Configuring Sun Java System Directory Server

Configuring Directory Server involves loading the required object classes, attributes, and objects, which are available in the following LDIF files:

• zip-root/opensso/ldif/sunone_schema2.ldif

• zip-root/opensso/ldif/ds_remote_schema.ldif

• config_dir/template/ldif/install.ldif

• zip-root/opensso/ldif/index.ldif

• zip-root/opensso/ldif/plugin.ldif

• zip-root/opensso/ldif/fam_sds_schema.ldif

where:

• zip-root is where the opensso_enterprise_80.zip file was unzipped.

• config_dir is the configuration directory specified during the initial configuration of opensso.war. For example: /opensso

Before you modify these LDIF files, be sure to back up each file.

Configure Directory Server by loading the required object classes and attributes by following one of these processes:

• To Configure an Existing Directory Server With Access Manager 7.x User Data Store

• To Configure a New Directory Server

To Configure an Existing Directory Server With Access Manager 7.x User Data Store

This task describes how to configure an existing Directory Server identity repository that was previously deployed with Access Manager 7.1 or Access Manager 7 2005Q4, in either legacy or realm mode.

1. Load the following object classes to the Directory Server schema from the fam_sds_schema.ldif file:

   • sunFederationManagerDataStore

   • sunFMSAML2NameIdentifier

   Note: The fam_sds_schema.ldif file also includes the sunIdentityServerLibertyPPService object class. If you don't want to load this object class, comment out the appropriate line before you load the file.

   To load these object classes, use the Directory Server Console, Directory Service Command Center (DSCC), or a command-line utility such as ldapmodify.

2. Continue with Configuring OpenSSO Enterprise Server .

To Configure a New Directory Server

1. In the following LDIF files, replace the tags marked by ampersands (@):

   • config_dir/template/ldif/install.ldif

     • @NORMALIZED_RS@ with the normalized root suffix. For example: o=example,o=isp

     • @RS_RDN@ with the relative DN of the root suffix. For example: example

     • @ORG_NAMING_ATTR@ with the organization naming attribute. For example: o

     • @ADMIN_PWD@ with the passwords for dsameuser and puser (an occurrence for each user)

     • @AMLDAPUSERPASSWD@ with the password for amldapuser

     • @SERVER_HOST@ with the fully qualified host name. For example: host.example.com

     • @ORG_OBJECT_CLASS@ with the organization object class. For example: sunmanagedisorganization

     • @People_NM_ORG_ROOT_SUFFIX@ with the administrator for the people container (that is, the role that will manage the people container). For example: opensso_dc=java_dc=net

   • zip-root/opensso/ldif/index.ldif

     • @ORG_NAMING_ATTR@ with the organization naming attribute. For example: o

     • @DB_NAME@ with the backend DB name. For example: openssso

2. Load the following LDIF files, in the order shown:

   • zip-root/opensso/ldif/sunone_schema2.ldif

   • zip-root/opensso/ldif/ds_remote_schema.ldif

   • config_dir/template/ldif/install.ldif

   • zip-root/opensso/ldif/index.ldif

   • zip-root/opensso/ldif/plugin.ldif

   • zip-root/opensso/ldif/fam_sds_schema.ldif

   To load these LDIF files, use the Directory Server Console, Directory Service Command Center (DSCC), or a command-line utility such as ldapmodify.