Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover

ProcedureTo Apply Service Patch 5 to Access Manager Server 1

  1. As a root user, log in to host AccessManager-1.

  2. Unzip the patch file. Example:

    # cd /temp
    # ls 
    # unzip
  3. Run the patchadd command.

    (On Solaris 10) # patchadd -G /temp/120954-05

    For other platforms, see the Readme file that comes with the patch.

    After successful installation ,a draft amsilent file is created in /opt/SUNWamdirectory. This amsilent is based on /opt/SUNWam/bin/amsamplesilent , but with some required parameters set according to the AM config files on this system.

  4. Redeploy the Access Manager applications.

    For detailed information about the following substeps, see the Release Notes (120954-05/rel_notes.html) that come with the patch.

    1. In the amsilent file, use a text editor to uncomment and modify the value of each password parameter, and verify the accuracy of other parameters in this file.

      In the following example, the entries in bold have been uncommented and modified.

      # cd opt/SUNWam

      # vi amsilent

      # The following entries contain sample values!
      # These should be modified for your specific installation
      # and then uncommented (remove the # from the line)
    2. Run the following amconfig command:

      # cd /opt/SUNWam/bin

      # ./amconfig -s /opt/SUNWam/amsilent

  5. Update the Access Manager schema.

    1. In the directory where you unzipped the patch files, run the command.

      Provide information when prompted. See the following example:

      # cd /tmp/120954-05
      # ./
      Executing, the lof file is 
      Directory Server fully-qualified hostname (
      Directory manager dn (cn=Directory Manager):
      Directory manager password: 
      Top-Level Administrator DN (uid=amAdmin,ou=People,
      Top-Level Adminsitrator password:
      loading /etc/opt/SUNWam/accountLockout.ldif.....
      modifying entry cn=schema
    2. Restart Directory Server 1.

      # cd /var/opt/mps/serverroot/slapd-am-config
      # ./stop; start

      Check the error log to be sure there are no startup errors.

    3. Restart Directory Server 2.

      # cd /var/opt/mps/serverroot/slapd-am-config
      # ./stop; start

      Check the error log to be sure there are no startup errors.

  6. Change the Server Name to Load Balancer 1 in the serverconfig.xml file.

    This step is necessary because a load balancer is used between the two Access Manager servers.

    # cd /etc/opt/SUNWam/config
    # vi serverconfig.xml
            <ServerGroup name="default" minConnPool="1" maxConnPool="10">
                <Server name="Server1" host="" 
                  port="389" type="SIMPLE" />
                <User name="User1" type="proxy">
                                cn=puser,ou=DSAME Users,
                <User name="User2" type="admin">
                                cn=dsameuser,ou=DSAME Users,

    Save the file.

  7. Verify that the patch was successfully installed.

    1. Restart the Access Manager 1 Web Server.

      # cd /opt/SUNWwbsvr/
      # ./stop; ./start 
    2. Use the version command to display installed patches.

      # cd /opt/SUNWam/bin
      # ./amadmin --version
      Sun Java System Access Manager 7 2005Q4 patch 120954-05
    3. On AccessManager-1, start a new browser and go to the URL of Access Manager 1.


    4. Log in to the Access Manager console using the following information:





      If you can log in successfully, close the browser.