Hitachi

JP1 Version 12 JP1/IT Desktop Management 2 Configuration Guide

2.7.2 Overview of switching from ITDM2 authentication to JP1 authentication

To change a configuration system that uses ITDM2 authentication to one that uses JP1 authentication, on the JP1/Base authentication server, register as JP1 users the ITDM2 user accounts that were being used. Next, set a JP1 resource group and JP1 permission level for each JP1 user, change the setup information of JP1/IT Desktop Management 2, and then set up JP1/Base user management. If necessary, in the Account Management view of the Settings module, add recipients to whom notification emails are to be sent.

The procedure for changing the authentication method is described below. For details about the setup procedures to be performed on the authentication server, see the JP1/Base User's Guide.

Important

If you use JP1 authentication, you cannot set an administration scope. If you want to set an administration scope, use ITDM2 authentication.

  1. In an environment where Windows firewall is enabled, specify the settings so that the JP1/Base authentication server can connect to the management server.

    Specify the settings on the authentication server so that port 20240 is used.

  2. If the version of JP1/Base is 11-10, update the access permission level file of JP1/Base.

    Copy the file from the installation folder of JP1/IT Desktop Management 2, and then overwrite the access permission level file of JP1/Base with the copied file. After that, execute the jbsaclreload command on the JP1/Base authentication server to apply the update.

    Source of the file to be copied

    When the authentication server uses Windows:

    installation-folder-of-JP1/IT Desktop Management 2 - Manager\mgr\conf\JP1_AccessLevel.1110Windows

    When the authentication server uses UNIX:

    installation-folder-of-JP1/IT Desktop Management 2 - Manager \mgr\conf\JP1_AccessLevel.1110UNIX

    Destination of the file to be copied

    When the authentication server uses Windows:

    installation-folder-of-JP1/Base\conf\user_acl\JP1_AccessLevel

    When the authentication server uses UNIX:

    shared-folder-\jp1base\conf\user_acl\JP1_AccessLevel

  3. Determine the name of the JP1 resource group to be configured for each JP1 user account to be used in JP1/IT Desktop Management 2.

    Specify the JP1 resource group name in 1 to 64 bytes. You can use single-byte alphanumeric characters and the following symbols:

    exclamation mark (!), hash mark (#), dollar sign ($), percent sign (%), ampersand (&), single quotation mark ('), left parenthesis ((), right parenthesis ()), asterisk (*), hyphen (-), period (.), at mark (@), backslash (\), caret (^), underscore (_), grave accent mark (`), left curly bracket ({), right curly bracket (}), and swung dash (~)

    Tip

    You can configure one resource group for each management server. In a multi-server configuration, you can specify different JP1 permission levels by setting different JP1 resource groups for individual management servers.

  4. On the JP1/Base authentication server, register as JP1 users the ITDM2 user accounts that were being used.

    Important

    If a user ID or password uses characters that are not supported by JP1/Base, you will need to change the user ID or password. For details about the characters you can use in JP1/Base, see the JP1/Base User's Guide.

  5. On the authentication server, set a JP1 resource group and JP1 permission level for each JP1 user.

    For the JP1 permission level, assign permissions and task allocations based on the assigned permissions and task allocations in JP1/IT Desktop Management 2. For details about the correspondence between JP1 permission levels, and the permissions and task allocations in JP1/IT Desktop Management 2, see 2.7.4 Correspondence between JP1 permission levels, and the permissions and division of work responsibilities in JP1/IT Desktop Management 2.

  6. Set up JP1/IT Desktop Management 2 - Manager. In the User Management Settings window, select Manage users by using JP1/Base, and then specify a JP1 resource group.

    Important

    To run JP1/IT Desktop Management 2 in a cluster system, you must specify the same logical host name when configuring the JP1/Base cluster environment and when configuring JP1/IT Desktop Management 2 - Manager.

  7. To set a JP1 user as a recipient of notification emails (such as those for events and reports), add the email address of the JP1 user to the list of email notification destinations in the Account Management view of the Settings module.

To Page Top

Copyright (C) 2019, 2022, Hitachi, Ltd.

Copyright (C) 2019, 2022, Hitachi Solutions, Ltd.

Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated.