Appendix A Installed Product Layout

This appendix describes the directory layout after you install Sun Java^TM System Access Manager 7 2005Q4 using the Sun Java^TM System Enterprise System (Java ES) installer.

The following table shows a summary of the Access Manager default directories after installation.

Summary of Access Manager Directories

Table A–1 Summary of Access Manager Directories

Description	Default Directory
Base Installation Directory  See Base Installation Directory.	Solaris systems: /opt/SUNWam Linux systems: /opt/sun/identity During installation, you can specify a different base installation directory for /opt or /opt/sun, if you prefer. However, do not change the /SUNWam or /identity product directory name.
Configuration Directory  See Configuration (/config) Directory.	Solaris systems: /etc/opt/SUNWam/config Linux systems: /etc/opt/sun/identity/config
Temporary Files Directory	Solaris systems: /var/opt/SUNWam/tmp Linux systems: /var/opt/sun/identity/tmp
Debug Files Directory	Solaris systems: /var/opt/SUNWam/debug Linux systems: /var/opt/sun/identity/debug
Log Files Directory	Solaris systems: /var/opt/SUNWam/logs Linux systems: /var/opt/sun/identity/logs

Base Installation Directory

The default base installation directory depends on the platform where you are installing Access Manager:

• Solaris systems: /opt

• Linux systems: /opt/sun

In the Access Manager documentation, the AccessManager-base variable represents the base installation directory.

Within the base installation directory, Access Manager packages, shared binary files, command-line tools, and other files are installed in the /SUNWam directory on Solaris systems and the /identity directory on Linux systems. Therefore, the default base and product directory also depend on the platform:

• Solaris systems: /opt/SUNWam

• Linux systems: /opt/sun/identity

---

Note –

During installation, you can specify a different base installation directory if you wish. However, do not change the /SUNWam or /identity product directory name.

---

The /SUNWam or /identity directory contains the following files and directories:

• Web application archive (WAR) files, such as amcommon.war, amconsole.war, ampassword.war , and amserver.war.

  For information about WAR files, see the Sun Java System Access Manager 7 2005Q4 Developer’s Guide.

  Subdirectories include:

  • /bin Directory

  • /docs Directory

  • /dtd Directory

  • /include Directory

  • /ldaplib Directory

  • /lib Directory

  • /locale Directory

  • /migration Directory

  • /public_html Directory

  • /samples Directory

  • /share Directory

  • /upgrade Directory

  • /web-src Directory

After installing Access Manager, check the package installation accuracy by using the pkgchk (1M) utility. For example:

pkgchk -l -p /opt/SUNWam

/bin Directory

The following table describes the command-line tools and utilities in the /bin directory. For information about running these tools and utilities, see the Sun Java System Access Manager 7 2005Q4 Administration Guide.

Table A–2 Access Manager Command-Line Tools and Utilities

Utility	Description
am2bak	Backs up the Access Manager components.
amadmin	Load XML service files into Directory Server and performs batch administrative tasks on the DIT.
amsfo, amsfoconfig, amsfopassword	Access Manager session failover scripts.
ampassword	Changes passwords for Access Manager administrator or users.
amsamplesilent	Sample silent install file for use with the installation and configuration scripts.
amconfig, amutils, amdsconfig, amsdkconfig, amsvcconfig, amas70config, amwas51config, amwl81config, amws61config	Installation and configuration scripts for installing, configuring, and uninstalling Access Manager instances. For information about these scripts, see the Sun Java System Access Manager 7 2005Q4 Administration Guide.
amserver	Start and stops the amunixd and amsecuridd daemons.
amtune	Sets operating system, Access Manager, web container, and Directory Server parameters to improve performance.
amverifyarchive	Verifies the log archives to detect possible tampering and/or deletion of any files in the archive.
bak2am	Restores Access Manager components backed up by the am2back utility.
ldapmodify	Edits the contents of an LDAP directory, either by adding new entries or by modifying existing ones.
ldapsearch	Issues search requests to an LDAP directory and displays the result as LDIF text.
amGenerateLDIF.pl and amGenerateNI.pl	Access Manager bulk federation scripts.
am2bak.template, amserver.template, amadmin.template, amverifyarchive.template, ampassword.template, and bak2am.template	Access Manager template files.

/docs Directory

The /docs directory contains the HTML. JAR, CSS, and related files used for the Java API reference (Javadocs).

/dtd Directory

The /dtd directory contains the Document Type Definition (DTD) files used by Access Manager. A DTD defines the structure for XML files accessed by Access Manager. For more information, see the Sun Java System Access Manager 7 2005Q4 Developer’s Guide.

The following table describes the Access Manager DTD files in the /dtd directory.

