Sun Java Enterprise System 2005Q4 Installation Reference

Access Manager: Administration Information

The installer needs the following information if you are installing Access Manager Administration Console.

Table 1–3 Administration Information for Access Manager

Label and State File Parameter 


Administrator User ID 


Access Manager top-level administrator. This user has unlimited access to all entries managed by Access Manager. 

The default name, amadmin, cannot be changed. This ensures that the Access Manager administrator role and its privileges are created and mapped properly in Directory Server, allowing you to log onto Access Manager immediately after installation.

Administrator Password 


Password of the amadmin user. The value must have at least eight characters.

The default value is the Administrator Password (CMN_ADMIN_PASSWORD ) you provided under Common Server Settings. Refer to Common Server Settings.



Bind DN user for LDAP, Membership, and Policy services. This user has read and search access to all Directory Server entries. 

The default user name, amldapuser, cannot be changed.

LDAP Password 


Password of the amldapuser user. This password must be different from the password of the amadmin user. It can be any valid Directory Service password.

Password Encryption Key 


A string that Access Manager uses to encrypt user passwords. 

Note: For security purposes, it is recommended that the password encryption key be 12 characters or longer. 

The interactive installer generates a default password encryption key. You can accept the default value or specify any key produced by a J2EE random number generator. During Access Manager installation, its property file is updated and the property am.encryption.pwd is set to this value. The property file is . Location is:

Solaris OS: /etc/opt/SUNWam/config

Linux: /etc/opt/sun/identity/config

All Access Manager subcomponents must use the same encryption key that the Identity Management and Policy Services Core uses. If you are distributing Access Manager subcomponents across hosts and installing Administration Console or Common Domain Services for Federation Management, copy the value for am.encryption.pwd as generated by the installation of the core, and paste the value into this field.

In a state file, the default is LOCK. Any character combination is permitted.

Install type 


Indicates the level of interoperability with other components. Choice of Realm mode (version 7.x style) or Legacy mode (version 6.x style). You must use Legacy mode if you are installing Access Manager with Portal Server, Messaging Server, Calendar Server, Delegated Administrator, or Instant Messaging. 

Accepted values for AM_REALM are Enabled (for Realm 7.x mode) and Disabled (for Legacy 6.x mode).

The default value for Legacy mode is Disabled.