Parameters Defining the Provider and Subordinate Organization (Sun Java System Delegated Administrator 6.4 Administration Guide)

Sun Java System Delegated Administrator 6.4 Administration Guide

Parameters Defining the Provider and Subordinate Organization

To create a provider organization and subordinate organization, edit the following parameters:

ugldapbasedn

Root suffix of user/group data in your directory.

Examples:

o=usergroup

dc=red,dc=iplanet,dc=com
maildomain_dn

Complete DN of the mail domain underneath which the provider organization will be created.

Examples:

o=siroe.com, o=usergroup
o=sesta.com,o=SharedDomainsRoot,o=Business,dc=red, \ dc=iplanet,dc=com
maildomain_dn_str

The mail domain DN with all commas (,) replaced by underscores (_).

For example, if the mail domain DN is
o=siroe.com,o=SharedDomainsRoot,o=Business,dc=red, \ dc=iplanet,dc=com
The mail domain DN string will be
o=siroe.com_o=SharedDomainsRoot_o=Business_dc=red_ \ dc=iplanet_dc=com
providerorg

Name of the provider organization. The directory node where the provider organization resides will be given this name.

This parameter is used multiple times in the da.provider.skeleton.ldif template.

Examples:

sunProviderOrgDN: o=MyProviderOrg,o=siroe.com,o=usergroup

o=MyProviderOrg

sunBusinessOrgBase: o=MyProviderOrgdomainsroot, o=usergroup
servicepackage

Name of a service package that can be assigned to users in the organizations subordinate to the provider organization. This is a multivalued parameter.

In the “Provider Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:

sunIncludeServices: <servicepackage>

For each service package you want to include in the provider organization, add one instance of the sunIncludeServices attribute and servicepackage parameter. Only those service packages listed here can be assigned to users in subordinate organizations.

Example:
sunIncludeServices: gold sunIncludeServices: platinum sunIncludeServices: ruby sunIncludeServices: silver
If you do not use the sunIncludeServices attribute (if you delete the line containing the servicepackage parameter), all service packages in the directory can be assigned.
domain_name

Domain name that can be assigned to subordinate organizations in the provider organization. This is a multivalued parameter.

In the “Provider Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:

sunAssignableDomains: <domain_name>

The domain names in the sunAssignableDomains attribute are a subset (some or all) of the names listed in the mail domain organization’s sunPreferredDomain and associatedDomain attributes. (The mail domain is the organization under which this provider organization is created.)

For each domain name you want to include in the provider organization, add one instance of the sunAssignableDomains attribute and domain_name parameter. Only the domain names listed here can be assigned to subordinate organizations.

Example:
sunAssignableDomains: siroe.com sunAssignableDomains: siroe.net sunAssignableDomains: varrius.com sunAssignableDomains: sesta.com sunAssignableDomains: sesta.net
provider_sub_org

Name of the shared organization in which the SPA user resides. When you install the edited ldif information in the directory, this organization is created as shared and subordinate to the provider organization. It is designated as the organization that contains the SPA user. Other users who are assigned the SPA role for this provider organization must reside in this subordinate shared organization.

In the “Provider Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:
sunProviderOrgDN: o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
The sunProviderOrgDN attribute identifies the organization designated for provider organization users, particularly the SPA user.

Example:
sunProviderOrgDN: o=MySPAUserOrg,o=MyProviderOrg,o=siroe.com,o=usergroup
preferredmailhost

Machine name of the preferred mail host for the provider organization’s subordinate organization (in which the SPA user resides). You must use a fully qualified domain name (FQDN).

In the “Shared Subordinate Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:

preferredMailHost: <preferredmailhost>

Example:

preferredMailHost: mail.siroe.com
available_domain_name

Domain name that can be assigned to a user in a particular subordinate organization. This is a multivalued parameter.

The values for available_domain_name are a proper subset of the values given for the sunAssignableDomains: <domain_name> attribute and parameter. Whereas domain_name applies to the entire provider organization, available_domain_name applies to a single subordinate organization.

In the “Shared Subordinate Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:

sunAvailableDomainNames: <available_domain_name>

For each domain name you want this subordinate organization to inherit from the list of domain names in the provider organization’s sunAssignableDomains attribute, add one instance of the sunAvailableDomains attribute and available_domain_name parameter. Only the domain names listed here can be assigned to the subordinate organization.

Example:
sunAvailableDomainNames: siroe.com sunAvailableDomainNames: siroe.net sunAvailableDomainNames: varrius.com
available_services

Service package available to a particular subordinate organization. This is a multivalued parameter.

The service packages assigned to the subordinate organization are a subset of those assigned to the entire provider organization with the sunIncludeServices attribute.

In the “Shared Subordinate Organization” section of the da.provider.skeleton.ldif file, you will see the following attribute:

sunAvailableServices: <available_services>

The format of the available_services parameter is
service package name: count
where count is an integer. If count is absent, the default value is an unlimited number.

For each service package you want this subordinate organization to inherit from the service packages available in the provider organization’s sunIncludeServices attribute, add one instance of the sunAvailableServices attribute and available_services parameter.

Example:
sunAvailableServices: gold:1500 sunAvailableServices: platinum:2000 sunAvailableServices: silver:5000