-type single-value="true"><name>erW2KHomeDirDrive</name>

<attribute-type single-value="true"><name>erW2KHomeDirNtfsAccess</name><description>NTFS security level for user home directory.

"Full" or "Change".</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.10</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KHomeDirShare</name><description>Name of share to create for home directory.

</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.11</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type>

<attribute-type single-value="true"><name>erW2KHomeDirShareAccess</name><description>User access level to home directory share.

"Full" or "Change".</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.12</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KManager</name><description>Login name of the account for the user’s manager.

</attribute-type><attribute-type single-value="true"><name>erW2KLoginScript</name><description>Path name of the login script file.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.14</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="false"><name>erW2KLoginWorkstations</name><description>List of workstation names from which the user

is allowed to login.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.15</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KHomePage</name><description>URL of user’s home page, either on the inernet

or the local intranet site.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.16</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KAllowDialin</name><description>Flag indicating whether the user is allowed

to use dial-in connection.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.17</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type>

�� C. �� SCHEMA.DSML �� 75

<attribute-type single-value="true"><name>erW2KDialinCallback</name><description>1 - No Callback, 2 - Fixed callback using

erW2KCallbackNumber, 4 - User supplied callback.</description>

</attribute-type><attribute-type single-value="true"><name>erW2KCallbackNumber</name><description>RAS Callback number for fixed callback</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.19</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KPasswordRequired</name><description>Flag indicating that the user account must

have a password.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.20</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KPasswordNeverExpires</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.21</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KPasswordForceChange</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.22</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KAllowEncryptedPassword</name><description>Flag indicating that the user can send an encrypted

password.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.23</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true">

<name>erW2KCannotBeDelegated</name><description>When set, the security context of the user will

not be delegated to a service even if the service account isset as trusted for Kerberos delegation.</description>

</attribute-type><attribute-type single-value="true"><name>erW2KTrustedForDelegation</name><description>When set, the service account (user or computer

account), under which a service runs, is trusted forKerberos delegation.</description>

</attribute-type><attribute-type single-value="true"><name>erW2KSmartCardRequired</name><description>Flag indicating that a smart card is required to

logon.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.26</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSServerName</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.27</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSProfilePath</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.28</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSInitialProgram</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.29</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true">

<name>erW2KWTSInheritInitialProg</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.30</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSWorkingDir</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.31</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSHomeDir</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.32</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSHomeDirDrive</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.33</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSHomeDirNtfsAccess</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.34</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSHomeDirShare</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.35</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSHomeDirShareAccess</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.36</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type>

<attribute-type single-value="true"><name>erW2KWTSClientDrives</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.37</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSClientPrinters</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.38</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSClientDefaultPrinter</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.39</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSTimeoutConnections</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.40</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSTimeoutDisconnections</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.41</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSTimeoutIdle</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.42</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSBrokenTimeout</name>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSReconnectSettings</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.44</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSShadowSettings</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.45</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSCallbackSettings</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.46</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.36</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSCallbackNumber</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.47</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erWTSAllowLogon</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.48</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KNoChangePassword</name><description>Flag indicating that the user cannot change password.

</attribute-type>

<attribute-type single-value="true"><name>erW2KLanguages</name><description>Array of language name for the user.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.50</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KOtherName</name><description>An additional name, for example, the middle name,

for the user.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.51</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KPasswordMinimumLength</name><description>Minimum password length.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.52</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.27</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KRequireUniquePassword</name><description>Flag indicating that the user cannot re-use

old passwords when changing password.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.53</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KBadLoginCount</name><description>Number of invalid login attempts for this

account.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.54</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.27</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KIsAccountLocked</name><description>Flag indicating that this account has been locked

by intruder prevention.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.55</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type>

<attribute-type single-value="true"><name>erW2KLastFailedLogin</name><description>Data of last failed login attempt.</description><object-identifier>1.3.6.1.4.1.6054.3.26.2.56</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KLastLogon</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.57</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KLastLogoff</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.58</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KPasswordLastChange</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.59</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KWTSRemoteHomeDir</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.60</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.7</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KGroupName</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.61</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KGroupType</name><description/>

