Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Portal Server 6 2004Q2 Migration Guide 

Appendix E  
Extended Sun ONE Portal Server 3.0 Component Migration

Note

All instances of the Sun™ ONE Portal Server 3.0 product refer to what were formerly known as the iPlanet™ Portal Server 3.0, Service Pack 3a, iPlanet™ Portal Server 3.0, Service Pack 4 products, and iPlanet™ Portal Server 3.0, Service Pack 5 products.

This appendix describes the steps you need to take when migrating an extended Sun ONE Portal Server 3.0 component to a Sun™ ONE Portal Server 6.2 service.

This appendix contains the following sections:

Options For Making Manual Changes After Migration

The Sun ONE Portal Server 3.0 Migration Tool Suite retains the mapping between iwtUser and the amUser service. If, for example, you have extended iwtUser and attributes have been added, the migration tools do not migrate those attributes. After migration, you need to make manual changes using one of the two following options:

Option 1

  1. Corresponding to the iwtUser extensions that you have made, add entries to the BaseDir/SUNWam/config/xml/<amUser.xml file. These changes should be in accordance with the BaseDir/SUNWam/dtd/sms.dtd file. For more details, see the Sun ONE Identity Server Programmer’s Guide.
  2. Using the amadmin utility, in BaseDir/SUNWam/bin, delete the existing user Service. For example:

    3. ./amadmin -u “uid=amadmin,ou=People,o=defaultorg,o=rootsuffix|dc=defaultorg,
    dc=    rootsuffix” -w password --deleteService iPlanetAMUserService

  3. Load the new, modified user service. For example:

    4. ./amadmin -u “uid=amadmin,ou=People,o=defaultorg,o=rootsuffix|dc=defaultorg,
    dc=    rootsuffix” -w password --schema amUser.xml

  4. Write a script that converts user attributes corresponding to the attributes added in the previous steps to the equivalent attributes in the Sun ONE Portal Server 6.2 service. The script should generate an LDIF file.
  5. Use ldapmodify in BaseDir/SUNWam/bin to load the generated LDIF file to the directory server. For example:

    6. ./ldapmodify -D “cn=Directory Manager” -w password -f convertedfile

This will ensure that all the extended attributes are now available in Sun ONE Portal Server 6.2.

Option 2

  1. Corresponding to the iwtUser extensions that you have made, create a new amUser1.xml file. These changes should be in accordance with the BaseDir/SUNWam/dtd/sms.dtd file. For more details, see theSun ONE Identity Server Programmer’s Guide.
  2. Load the new, modified user service. For example:

    3. ./amadmin -u “uid=amadmin,ou=People,o=defaultorg,o=rootsuffix|dc=defaultorg,
    dc=    rootsuffix” -w password --schema amUser1.xml

  3. Write a script that converts user attributes corresponding to the attributes added in the previous steps to the equivalent attributes in the Sun ONE Portal Server 6.2 service.
  4. Use ldapmodify in BaseDir/SUNWam/bin to load the generated file to the directory server. For example:

    5. ./ldapmodify -D “cn=Directory Manager” -w password -f convertedfile

Code Example E-1 provides a sample script.

Code Example E-1  Sample Script to Convert Attributes 

#!/usr/bin/perl

open(USERFILE,”/tmp/user.ldif”) || die “$!: Cannot open it”;

@attrsToAdd=(“test-attr-one-at”,”test-attr-to-add-at”);  

#while(<USERFILE>){

while (@block=getBlock(\*USERFILE)){

  $_=shift(@block);

  #print “\n”;

      foreach $attr(@attrsToAdd){    

    $j=0;

    foreach $block_line(@block){

      $position = index($block_line,$attr);

      if($position >= 0){

        @splitAttr=split(/:/,$block_line);

        $reqAttr[$j]=$splitAttr[1];

        $j++;  

      }

    }  

    if($j > 0){

      print “\n”;  

      print $_;

      print “\nchangetype:modify”;

      print “\nadd:”;

      print $attr;$k=0;

            while($k < $j){

        print “\n$attr:$reqAttr[$k]”;

        $k++;

      }

      print “\n”;  

    }

  }

}

#}

close USERFILE;

sub getBlock {

  my ($fhref) = @_;

  local ($curLine, $inBlock);

  $inBlock=0;

  while (!eof($fhref)){

    $_=getLine($fhref);

# Not sure if I want to ignore this one yet

#    if ($curLine =~ /0---iwt-Profile-Reversed---0/) {next;}

# Check for new block

    if (/^dn: cn=(.+?),/) {

      $user=$1;

# Reset user attribute array

      @blockInfo=($_);

      $inBlock=1;

      next;

    }

# Check for end of Block

    if (/^$/){

      if ($inBlock ==1){

        return @blockInfo;

      } else {

        next;

      }

    }

# Regular data, push it on

    push @blockInfo,$_;

  }

  if ($inBlock==1){

    # Add last line

    if ($_=getLine($fhref)){

      push @blockInfo,$_;

    }

    return @blockInfo;

  } else {

    return ();

  }

}

sub getLine {

  my ($fhref) = @_;

  while(<$fhref>) {

    chop;

    if (/^ (.+)/){

      $lastLine.=$1;

#      print “Line is now:\n$lastLine\n”;

    } else {

      $thisLine=$lastLine;

      $lastLine=$_;

      return $thisLine;

    }

  }

# Take care of that last line

  if ($lastLine) {

    $thisLine=$lastLine;

    $lastLine=””;

    return $thisLine;

  }

  return $lastLine;

}

  

Example of Adding Custom Sun ONE Identity Server Attributes for Sun ONE Portal Server 6.2

This example shows the steps necessary for adding timezone and department attributes to Sun ONE Identity Server for use with Sun ONE Portal Server 6.2. You must first use the admin console to add iplanetamuserservice as a required service for all users. This permits custom attributes to be populated properly from the Sun ONE Identity Server SDK.

  1. In the admin console, from the top level (o=isp), select service management and for service name Sun ONE Identity Server Configuration, select the icon next to Administration.
  2. Scroll down the list of settings to Required Services and add iplanetamuserservice.
  3. Click Save.
  4. Restart Sun ONE Identity Server. For example:

    5. BaseDir/SUNWam/bin/amserver start

  5. Add custom LDAP object class and attributes by adding the following to the /usr/ldap/slapd-host/config/schema/99user.ldif file using ldapmodify:

    6. objectclasses: (examplePerson-oid NAME ‘examplePerson’ DESC ‘example Person Extensions’ SUP top AUXILIARY MAY (example-am-user-timezone $ example-am-user-deptno) )

    attributetypes: ( example-am-user-timezone-oid NAME ‘example-am-user-timezone’ DESC ‘example User Timezone and Region’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN (‘user defined’) )

    attributetypes: ( example-am-user-deptno-oid NAME ‘example-am-user-deptno’ DESC ‘example User Department Number’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN (‘user defined’) )

    Note that the OID 1.3.6.1.4.1.1466.115.121.1.15 represents an LDAP string type.

  6. Make of copy of the BaseDir/SUNWam/config/xml/amUser.xml file. If you want to add entries to the amUser.xml file, backup the original first.
  7. Corresponding to the iwtUser extensions that you have made, add entries to the copy of the BaseDir/SUNWam/config/xml/amUser.xml file. These changes should be in accordance with the BaseDir/SUNWam/dtd/sms.dtd file. For more details, see the Sun ONE Identity Server Programmer’s Guide.
  8. Add the following to the schema global description to refer to custom LDAP objectclass:

    9. <Schema

      serviceHierarchy=”/DSAMEConfig/iPlanetAMUserService”

      i18nFileName=”amUser”

      i18nKey=”iplanet-am-user-service-description”>

      <Global>

        <AttributeSchema name=”serviceObjectClasses”

          type=”list”

          syntax=”string”

          i18nKey=””>

          <DefaultValues>

            <Value>iplanet-am-user-service</Value>

            <Value>examplePerson</Value>

          </DefaultValues>

        </AttributeSchema>

      </Global>

  9. Add the following new custom attributes:

    10. <AttributeSchema name=”example-am-user-timezone”

     type=”single”

     syntax=”string”

     any=”display|optional|filter”

     i18nKey=”u121”>

    </AttributeSchema>

    <AttributeSchema name=”example-am-user-deptno”

     type=”single”

     syntax=”string”

     any=”display|optional|filter”

     i18nKey=”u122”>

    </AttributeSchema>

  10. Using the amadmin utility, in BaseDir/SUNWam/bin, delete the existing user Service. For example:

    11. ./amadmin -u “uid=amadmin,ou=People,o=defaultorg,o=rootsuffix|dc=defaultorg,
    dc=    rootsuffix” -w password --deleteService iPlanetAMUserService

  11. Load the new, modified user service. For example:

    12. ./amadmin -u “uid=amadmin,ou=People,o=defaultorg,o=rootsuffix|dc=defaultorg,
    dc=    rootsuffix” -w password --schema amUser.xml

  12. Edit u121 and u122 strings in BaseDir/SUNWam/locale/amUser.properties.
  13. Restart Sun ONE Portal Server,Sun ONE Identity Server, and Sun ONE Directory Server.
  14. Shut down the LDAP server manually and start it again by issuing the following commands:

    15. BaseDir/SUNWam/bin/amserver stop

    /usr/ldap/slapd-host/stop-slapd

    BaseDir/SUNWam/bin/amserver start

    Note

    You must shutdown the LDAP server manually for the new 99user.dif schema extensions to take effect.



Previous      Contents      Index      Next     

Copyright 2004 Sun Microsystems, Inc. All rights reserved.