Access Manager Postinstallation Configuration
Whenever you use the installer to configure Access Manager on Web Server, you will need to perform the following steps:
-
Start the Web Server administration instance.
-
Start the Web Server instance.
-
Select the Web Server instance on which Access Manager was installed.
-
Click Manage.
Note –
For all Access Manager installations, the web container needs to be restarted. If a full installation is being performed on Web Server or Application Server, the installer will stop the web container instance so only the instance needed to be started. For instructions on restarting Access Manager, see Starting and Stopping Access Manager.
Access Manager configuration is described in the following sections:
-
Configuring Access Manager After a Configure Now Installation
-
Configuring Access Manager After a Configure Later Installation
Configuring Access Manager After a Configure Now Installation
Although you can start Access Manager and log into the Access Manager console immediately after running the installer, you cannot perform basic user management operations until you complete some final configuration steps. These steps differ depending on whether or not Access Manager is using a Directory Server instance that is already provisioned with user data.
The next sections explain what to do in the following cases:
When Directory Server Is Provisioned With User Data
Refer to Sun Java System Access Manager 7.1 Postinstallation Guide for a description of the final configuration steps.
When Directory Server Is Not Yet Provisioned With User Data
When Directory Server is not yet provisioned with user data, perform the steps in the following sections:
Caution – Before performing the tasks in this section, Directory Server must be configured and running. To verify that Directory Server, is running, refer to Starting and Stopping Directory Server.
Enabling the Directory Server Referential Integrity Plug-in
When the Directory Server referential integrity plug-in is enabled, it performs integrity updates on specified attributes immediately after a delete or rename operation. This ensures that relationships between related entries are maintained throughout the database. If the Referential Integrity Plug-in is not already enabled, perform the following procedure.
To Enable the Referential Integrity Plug-in
-
In Directory Server console, click Configuration.
-
In the navigation tree, double-click Plug-ins to expand the list of Plug-ins.
-
In the Plug-ins list, click Referential integrity postoperation.
-
In the properties area, check the Enable plug-in box.
-
Click Save.
-
Restart Directory Server to enable the plug-in.
Adding Access Manager Indexes to Directory Server
Directory Server indexes improve the performance of searches of Directory Server data. The following table lists the recommended attributes that you should consider indexing for Access Manager (if they are not already indexed).
Table 6–2 Suggested Access Manager Indexes for Directory Server|
Attribute |
Index Type |
|
nsroledn |
Equality, Presence, and Substring |
|
memberof |
Equality and Presence |
|
iplanet-am-static-group-dn |
Equality |
|
iplanet-am-modifiable-by |
Equality |
|
iplanet-am-user-federation-info-key |
Equality |
|
sunxmlkeyvalue |
Equality and Substring |
|
o |
Equality |
|
ou |
Equality, Presence, and Substring |
|
sunPreferredDomain |
Equality, Presence, and Substring |
|
associatedDomain |
Equality, Presence, and Substring |
|
sunOrganizationAlias |
Equality, Presence, and Substring |
Add indexes using either the Directory Server Console or the ldapmodify command-line utility. Use ldapmodify to load the Access Manager index.ldif file, which is available in the following directory:
-
Solaris OS: /etc/opt/SUNWam/config/ldif
-
Linux: /etc/opt/sun/identity/config/ldif
For more information about both the Console and ldapmodify, see Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide.
Configuring Access Manager After a Configure Later Installation
After a Configure Later installation, the packages are installed and you are ready to configure Access Manager using the Access Manager configuration script, AccessManager-base/bin/amconfig. Instructions for using this program are contained in the Sun Java System Access Manager 7.1 Postinstallation Guide.
For instructions on configuring Access Manager for a third-party web container on Solaris OS (BEA WebLogic or IBM WebSphere Application Server), refer to Sun Java System Access Manager 7.1 Postinstallation Guide.
Note –
For all Access Manager installations, the web container needs to be restarted. If a full installation is being performed on Web Server or Application Server, the installer will stop the web container instance so it need only be started. For instructions on restarting Access Manager, see Starting and Stopping Access Manager.
- © 2010, Oracle Corporation and/or its affiliates