</attribute-type><attribute-type single-value="true"><name>erW2KExpirationDate</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.63</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.24</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KContainerName</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.64</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2Kfax</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.66</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.22</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2KGroupCommonName</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.67</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><attribute-type single-value="true"><name>erW2kDomainName</name><description/><object-identifier>1.3.6.1.4.1.6054.3.26.2.68</object-identifier><syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>

</attribute-type><class superior="top"><name>erW2KAccount</name><description>Windows 2000 account.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.1</object-identifier><attribute ref="eruid" required="true"/><attribute ref="givenName" required="false"/><attribute ref="sn" required="false"/><attribute ref="erW2KInitial" required="false"/>

</class><class superior="top"><name>erW2KDAMLService</name><description>Class representing a DAML service provider for

Win2000.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.2</object-identifier><attribute ref="erURL" required="true"/><attribute ref="eruid" required="true"/><attribute ref="erPassword" required="true"/><attribute ref="erCertFile" required="false"/><attribute ref="erPrivateKeyFile" required="false"/><attribute ref="erCACertStore" required="true"/><attribute ref="erRemoteTimeZone" required="false"/><attribute ref="erW2kDomainName" required="false"/>

</class><class superior="top"><name>erW2KERMAService</name><description>Class representing a ERMA service provider for

Win2000.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.3</object-identifier><attribute ref="host" required="true"/><attribute ref="erERMAInBox" required="true"/><attribute ref="erERMAOutBox" required="true"/><attribute ref="erERMAEncryptionType" required="true"/><attribute ref="erERMAEncryptionKey" required="true"/><attribute ref="eruid" required="false"/><attribute ref="erPassword" required="false"/>

</class><class superior="top"><name>erW2KGroup</name><description>Windows 2000 group.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.4</object-identifier><attribute ref="erW2KGroupName" required="true"/><attribute ref="erW2KGroupCommonName" required="true"/><attribute ref="erW2KGroupType" required="true"/><attribute ref="description" required="false"/>

</class><class superior="top"><name>erW2KContainerGroup</name><description>Windows 2000 group.</description><object-identifier>1.3.6.1.4.1.6054.3.26.1.5</object-identifier><attribute ref="erW2KContainerName" required="true"/><attribute ref="erW2KGroupCommonName" required="false"/><attribute ref="erW2KGroupType" required="true"/><attribute ref="description" required="false"/>

</class></directory-schema>

</dsml>

�� D. �� XFORMS.XML ��

<?xml version="1.0" encoding="UTF-8" ?>- <!- W2K Build version 4.1.1011 ->- <EnRoleTransformations><EnRoleAttribute Name="__filterxml" RemoteName="__filterxml" /><EnRoleAttribute Name="eraaaBoolean" RemoteName="aaaBoolean" /><EnRoleAttribute Name="eraaaInteger" RemoteName="aaaInteger" /><EnRoleAttribute Name="eraaaDate" RemoteName="aaaDate" /><EnRoleAttribute Name="eraaaString1" RemoteName="aaaString1" /><EnRoleAttribute Name="eraaaMultiValueString" RemoteName="aaaMultiValueString"

