By deploying he reference configuration, in particular the Access Manager module, in accordance with the procedures in this guide, you create an LDAP schema with some basic user attributes. In particular, new user accounts will be provisioned with the following attributes:
sn: usernamecn: usernameuserPassword: *********inetUserStatus: Activeuid: usernameobjectClass: iplanetpreferencesobjectClass iplanet-am-managed-personobjectClass: topobjectClass: iplanet-am-user-serviceobjectClass: organizationalpersonobjectClass: inetadminobjectClass: inetorgpersonobjectClass: personobjectClass: sunamauthaccountlockoutobjectClass: inetuseriplanet-am-user-auth-config: (empty)
With these attributes alone, however, user accounts are not able to access the portal desktop or other portal services, such as the SRA Gateway, Netlet, or Proxylet services. To be authorized for portal services, a user entry must include the object classes that are shown in the following table.
Table C–1 Object Classes and Corresponding Services
objectClass |
Corresponding Service |
---|---|
sunportalportal1desktopperson |
portal1 Desktop |
sunportalportalpksubscriptionperson |
Access List |
iplanet-amauth-configuration-service |
Authentication Configuration |
sunmobileappabperson |
Mobile Address Book |
sunmobileappcalendarperson |
Mobile Calendar |
sunmobileappmailperson |
Mobile Mail |
sunportalnetfileservice |
NetFile |
sunportalgatewayaccessservice |
Gateway |
sunportalnetletservice |
Netlet |
sunportalproxyletservice |
Proxylet |
sunssoadapterperson |
SSO Adapter |
sunportalportal1pksubscriptionsperson |
portal1 Subscriptions |
In provisioning users for portal services, objectClasses in the above table need to be added to all user entries, depending on the portal services desired by the user.