Set up a Docker-based identity connector

Before you begin

  1. Verify Docker is properly installed. Identity connectors installed as Docker containers require a Docker-ready OS environment. If you do not have Docker installed, see the Docker documentation. Refer to the instructions that apply to your environment.
  2. Create and download the identity connector file for Docker. For instructions, see Create and download an identity connector.

Complete this procedure to set up an identity connector as a Docker image on a Docker-ready environment. You cannot attach Client-Access applications to a Docker-based identity connector.

How to

  1. In your Docker environment, open a terminal window.
  2. Navigate to the downloaded Docker container.
  3. Unzip the Docker image:
    $ gunzip <Connector_docker_image_filename.tar.gz>
  4. Load the image into Docker:
    $ sudo docker load -i <Connector_docker_image_filename.tar>
  5. Check that the image is loaded properly and find the <docker_image_name>:
    $ sudo docker images
  6. Run the Docker image:
    $ sudo docker run --name <Connector_Name> --restart=always -d <docker_image_name>
  7. Confirm that the Docker-based container is running:
    $ sudo docker ps
  8. In ETP, return to the identity connector configuration and complete these steps:
    1. In the ETP navigation menu, select Configuration > Utilities. Click the Identity Connectors tab.
      Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Clients & Connectors > Access and Identity Connectors.
    2. Locate the Docker connector and click Need your approval.
    3. Wait while the ETP service verifies the connector. A success message appears when the Docker-based identity connector is running as a container.
  9. To prevent abnormal behavior in the event of the agent being restarted, commit the identity connector to a new image:
    $ sudo docker commit <Connector_Container_ID> <new_image_name>

    Replace <new_image_name> with any name you choose for this connector.

    Your Docker-based identity connector now runs as a container on your server.