ConvertReplaceToAddDelete="true" /><EnRoleAttribute Name="cn" RemoteName="FullName" /><EnRoleAttribute Name="givenName" RemoteName="FirstName" /><EnRoleAttribute Name="sn" RemoteName="LastName" /><EnRoleAttribute Name="erW2KInitial" RemoteName="Initial" /><EnRoleAttribute Name="erW2KNamePrefix" RemoteName="NamePrefix" /><EnRoleAttribute Name="erW2KNameSuffix" RemoteName="NameSuffix" /><EnRoleAttribute Name="erW2KEmployeeID" RemoteName="EmployeeID" /><EnRoleAttribute Name="description" RemoteName="Description" /><EnRoleAttribute Name="street" RemoteName="PostalStreet" /><EnRoleAttribute Name="postOfficeBox" RemoteName="PostalPoBox" /><EnRoleAttribute Name="l" RemoteName="PostalCity" /><EnRoleAttribute Name="st" RemoteName="PostalState" /><EnRoleAttribute Name="postalCode" RemoteName="PostalZipCode" /><EnRoleAttribute Name="c" RemoteName="PostalCountry" /><EnRoleAttribute Name="title" RemoteName="Title" /><EnRoleAttribute Name="erDepartment" RemoteName="Department" /><EnRoleAttribute Name="erCompany" RemoteName="Company" /><EnRoleAttribute Name="erDivision" RemoteName="Division" /><EnRoleAttribute Name="erW2KOfficeLocations" RemoteName="OfficeLocations" /><EnRoleAttribute Name="eruid" RemoteName="UserName" /><EnRoleAttribute Name="erW2KUPN" RemoteName="UPN" /><EnRoleAttribute Name="erPassword" RemoteName="UserPassword" RemoteAccess="W" /><EnRoleAttribute Name="erGroup" RemoteName="Group" ConvertReplaceToAddDelete="true" /><EnRoleAttribute Name="erW2KContainer" RemoteName="Container" /><EnRoleAttribute Name="mail" RemoteName="EmailAddress" /><EnRoleAttribute Name="erW2KHomeDir" RemoteName="HomeDirectory" /><EnRoleAttribute Name="erW2KHomeDirDrive" RemoteName="HomeDirectoryDrive" /><EnRoleAttribute Name="erW2KHomeDirNtfsAccess" RemoteName="HomeDirNtfsAccess" /><EnRoleAttribute Name="erW2KHomeDirShare" RemoteName="HomeDirShare" /><EnRoleAttribute Name="erW2KHomeDirShareAccess" RemoteName="HomeDirShareAccess" /><EnRoleAttribute Name="erW2KManager" RemoteName="Manager" /><EnRoleAttribute Name="erMaxStorage" RemoteName="MaxStorage" /><EnRoleAttribute Name="erLogonTimes" RemoteName="LoginHours" RemoteType="LoginTimes" /><EnRoleAttribute Name="erW2KLoginScript" RemoteName="LoginScript" /><EnRoleAttribute Name="erW2KLoginWorkstations" RemoteName="LoginWorkstations" RemoteType="CSL" /><EnRoleAttribute Name="erW2KHomePage" RemoteName="HomePage" /><EnRoleAttribute Name="erProfile" RemoteName="Profile" /><EnRoleAttribute Name="homePhone" RemoteName="TelephoneHome" /><EnRoleAttribute Name="telephoneNumber" RemoteName="TelephoneWork" /><EnRoleAttribute Name="erW2Kfax" RemoteName="FaxNumber" /><EnRoleAttribute Name="mobile" RemoteName="TelephoneMobile" /><EnRoleAttribute Name="pager" RemoteName="TelephonePager" /><EnRoleAttribute Name="erW2KAllowDialin" RemoteName="AllowDialin" RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KDialinCallback" RemoteName="DialinCallback" />

<EnRoleAttribute Name="erW2KCallbackNumber" RemoteName="CallbackNumber" /><EnRoleAttribute Name="erW2KPasswordRequired" RemoteName="PasswordRequired"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KPasswordNeverExpires" RemoteName="DontExpirePassword"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KPasswordForceChange" RemoteName="ForcePasswordChange"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KAllowEncryptedPassword" RemoteName="AllowEncryptedPassword"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KCannotBeDelegated" RemoteName="CannotBeDelegated"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KTrustedForDelegation" RemoteName="TrustedForDelegation"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KSmartCardRequired" RemoteName="SmartCardRequired"

RemoteType="Boolean10" /><EnRoleAttribute Name="erSystemCall" RemoteName="userexec" /><EnRoleAttribute Name="erW2KExpirationDate" RemoteName="AccountExpirationDate"

