Creating a User Store for the NESCM Method

Identity Server must be configured to use the eDirectory replica where you have installed the NESCM server method.

  • If you have already configured Identity Server to use this replica, skip this section and continue with Creating a Contract for the Smart Card.

  • If your Identity Server is using a different user store, you need to configure Identity Server.

To configure Identity Server for the eDirectory replica that has the NESCM method:

  1. Click Devices > Identity Servers > Edit > Local> User Stores > New.

  2. On the Create User Store page, specify the following details:

    Name: A display name for the eDirectory replica (for example, nescm_replica).

    Admin Name: The distinguished name of the admin user of the directory. Administrator-level rights are required for setting up a user store.

    Admin Password and Confirm Password: The password for the admin user and the confirmation for the password.

    NOTE:If the admin account's password needs to be changed in the LDAP directory due to some issue, then change the admin password in the Create User Store page accordingly and apply the change. Else, this admin account of the user store will get locked.

    Directory Type: Select eDirectory.

  3. In the Server replica section, click New and specify the following details:

    Name: The display name for the LDAP directory server (for example, nescm_server).

    IP Address: The IP address of the LDAP directory server. The port is set automatically to the standard LDAP ports.

  4. Click Use secure LDAP connections. You must enable SSL between the user store and Identity Server. The port changes to 636, which is the secure LDAP port.

  5. Click Auto import trusted root.

  6. Click OK.

  7. Select the Root CA Certificate to trust any certificate signed by that certificate authority.

  8. Specify an alias and click OK.

    An alias is a name you use to identify the certificate used by Access Manager.

  9. Click Close > OK.

  10. Under Server Replicas, verify the Validation Status.

    The system displays a green check mark if the connection is valid.

  11. Set up a search context.

  12. Click Finish.

  13. Continue with Creating a Contract for the Smart Card.