Table A–3 Access Manager DTD Files

File	Description
Auth_Module_Properties.dtd	Defines the structure for XML files used by the authentication modules to specify their properties.
amAdmin.dtd	Defines the structure for XML files used to perform batch LDAP operations on the directory tree using the amAdmin command-line tool.
amWebAgent.dtd	Defines the structure for XML files used to handle requests from, and send responses to, web agents. This file is deprecated and remains for purposes of backward compatibility.
policy.dtd	Defines the structure for XML files used to store policies in Directory Server.
remote-auth.dtd	Defines the structure for XML files used by the Authentication Service’s remote Authentication API.
server-config.dtd	Defines the structure for serverconfig.xml which details ID, host and port information for all server and user types.
sms.dtd	Defines the structure for XML service files.
web-app_2_2.dtd	Defines the structure for XML files used by the Access Manager deployment container to deploy J2EE applications.

/include Directory

The /include directory contains header (.h) files.

/ldaplib Directory

The /ldaplib/ldapsdk subdirectory contains the shared object (.so) files needed to run the LDAP utilities included with Access Manager.

/lib Directory

The /lib directory contains JAR files and additional shared object (.so) files. It also contains a link to the /etc/opt/SUNWam/config/AMConfig.properties file.

/locale Directory

The /locale directory contains the localization properties files. Each properties file includes a corresponding English localization file. For example, amAdminCLI_en.properties is the corresponding file for amAdminCLI.properties.

/migration Directory

The /migration directory contains the scripts and supporting files used to migrate data from earlier versions of Access Manager. For example, the /opt/SUNWam/migration/61to62/scripts subdirectory contains the Upgrade61DitTo62 script, which is used to migrate a DIT to Access Manager 2005Q1.

For more information about migration, the Sun Java Enterprise System 2005Q4 Upgrade Guide (part number 819–2331).

/public_html Directory

The /public_html directory and subdirectories contain the HTML and related files used for the online help.

/samples Directory

The /samples directory contains the following subdirectories: /admin, /appserver, /authentication, /console, /csdk, /liberty, /logging, /phase2, /policy, /saml, and /sso.

Each subdirectory contains samples for the respective functionality, which is indicated by the subdirectory name. For more specific information about these samples, the Readme.html file.

/share Directory

The /share/bin subdirectory contains the following additional utilities used internally by Access Manager:

• amtune/amtune-utils

• amsecuridd, amunixd, amwar, checkport, and wsutils.ksh

/upgrade Directory

The /upgrade directory contains the following directories:

• The /scripts contains the upgrade scripts and files.

• The /services directory contains directories for the Access Manager services.

/web-src Directory

The /web-src directory contains the subdirectories in which Access Manager J2EE web applications are deployed on a web container. It contains the following subdirectories:

• applications/ directory where the Access Manager Console is deployed. It contains the index.html file and various subdirectories. The /console directory contains various console related subdirectories.

• The /common directory (and subdirectories) is where the Access Manager Liberty Common Domain component is deployed.

• The /password directory (and subdirectories) is where the Access Manager Password Synchronization component is deployed. It contains the index.html file and the various subdirectories.

• The /services directory (and subdirectories) is where Access Manager Core Services are deployed. It contains the index.html file and the various subdirectories.

Configuration (/config) Directory

The default location of the configuration (/config) directory depends on the platform where you are installing Access Manager:

• Solaris systems: /etc/opt/SUNWam

• Linux systems: /etc/opt/sun/identity

The /config directory contains configuration, XML, and LDIF files, including:

• The .version file contains the current version of Access Manager.

• The AMConfig.properties file, SSOConfig.properties, and LogConfig.properties contain Access Manager configuration attributes.

• The serverconfig.xml file provides configuration information for the Access Manager for Directory Server.

• The /ldif subdirectory contains the LDIF files needed for populating the Directory Server data store when installing Access Manager. For example:

  • During installation, the ds_remote_schema.ldif file loads the Access Manager specific LDAP schema object classes and attributes (such as the iplanet-am-managed-people-container) needed to store Access Manager data in Directory Server. The sunone_schema2.ldif file loads the Access Manager specific LDAP schema object classes and attributes.

  • During uninstallation, The ds_remote_schema_uninstall.ldif file removes the Access Manager LDAP schema object classes and attributes from Directory Server.

• The /ums subdirectory contains XML files, including:

  • The ums.xml file provides a set of templates that contain LDAP configuration information for objects managed using Access Manager.

  • The /xml subdirectory contains these files:

    • The amserveradmin script loads the Access Manager services.

    • The XML files are generally not used for configuration. If they are modified, they must be manually reloaded into the Directory Server data store. (Any changes in the server are not synchronized with these files.) For information about the XML files in this directory, see the Sun Java System Access Manager 7 2005Q4 Developer’s Guide.