RemoteType="DateYYYYMMDD" AllowEmptyValues="true" /><EnRoleAttribute Name="erW2KWTSServerName" RemoteName="WtsServerName" /><EnRoleAttribute Name="erW2KWTSProfilePath" RemoteName="WtsProfilePath" /><EnRoleAttribute Name="erW2KWTSInitialProgram" RemoteName="WtsInitialProgram" /><EnRoleAttribute Name="erW2KWTSInheritInitialProg" RemoteName="WtsInheritInitialProg"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KWTSWorkingDir" RemoteName="WtsWorkingDir" /><EnRoleAttribute Name="erW2KWTSHomeDir" RemoteName="WtsHomeDir" /><EnRoleAttribute Name="erW2KWTSHomeDirDrive" RemoteName="WtsHomeDirDrive" /><EnRoleAttribute Name="erW2KWTSHomeDirNtfsAccess" RemoteName="WtsHomeDirNtfsAccess" /><EnRoleAttribute Name="erW2KWTSHomeDirShare" RemoteName="WtsHomeDirShare" /><EnRoleAttribute Name="erW2KWTSHomeDirShareAccess" RemoteName="WtsHomeDirShareAccess" /><EnRoleAttribute Name="erW2KWTSClientDrives" RemoteName="WtsClientDrives"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KWTSClientPrinters" RemoteName="WtsClientPrinters"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KWTSClientDefaultPrinter" RemoteName="WtsClientDefaultPrinter"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KWTSTimeoutConnections" RemoteName="WtsTimeoutConnections" /><EnRoleAttribute Name="erW2KWTSTimeoutDisconnections" RemoteName="WtsTimeoutDisconnections" /><EnRoleAttribute Name="erW2KWTSTimeoutIdle" RemoteName="WtsTimeoutIdle" /><EnRoleAttribute Name="erW2KWTSBrokenTimeout" RemoteName="WtsBrokenTimeout" /><EnRoleAttribute Name="erW2KWTSReconnectSettings" RemoteName="WtsReconnectSettings" /><EnRoleAttribute Name="erW2KWTSShadowSettings" RemoteName="WtsShadowSettings" /><EnRoleAttribute Name="erW2KWTSCallbackSettings" RemoteName="WtsCallbackSettings" /><EnRoleAttribute Name="erW2KWTSCallbackNumber" RemoteName="WtsCallbackNumber" /><EnRoleAttribute Name="erWTSAllowLogon" RemoteName="WtsAllowLogon" RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KNoChangePassword" RemoteName="NoChangePassword"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KLanguages" RemoteName="Languages" /><EnRoleAttribute Name="erW2KOtherName" RemoteName="OtherName" /><EnRoleAttribute Name="erPasswordExpiresOn" RemoteName="PasswordExpirationDate"

RemoteType="DateYYYYMMDD" /><EnRoleAttribute Name="erW2KPasswordMinimumLength" RemoteName="PasswordMinimumLength"

RemoteAccess="R" /><EnRoleAttribute Name="erW2KRequireUniquePassword" RemoteName="RequireUniquePassword"

RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KBadLoginCount" RemoteName="BadLoginCount" /><EnRoleAttribute Name="erW2KIsAccountLocked" RemoteName="IsAccountLocked"

RemoteAccess="R" RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KLastFailedLogin" RemoteName="LastFailedLogin"

RemoteType="DateYYYYMMDD" /><EnRoleAttribute Name="erW2KLastLogon" RemoteName="LastLogin" RemoteAccess="R"

RemoteType="DateYYYYMMDD" /><EnRoleAttribute Name="erW2KLastLogoff" RemoteName="LastLogoff"

RemoteAccess="R" RemoteType="DateYYYYMMDD" /><EnRoleAttribute Name="erW2KPasswordLastChange" RemoteName="PasswordLastChanged"

RemoteType="DateYYYYMMDD" /><EnRoleAttribute Name="erW2KWTSRemoteHomeDir" RemoteName="WtsRemoteHomeDir"

