When deploying the portal service reference configuration, you install and configure a number of components with administrative interfaces, as well as administrator accounts for accessing these interfaces. Some of these administrator accounts are used by multiple components.
In many environments, different administrator accounts are used to manage different services. However, if there are no specific reasons to use different passwords for the different administrator accounts, you can streamline the installation, configuration, and maintenance of your deployment by using the same password for all such accounts.
It is important to determine, in advance, the administrative account IDs and passwords that you will use when deploying the reference configuration.
The following table shows the administrator account IDs that are needed to deploy the reference configuration, the variables that are used in this guide to represent the corresponding passwords, and the interfaces that are managed by each of the administrator accounts.
Table 3–6 Administrator Accounts in Reference Configuration
Account ID |
Password Variable |
Interfaces |
---|---|---|
admin |
directory-admin-password |
Directory Server dsconf command Directory Service Control Center (DSCC) |
cn=Directory Manager |
directory-manager-password |
Accessing directory data ldapmodify and ldapsearch commands |
amadmin |
access-manager-admin-password |
Access Manager amadmin command Portal Server psadmin command Access Manager Console Portal Server Console |
amldapuser |
access-manager-LDAP-password |
Access Manager's Directory Server account |
admin |
app-server-admin-password |
Application Server asadmin command Application Server Admin Console |
app-server-master-password |
Application Server cluster features |
|
admin |
MQ-admin-password |
Message Queue imqcmd command |
When you use command-line interfaces in the implementation procedures in this guide, you can provide the administrator account password in any of the following ways:
Type a password on the command line by using the option that is provided by the command (usually -p password).
This approach is not very secure, and is not supported by the Portal Server psadmin command.
Create a password file that contains the password, and reference the password file on the command line by using the option provided by the command (usually -f password-file)
To create a password file, type the following command:
# echo password>password-file
This approach is more secure than typing the password on the command line. However, the contents of the password file can be stolen.
Type only the administrator user ID on the command line, and type the password only when prompted.
This approach is quite secure but makes scripting of procedures more difficult.
When implementing the reference configuration, you are free to choose whichever approach you wish. For consistency, however, the last approach is used in all the implementation procedures in this guide.