To Load SAMLv2 Users Schema into the Directory
Servers
The Federation Manager LDIF files are located in the following directory:
/opt/SUNWam/saml2/ldif
The file ./saml2_sds_schema.ldif is for use with Sun Directory Server. The file saml2_ad_schema.ldif is for use with Microsoft Active Directory.
-
Load the Federation Manager schema into the Directory Servers.
# cd /opt/SUNWam/saml2/ldif # ldapmodify -D "cn=Directory Manager" -w 11111111 -h LoadBalancer-8.siroe.com -p 1389 -f saml2_sds_schema.ldif
The ldapmodify utility loads the object classes and user attributes required for Federation Manager users into the Directory Server schema.
-
On each of the Directory Server hosts, you can watch the error logs for LDIF errors.
# cd /var/opt/mps/serverroot/slapd-fm-users/logs # tail -f errors
-
Create the amadmin suffix in the Directory Server.
-
Create a file named amadminusers.ldif with the following entries:
dn: ou=People,o=siroeusers.com changetype: add objectClass: top objectClass: organizationalunit dn: uid=amAdmin,ou=People,o=siroeusers.com changetype: add objectclass: inetuser objectclass: inetorgperson objectclass: organizationalperson objectclass: person objectclass: top objectClass: iPlanetPreferences objectclass: inetAdmin inetuserstatus: Active cn: amAdmin sn: amAdmin userPassword: 11111111 dn:o=siroeusers.com changetype:modify add:aci aci: (target="ldap:///*ou=People,o=siroeusers.com") (targetattr = "*") (version 3.0; acl "S1IS Top-level Admin Role access allow"; allow (all) userdn = "ldap:///uid=amAdmin,ou=People, o=siroeusers.com";)This LDIF creates a People container and the suffix o=siroeusers.com.
-
Use the ldapmodify utility to load amadminusers.ldif into the Directory Servers.
# ldapmodify -D "cn=Directory Manager" -w 11111111 -h LoadBalancer-8.siroe.com -p 1389 -f amadminusers.ldif
-
- © 2010, Oracle Corporation and/or its affiliates