RemoteAccess="R" RemoteType="Boolean10" /><EnRoleAttribute Name="erW2KGroupType" RemoteName="GroupType"

RemoteAccess="R" /><EnRoleAttribute Name="erW2KGroupName" RemoteName="erW2KGroupName" /><EnRoleAttribute Name="erW2KGroupNameAlias" RemoteName="GroupNameAlias" /><EnRoleAttribute Name="erW2KContainerName" RemoteName="erW2KContainerName" /><EnRoleAttribute Name="erW2KGroupCommonName" RemoteName="GroupCommonName" /><EnRoleAttribute Name="erW2KDomainName" RemoteName="DomainName"

RemoteAccess="W" RemoteRDN="true" /><EnRoleAttribute Name="erAccountStatus" RemoteName="UserStatus"

RemoteType="AccountStatus" StatusAttribute="UserAccountDisabled"SuspendRestoreValues="YES,NO" />

<EnRoleClass Name="erW2KAccount" RemoteName="USER" RDNAttribute="eruid" /><EnRoleClass Name="erW2KGroup" RemoteName="GROUP" RDNAttribute="erW2KGroupName"

ClassType="GroupType" ClassValue="UserGroup" /><EnRoleClass Name="erW2KContainerGroup" RemoteName="GROUP"

RDNAttribute="erW2KContainerName" ClassType="GroupType" ClassValue="Container" /></EnRoleTransformations>

�� D. �� XFORMS.XML �� 89

�� E. �� CustomLabels.properties ��

## Win2KAgent Labels definitions#erw2kinitial=Initialerw2knameprefix=Name Prefixerw2knamesuffix=Name Suffixerw2kemployeeid=Employee IDerw2kofficelocations=Office Locationserw2kupn=User Principal Nameerw2kcontainer=Containererw2khomedir=Home Directoryerw2khomedirdrive=Home Directory Driveerw2khomedirntfsaccess=Home Directory NTFS Accesserw2khomedirshare=Home Directory Shareerw2khomedirshareaccess=Home Directory Share Accesserw2kmanager=Managererw2kloginscript=Logon Scripterw2kloginworkstations=Workstationserw2khomepage=Home Pageerw2kallowdialin=Allow Dialinerw2kdialincallback=Callback Settingserw2kcallbacknumber=Callback Numbererw2kpasswordrequired=Password Requirederw2kpasswordneverexpires=Password Never Expireserw2kpasswordforcechange=Force Password Changeerw2kallowencryptedpassword=Allow Encrypted Passworderw2kcannotbedelegated=Account Cannot Be Delegatederw2ktrustedfordelegation=Trusted For Delegationerw2ksmartcardrequired=Smart Card Requirederw2kwtsservername=Server Nameerw2kwtsprofilepath=Profile Patherw2kwtsinitialprogram=Initial Programerw2kwtsinheritinitialprog=Inherit Initial Programerw2kwtsworkingdir=Working Directoryerw2kwtshomedir=WTS Home Directoryerw2kwtshomedirdrive=WTS Home Directory Driveerw2kwtshomedirntfsaccess=WTS Home Directory NTFS Accesserw2kwtshomedirshare=WTS Home Directory Shareerw2kwtshomedirshareaccess=WTS Home Directory Share Accesserw2kwtsclientdrives=Connect Client Driveserw2kwtsclientprinters=Connect Client Printerserw2kwtsclientdefaultprinter=Client Printer Is Defaulterw2kwtstimeoutconnections=Connection Timeout (ms)erw2kwtstimeoutdisconnections=Disconnection Timeout (ms)erw2kwtstimeoutidle=Idle Timeout (ms)erw2kwtsbrokentimeout=Broken Timeout Settingerw2kwtsreconnectsettings=Reconnect Settingserw2kwtsshadowsettings=Shadow Settingserw2kwtscallbacksettings=WTS Callback Settingserw2kwtscallbacknumber=WTS Callback Numbererwtsallowlogon=Allow Logonerw2knochangepassword=User Cannot Change Passworderw2klanguages=Languages

