Create the MA
Copy the following files to the Extensions folder on the FIM Synchronization Service server. (Typically C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Extensions)
- Lithnet.SshMA.dll
- Lithnet.Logging.dll
- Renci.SshNet.dll
- Follow the instructions at configure the MA data folder to prepare the data folder
- Copy the MA configuration file to the data folder
- In the Synchronization Service client, click
Actions->Create... - Select
Extensible Connectivity 2.0as the management agent type, and provide a name for the MA - Select
Processas the architecture type, and ensureRun this management agent in a separate processis unticked
- Click
Next - Browse to the extensions folder and select
Lithnet.SshMA.dll - Click
Refesh Interfaces, followed byNext
- Provide the host name and port
- Specify the full path to the MA configuration file
- Select either
Username/PasswordorUsername/Keyfor theAuthentication modeparameter - If using key based authentication, then specify the path to the private key file
- Specify the username and password for the account or the private key file
- Specify the log file location (ensure the sync service account has write permissions to this folder)
- Click
Nexton theConfigure Partitions and Hierarchiespage - Select the object types you want to manage
- Select the attributes you want to manage. Ensure that 'entry-dn' is selected
- Click
Nexton theConfigure Anchorspage
- Configure any connector filters and join and project rules on the following pages
- Define your attribute flows
- Configure the deprovisioning action as appropriate for your environment
- Configure password management if appropriate. Remember to enable this MA as a password synchronization target in the MA that provides the incoming password changes
The management agent is now configured. After you have created the appropriate run profiles, perform a full import to create any required placeholder objects before running a full sync on the MA.