Access Manager Provisioning Tools

Access Manager Console

The Access Manager Console is the simplest tool to use to provision individual users for portal services.

To Provision a Single Portal Service User

The following procedure provisions a Developer Sample user, dsuser1, using the Access Manager Console.

1. Log in to the Access Manager Console if you are not already logged in.

   1. Start a browser.

   2. Go to the Access Manager Console login page using the load balancer URL:

      http://am.pstest.com/amconsole

      The Access Manager Console login page opens.

   3. Log in to the Access Manager Console by typing the following values and clicking Login..

      Input Field	Value
      User ID	amadmin
      Password	access-manager-admin-password

      The Access Manager Console opens.

2. Click on the DeveloperSample link.

   The link is found in the left pane under Organizations.

   The DeveloperSample organization opens in the right pane.

3. View DelveloperSample users.

   Select Users in the View pull-down menu in the left pane.

4. Define a new user.

   1. Click New

      The New User wizard opens in the right pane.

   2. Enter the user name and password.

   3. Select the services desired.

      For example, if you select portal1Desktop, the new user will be able to log in and view the portal desktop.

      d. Click Finish.

      The New User wizard closes and the new user entry is saved.

amadmin Command

The amadmin command is the best tool to use to provision large numbers of users for portal services. Using this command-line option, you can write a script or create an input file that provisions any number of users.

To Provision Multiple Portal Service Users

The following procedure provisions a Developer Sample user, dsuser1, using an XML input file to first create a user entry and then another input file to specify portal services for the user entry. Multiple users can be created by using this same procedure.

1. Create a new user entry for dsuser1.

   1. Create an XML file that specifies the basic user attributes.

      An example CreateUserRequest.xml file follows:

      <?xml version="1.0" encoding="ISO-8859-1"?>
      <!--
          Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved
          Use is subject to license terms.
      -->
       <!DOCTYPE Requests
          PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
                 "jar://com/iplanet/am/admin/cli/amAdmin.dtd"
      >
       
      <!--  CREATE REQUESTS -->
      <Requests>
      <PeopleContainerRequests DN="ou=People,o=DeveloperSample,dc=pstest,dc=com">
           <CreateUser createDN="dsuser1">
                 <AttributeValuePair>
                    <Attribute name="cn"/>
                    <Value>dsuser1</Value>
                 </AttributeValuePair>
                 <AttributeValuePair>
                    <Attribute name="sn"/>
                    <Value>dsuser1</Value>
                 </AttributeValuePair>
                 <AttributeValuePair>
                    <Attribute name="userPassword"/>
                    <Value>dsuser1</Value>
                 </AttributeValuePair>
           </CreateUser>
      </PeopleContainerRequests>
      </Requests>

   2. Run the amadmin command with CreateUserRequest.xml as an input file.

      # /opt/SUNWam/bin/amadmin -u amadmin -w password -t CreateUserRequest.xml

      The output should resemble the following:

      PeopleContainer: ou=People,o=DeveloperSample,dc=pstest,dc=com Create Users: uid=dsuser1,ou=People,o=DeveloperSample,dc=pstest,dc=com Success 0: Successfully completed.

2. Add portal services to the dsuser1 entry.

   1. Create an XML file that specifies the portal services to add.

      An example AddUserServeice.xml file follows:

      <?xml version="1.0" encoding="ISO-8859-1"?>
      <!--
          Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved
          Use is subject to license terms.
      -->
      <!DOCTYPE Requests
          PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
                 "jar://com/iplanet/am/admin/cli/amAdmin.dtd"
      >
        
      <!--  USER REQUESTS -->
      <Requests>
         <UserRequests DN="uid=dsuser1,ou=People,o=DeveloperSample,dc=pstest,dc=com">
             <RegisterServices>
                 <Service_Name>sunportalnetletservice </Service_Name>
                 <Service_Name>sunportalproxyletservice </Service_Name>
                 <Service_Name>sunportalgatewayaccessservice </Service_Name>
                 <Service_Name>sunportalportal1desktopservice </Service_Name>
                 <Service_Name>iplanet-am-auth-configuration-service </Service_Name>
             </RegisterServices>
         </UserRequests>
      </Requests>

      This input file adds the following portal services:

      • Proxylet

      • Access List

      • portal Desktop

      • Authentication Configuration

      • Netlet

   2. Run the amadmin command with AddeUserServices.xml as an input file.

      # /opt/SUNWam/bin/amadmin -u amadmin -w password -t AddUserServices.xml

      The output should resemble the following:

      User: uid=dsuser1,ou=People,o=DeveloperSample,dc=pstest,dc=com Registered services: sunportalproxyletservice ... sunportalnetletservice Success 0: Successfully completed.