erw2kothername=Other Nameerw2kpasswordminimumlength=Password Minimum Lengtherw2krequireuniquepassword=Require Unique Passworderw2kbadlogincount=Bad Login Counterw2kisaccountlocked=Account is Lockederw2klastfailedlogin=Last Failed Loginerw2klastlogon=Last Loginerw2klastlogoff=Last Logofferw2kpasswordlastchange=Last Password Changeerw2kwtsremotehomedir=WtsRemoteHomeDirerw2kexpirationdate=Expiration Datetag.ntfs.full=Fulltag.ntfs.change=Changetag.ntfs.none=Not Applicabletag.ntfs.reset=Reset (Void)tag.w2k.change=Changetag.w2k.full=Fulltag.w2k.none=Not Applicabletag.w2k.reset=Reset (Void)tag.w2k.user=Personaltag.w2k.account=Accounttag.w2k.wts=Terminal Servertag.w2k.password=Passworderw2kfax=Fax NumbererGroup=Grouptag.w2k.nocallback=No Callbacktag.w2k.fixedcallback=Fixed callback numbertag.w2k.usercallback=User supplied callback numbertag.w2k.btdisconnected=The session is disconnectedtag.w2k.btterminated=The session is terminatedtag.w2k.rcanyclient=Any clienttag.w2k.rcoriginalclient=Original client onlytag.w2k.shadow0=Disabletag.w2k.shadow1=Enable input, notifytag.w2k.shadow2=Enable input, no notifytag.w2k.shadow3=Enable no input, notifytag.w2k.shadow4=Enable no input, no notifyerW2KGroupName=NameerW2KGroupCommonName=Common NameerW2KGroupType=Group TypeerW2KContainerName=Name

�� F. ��

� �� . IBM ��

�� , �� . ��

�� IBM �� . �

�� IBM ��, �� IBM ��, ��

� �� . IBM� ��

� �� , �� , ��

� ��. �� IBM ��, ��

�� .

IBM � ��

�� . � ��

� ��. �� .

135-270

�� 467-12, ��

�� .�.� ��

��

��: 080-023-8080

2��(DBCS) �� IBM ��

�� .

IBM World Trade Asia Corporation

Licensing

2-31 Roppongi 3-chome, Minato-ku

Tokyo 106-0032, Japan

�� . IBM

� � � �, ��

(�, �� ) ��

�� . ��

�� , � �� .

� �� . � �

�� , � �� . IBM � ��

�� /�� /��

� �� IBM� � �� , � ��

� �� . � � �� IBM ��

��

� ��.

IBM ��

� �� .

(1) �� (� �� ) ��

(2) ��

�� .

135-270

�� 467-12, ��

�� .�.� ��

��

�� (� ��, �� ) ��

��.

� ��

�� IBM� IBM �� , IBM �� (IPLA)

�� .

� �� . ��

�� . ��

��

�� . ��, ��

�� . � ��

�� .

�IBM �� , ��

� � ��. IBM�� , �IBM �

�� , �� . �

IBM �� .

��

�� IBM Corporation� ��

��.

IBM ��

SecureWay

Tivoli

Tivoli ��

Universal Database

WebSphere

Lotus� IBM Corporation �/�� Lotus Development Corporation� ��

Domino� �� IBM Corporation � Lotus Development

Corporation� ��.

Microsoft, Windows, Windows NT � Windows ��

�� Microsoft Corporation� ��.

Java � �� Java �� Sun

Microsystems, Inc.� �� .

UNIX� �� Open Group� ��.

� ��, �� .

