Domain Component Tree

The Domain Component tree (DC tree) is a specific DIT structure used by many Sun Java System components to map between DNS names and realm entries.

When this option is enabled, the DC tree entry for an realm is created, provided that the DNS name of the realm is entered at the time the realm is created. The DNS name field will appear in the realm Create page. This option is only applicable to top-level realms, and will not be displayed for subrealms.

Any status change made to the inetdomainstatus attribute through the Access Manager SDK in the realm tree will update the corresponding DC tree entry status. (Updates to status that are not made through the Access Manager SDK will not be synchronized.) For example, if a new realm, sun, is created with the DNS name attribute sun.com , the following entry will be created in the DC tree:

dc=sun,dc=com,o=internet,root suffix

The DC tree may optionally have its own root suffix configured by setting com.iplanet.am.domaincomponent in AMConfig.properties. By default, this is set to the Access Manager root. If a different suffix is desired, this suffix must be created using LDAP commands. The ACIs for administrators that create realms required modification so that they have unrestricted access to the new DC tree root.