In this scenario, you have installed and configured Access Manager and you want to change the user naming attribute. You must modify the ums.xml file and then reload the DAI service using the amadmin utility.
In the ums.xml file (used for the DAI service), add the attribute to the list in the CreationTemplate for the BasicUser. For example, to use the mail attribute:
<SubConfiguration name="CreationTemplates" > <SubConfiguration name="BasicUser" id="CreationUmsObjects"> <AttributeValuePair> <Attribute name="name" /> <Value>BasicUser</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="javaclass" /> <Value>com.iplanet.ums.User</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="required" /> <Value>objectClass=top</Value> <Value>objectClass=person</Value> <Value>objectClass=organizationalPerson</Value> <Value>objectClass=inetOrgPerson</Value> <Value>objectClass=iPlanetPreferences</Value> <Value>objectClass=iplanet-am-user-service</Value> <Value>objectClass=inetuser</Value> <Value>objectClass=inetAdmin</Value> <Value>objectClass=iplanet-am-managed-person</Value> <Value>objectClass=sunAMAuthAccountLockout</Value> <Value>cn=default</Value> <Value>sn=default</Value> <Value>uid</Value> <Value>inetuserstatus=Active</Value> <Value>mail</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="optional" /> <Value>*</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="namingattribute" /> <Value>uid</Value> </AttributeValuePair> </SubConfiguration>
Delete the DAI service using the amadmin command. For example, on Solaris systems:
# # cd /opt/SUNWam/bin # ./amadmin -u amadmin -w amadminpassword -r DAI
Reload the DAI service, again using the amadmin command. For example:
# ./amadmin -u amadmin -w amadminpassword -s /etc/opt/SUNWam/config/xml/ums.xml
Restart the Access Manager web container.