�� F. �� 95

��

�� 3

��

�� 28

agentCfg� �� 27

�� 27, 36

�� 27

� �� vii

�� i

�� 3

��

�� 37

�� 38

agentCfg� ��/�� 37

��

�� 38

�� 38, 39

��

��, agentCfg� �� 37

��/�� , agentCfg� �� 37

��, agentCfg� ��

�� 38

�� /�� 38

�� 37

��/�� 37

�� /�� 38

� �� 37

��, �� 37

�� (��)

�� 41

�� , agentCfg� �� 36, 37

�� /�

�� 30

�� vii

��

�� vi

�� , �� 40

��

�� 55

�� 63

� 64

�� 63

�� 64

�� 63

�� 3, 11

�� , �� 40

��

�� vi

��

�� 3, 11

�� 3

�� 3, 11

�� 3

Tivoli Identity Manager Server�� 3

��

�� 37

�� 38

agentCfg� ��/�� 37

��

�� 40

�� (��)

�� 40

� �� 40

�� 3

��

�� 30

� 30

�� 38, 39

�� 38

��

�� 6

��

�� 55

Windows 2000 Agent �� 63

��

�� 1

�� 71

�� 72

� 71

�� 8

�� 7

� �� 7

� 72

��

�� 12

�� 11

��

�� agentCfg

�� 3

��

��/�� 32

�� 33

��

�� 32

�� 33

�� (��)

��

�� 35

�� 36

�� 33

�� DN 35

�� 33

�� 34

�� , CertTool� �� 47

��

� 53

�� 53

� 53

��

�� 53

�� 51

��

�� 51

�� 50

request.pem �� 50

�� 49

��

�� CertTool

�� 48

�� 52

CertTool 45

� ��

�� 64

��

agentCfg� � 29

�� 36

AagentCfg

�� 28

��

�� 40

�� 27

�� 41

�� 38

�� 32

�� 28

�� 36

��

�� 36

�� 38

�� 27

�� 40

�� 29

�, �� 41

agentCfg� ��

-agent 41

-confidencetest 41

-findall 41

-help 41

-hostname 41

-list 41

-netsearch 41

-portnumber 41

-schema 41

-setup 41

-tail 41

-version 41

-help �� 41

CCertTool

�� , �� 49

��

� 53

�� 53

� 53

��, � 51

CertTool (��)

��

�� 47

� 48

�� 53

�� 51

�� 49

CA �

�� 52

DDAML ��

�� 30

��, agentCfg� ��

�� 30

password 30

srv_nodename 31

srv_password 31

srv_portnumber 31

srv_username 31

username 30

validate_client_ce 31

Ppassword

�� 30

portnumber

�� 30

Ssrv_nodename, agentCfg� �� 31

srv_password, agentCfg� �� 31

srv_portnumber, agentCfg� �� 31

srv_username, agentCfg� �� 31

� 99

TTivoli Identity Manager

�� 47

Uusername, agentCfg� �� 30

UTF8 �� 40

Vvalidate_client_ce, agentCfg� �� 31

��

Printed in Denmark by IBM Danmark A/S

SA30-2135-03

windows 2000 agent - ibmpublib.boulder.ibm.com/tividd/td/itim/sc32-1153-03/... · windows 2000...

Documents

1 introduction to microsoft windows 2000 windows 2000...

windows 2000 installation guide - ftdi · windows 2000...

zertifizierungen edmp und dmp-brustkrebs ·...

sxe on windows 2000 installing windows 2000 server,...

1998–2000: windows 98, windows 2000, windows me—windows...

perangkat lunak presentasi · presentasi. sejarah ms.power...

basic windows 2000/ windows 2000 server … · basic...

miscellaneous windows 2000 desktop features windows 2000...

dcom configuration for windows nt4, windows 2000, windows...

windows 2000 sp4 & windows xp

control-m/agent for unix and microsoft...

1 · 2000 → windows 2000 Γενικό όνομα για...

sas agent for windows logon 1.12 configuration guide ·...

system integration...

chapter 8 windows 2000. 2 outline programming windows 2000...

netiq secure configuration manager windows …...the netiq...

control-m/agent for microsoft windows

installation of diagnostics agent on windows · pdf...

em12cr3 windows agent deployment

windows 2000