Sun Java System Access Manager 7 2005Q4 Release Notes

CR# 6440697: Distributed Authentication should run as non-amadmin user

To create a Distributed Authentication administrator other than the default administrative user (amadmin) for Distributed Authentication application authentication, follow this procedure:

  1. Create an LDAP user for the Distributed Authentication administrator. For example:

  2. Add the Distributed Authentication administrator to the list of special users. For example:

    ou=DSAME Users,o=am|cn=amService-UrlAccessAgent,ou=DSAME Users,

    Add this property to the file of all Access Manager servers, so that the Distributed Authentication administrator's AppSSOToken does not expire when the session expires.