Sun Java System Access Manager 7.1 Performance Tuning and Troubleshooting Guide

ProcedureTo improve performance for the Distributed Authentication UI server default user:

  1. In the Access Manager console, create a new user. For example: DistAuthUIuser.

  2. In Directory Server, add the DistAuthUIuser user with a new ACI to allow reading, searching, and comparing user attributes. An example of this new ACI is:

    aci: (target="ldap:///ou=1.0,ou=SunAMClientData,ou=ClientData,dc=example,dc=com")
    (targetattr = "*"(version 3.0; acl "SunAM client data access for application user"; 
    allow (read, search, compare) 
    userdn = "ldap:///uid=DistAuthUIuser,ou=people,dc=example,dc=com";)
  3. On the Distributed Authentication UI server, set the following variables in the configuration file:


    On Solaris and Linux systems, the configuration file is based on the amsamplesilent file and is named DistAuth_config in the next step. Set any other variables in the DistAuth_config file, as required for your deployment.

    On Windows systems, use the file to create a new configuration file. For example:

  4. Run the amconfig script using the edited configuration file.

    For example, on a Solaris system with Access Manager installed in the default directory:

    # cd /opt/SUNWam/bin
    # ./amconfig -s ./DistAuth_config

    On Windows systems, in the amconfig.bat file, change to, and then run the edited amconfig.bat file.

  5. Restart the web container on the Distributed Authentication UI server.