This section describes the Access Manager configuration variables.
Table 2–2 Access Manager Configuration Variables
Variable |
Description |
---|---|
AM_REALM |
Indicates the Access Manager mode:
You will be directed to Access Manager mode, depending on the deployment descriptor you use:
Default: enabled Caution – Access Manager Realm Mode is enabled by default. If you are deploying Access Manager with Messaging Server, Calendar Server, Delegated Administrator, or Instant Messaging, you must select Legacy Mode (AM_REALM=disabled) before you run the amconfig script. |
BASEDIR |
Base installation directory for Access Manager packages. Default: PLATFORM_DEFAULT On Solaris systems, PLATFORM_DEFAULT is /opt On Linux systems, PLATFORM_DEFAULT is /opt/sun On HP—UX systems, PLATFORM_DEFAULT is /opt/sun On Windows systems, the base installation directory is the Java ES installation directory. The default value is C:\Program Files\Sun\JavaES5. |
SERVER_NAME |
Name of local host where the Access Manager server (/amserver) has been or will be deployed. |
SERVER_HOST |
Fully qualified host name of the system where Access Manager is running (or will be installed). For a remote SDK installation, set this variable to the host where Access Manager is (or will be) installed and not the remote client host. This variable should match the counterpart variable in the web container configuration. For example, for Application Server 8, this variable should match AS81_HOST. |
SERVER_PORT |
Access Manager port number. Default: 58080 For a remote SDK installation, set this variable to the port on the host where Access Manager is (or will be) installed and not the remote client host. This variable should match the counterpart variable in the web container configuration. For example, for Application Server 8, this variable should match AS81_PORT. |
ADMIN_PORT |
Port on which the administration instance will listen for connections. Default values are:
|
SERVER_PROTOCOL |
Server protocol: http or https. Default: http For a remote SDK installation, set this variable to the protocol on the host where Access Manager is (or will be) installed and not the remote client host. This variable should match the counterpart variable in the web container configuration. For example, for Application Server 8, this variable should match AS81_PROTOCOL. |
CONSOLE_HOST |
Fully qualified host name of the server where the console is installed. Default: Value provided for the Access Manager host |
CONSOLE_PORT |
Port of the web container where the console is installed and listens for connections. Default: Value provided for the Access Manager port |
CONSOLE_PROTOCOL |
Protocol of the web container where the console is installed. Default: Same as the server protocol |
CONSOLE_REMOTE |
Set to true if the console is remote from the Access Manager services. Otherwise, set to false. Default: false |
DS_HOST |
Fully qualified host name of Directory Server. |
DS_PORT |
Directory Server port. Default: 389. |
DS_DIRMGRDN |
Directory manager DN: the user who has unrestricted access to Directory Server. Default: "cn=Directory Manager" |
DS_DIRMGRPASSWD |
Password for the directory manager See the note about special characters in the description of Access Manager Configuration Variables. |
ROOT_SUFFIX |
Initial or root suffix of the directory user management node. You must make sure that this value exists in the Directory Server you are using. See the note about special characters in the description of Access Manager Configuration Variables. |
SM_CONFIG_BASEDN |
Initial or root suffix of the Access Manager information tree (service management node). By default, the value of SM_CONFIG_BASEDN is the same as the ROOT_SUFFIX variable. On Windows system, set to blank if the value is same as the ROOT_SUFFIX variable. |
ADMINPASSWD ADMIN_PASSWORD (Windows systems only) |
Password for the Access Manager administrator (amadmin). Must be different from the password for amldapuser. Note: If the password contains special characters such as a slash (/) or backslash (\\), the special character must be enclosed by single quotes (”). For example: ADMINPASSWD=’\\\\\\\\\\####///’ However, the password cannot have a single quote as one of the actual password characters. |
AMLDAPUSERPASSWD |
Password for amldapuser. Must be different from the password for amadmin. See the note about special characters in the description of Access Manager Configuration Variables. |
CONSOLE_DEPLOY_URI |
URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Administration Console subcomponent. Default: /amconsole |
SERVER_DEPLOY_URI |
URI prefix for accessing the HTML pages, classes, and JAR files associated with the Identity Management and Policy Services Core subcomponent. Default: /amserver |
PASSWORD_DEPLOY_URI |
URI that determines the mapping that the web container running Access Manager will use between a string you specify and a corresponding deployed application. Default: /ampassword |
COMMON_DEPLOY_URI |
URI prefix for accessing the common domain services on the web container. Default: /amcommon |
DISTAUTH_DEPLOY_URI |
URI prefix for accessing content associated with the Distributed Authentication web application. |
CLIENT_DEPLOY_URI |
URI prefix for accessing content associated with the Client SDK. |
COOKIE_DOMAIN |
Names of the trusted DNS domains that Access Manager returns to a browser when it grants a session ID to a user. At least one value should be present. In general, the format is the server’s domain name preceded with a period. Example: .example.com |
JAVA_HOME |
Path to the JDK installation directory. Default: /usr/jdk/entsys-j2se. This variable provides the JDK used by the command line interface’s (such as amadmin) executables. The version must be 1.4.2 or later. |
AM_ENC_PWD |
Password encryption key: String that Access Manager uses to encrypt user passwords. Default: none. When the value is set to none, amconfig will generate a password encryption key for the user, so a password encryption will exist for the installation that is either specified by the user or created through amconfig. Important: If you are deploying multiple instances of Access Manager or the remote SDK, all instances must use the same password encryption key. When you deploy an additional instance, copy the value from the am.encryption.pwd property in the AMConfig.properties file of the first instance. |
PLATFORM_LOCALE |
Locale of the platform. Default: en_US (US English) |
NEW_OWNER |
New owner for the Access Manager files after installation. Default: root |
NEW_GROUP |
New group for the Access Manager files after installation. Default: other For a Linux installation, set NEW_GROUP to root. |
PAM_SERVICE_NAME |
Name of the PAM service from the PAM configuration or stack that comes with the operating system and is used for the Unix authentication module (normally other for Solaris or password for Linux). Default: other. |
XML_ENCODING |
XML encoding. Default: ISO-8859-1 |
NEW_INSTANCE |
Specifies whether the configuration script should deploy Access Manager to a new user-created web container instance:
|
SSL_PASSWORD |
Is not used in this release. |