Log in to the ds1.idp-example.com host machine as a root user.
Create an LDIF file with the following information and save it as /tmp/saml.ldif.
This file includes SAML v2 LDAP attributes.
dn: CN=schema changetype:modify add:attributeTypes attributeTypes: ( 1.3.6.1.4.1.42.2.27.9.1.500 NAME 'sun-fm-saml2-nameid-infokey' DESC 'SAML 2.0 Name Identifier Information Key' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Sun Java System Access Management' ) attributeTypes: ( 1.3.6.1.4.1.42.2.27.9.1.501 NAME 'sun-fm-saml2-nameid-info' DESC 'SAML 2.0 Name Identifier Information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Sun Java System Access Management' ) - add:objectClasses objectClasses: ( 1.3.6.1.4.1.42.2.27.9.2.200 NAME 'sunFMSAML2NameIdentifier' DESC 'SAML 2.0 name identifier objectclass' SUP top AUXILIARY MAY ( sun-fm-saml2-nameid-infokey $ sun-fm-saml2-nameid-info ) X-ORIGIN 'Sun Java System Access Management' ) |
Run ldapmodify on the ds1.idp-example.com host machine using /tmp/saml.ldif as input.
# cd /var/opt/mps/serverroot/dsrk6/bin # ldapmodify -a -h ds1.idp-example.com -p 1489 -D "cn=Directory Manager" -w dsmanager -f /tmp/saml.ldif modifying entry CN=schema |
Log out of the ds1.idp-example.com host machine.