Sun OpenSSO Enterprise Policy Agent 3.0 Guide for Microsoft Internet Information Services (IIS) 6.0

Creating an Agent Administrator (Optional)

Creating an agent administrator is optional. An agent administrator can manage agents in OpenSSO Enterprise, using either the OpenSSO Enterprise Console or by executing the ssoadm utility.

ProcedureTo Create an Agent Administrator in the OpenSSO Console

  1. Login to OpenSSO Enterprise Console as amadmin.

  2. Create a new agents administrator group:

    1. Click Access Control, realm-name, Subjects, and then Group.

    2. Click New.

    3. In ID, enter the name of the group. For example: AgentAdministrators

    4. Click OK.

  3. Create a new agent administrator user and add the agent administrator user to the agents administrator group:

    1. Click Access Control, realm-name, Subjects, and then User.

    2. Click New and provide the following values:

      • ID: Name of the agent administrator. For example: AgentAdmin

        This is the name you will use to login to the OpenSSO Enterprise Console .

      • First Name (optional), Last Name, and Full Name.

        For simplicity, use the same name for each of these values that you specified in the previous step for ID.

      • Password (and confirmation)

      • User Status: Active

    3. Click OK.

    4. Click the new agent administrator name.

    5. On the Edit User page, click Group.

    6. Add the agents administrator group from Available to Selected.

    7. Click Save.

  4. Assign read and write access to the agents administrator group:

    1. Click Access Control, realm-name, Privileges and then on the new agents administrator group link.

    2. Check Read and write access to all configured Agents.

    3. Click Save.

Next Steps

Login into the OpenSSO Enterprise Console as the new agent administrator. The only available top-level tab is Access Control. Under realm-name, you will see only the Agents tab and sub tabs.