6.5 Reconfiguring Access Manager to Communicate with Directory Server

After Access Manager is deployed, any agent profiles and users created are stored in a flat file, by default. In To Configure Access Manager 1 and To Configure Access Manager 2, we used a Directory Server instance previously created that we can now use to store these agent profiles and users for the root realm. In this procedure, we reconfigure the Access Manager root realm to communicate with this configuration directory instance, am-config, allowing the agent profiles to authenticate successfully through the load balancer against either Access Manager server.

In an environment with more than one Access Manager server configured behind a load balancer, this procedure is required to use a centralized data store rather than the default flat file.

To Reconfigure an Access Manager Realm to Retrieve Data from the Directory Server Configuration Data Instance

1. Log in to the Access Manager console as the administrator.

   User Name:

   amadmin

   Password:

   4m4dmin1

2. Under the Access Control tab, click example, the top-level Realm Name.

3. Click the Data Stores tab to configure the Directory Server installation as the Access Manager Repository.

   1. Click New.

   2. Type amConfigDS in the Name field.

   3. Select the Access Manager Repository radio button and click Next.

      This selection points to the Directory Server chosen during Access Manager configuration.

   4. Keep the default values and click Finish.

4. Under the Data Stores tab, select the default Flat Files Repository and click Delete.

5. Click Back to Realms.

6. Log out of the Access Manager console.