test

Deployment Example: Sun Java System Communications Services for Access Anywhere (EdgeMail)

ProcedureTo Configure the Single Sign-On (SSO) Adaptor

Steps

  1. Logon to amconsole as admin. Configure SSO template:


    1.Select the tab "Service Configuration"
  2.Select SSO Adapter on the right panel
  3.Confiture SSO template for each provider

  2. sso adapter template for mail provider (note: in edge 2, mail provider is configured to use proxy auth and only one mail server existed. Configuration may be different if proxy auth is not to be used and more than one mail server existed in edge 3) update sso adapter template forSUN-ONE-MAIL 


    * click on the "Edit Properties.." link of SUN-ONE-MAIL under the section "SSO Adapter Templates"
   * update the following properties accordingly
         o enableProxyAuth 
         o proxyAdminUid 
         o proxyAdminPassword

  3. - so adapter template for address book provider (Note: in edge 2, address book provider is configured to use proxy auth and only one mail server existed. Configuration may be different if proxy auth is not to be used or if more than one mail server existed in edge 3) create sso adapter template for SUN-ONE-ADDRESS-BOOK 


     * click on the "NEW" button under the section "SSO Adapter Templates"
   * Enter "SUN-ONE-ADDRESS-BOOK" into the field Name
   * Select "[SUN-ONE-ADDRESS-BOOK]" from the "Existing Template" selection list.
   * Click OK to create a copy of "SUN-ONE-ADDRESS-BOOK" template
   * Upon the template successfully created, update the following template properties accordingly
         o  host e.g. edge-ds1.us.example.com
         o  port e.g. 389
         o  pabSearchBase e.g. ou=people,o=example.com,o=esmi,o=pab
         o  userSearchBase e.g. Ou=people,o=example.com,o=esmi
         o  aid
         o  adminPassword
         o  imapHost e.g. edge-mail1.us.example.com
         o  imapPort e.g. 443
         o  clientPort e.g. 80
         o  enableProxyAuth (set to true to enable proxy Auth)
         o  proxyAdminUid (if Poxy Auth is to be enabled)
         o  proxyAdminPassword (if Proxy Auth is to be enabled)

  4. - update sso adapter template for calendar provider (note: in edge 2, address book provider is configured to use proxy auth and only one calendar server existed. Configuration may be different if proxy auth is not to be used and more than one calendar server existed in edge 3) update sso adapter template for SUN-ONE-CALENDAR 


     *  click on the "Edit Properties.." link of SUN-ONE-CALENDAR under the section "SSO Adapter Templates"
   *  update the following properties accordingly
   o  enableProxyAuth (set to true to enable proxy Auth)
   o  proxyAdminUid (if Poxy Auth is to be enabled)
   o  proxyAdminPassword (if Proxy Auth is to be enabled)

  5. Configure SSO Adapter Configuration at top organization level


      1. Select tab "Identiy Management"
  2. Select "services" from the "View" dorp down list on the right panel
  3. Select "SSO Adapter" from the Services list on the right panel

- sso adapter configuration for mail provider

  6. - sso adapter configuration for mail provider (Note: in edge 2, only one mail server existed. Configuration may be if more than one mail server existed in edge 3) create sso adapter template for SunOneMail 


    * click on the "Edit Properties..." link of SunOneMail on the left panel
   * update the following properties
 
     o host: edge-mail1.us.example.com
     o port e.g. 143
     o smtpServer e.g. edge-mail1.us.example.com
     o clientPort e.g. 80
     o smtpServer e.g. 25

  7. - sso adapter configuration for calendar provider (note: in edge 2, only one mail server existed. Configuration may be if more than one mail server existed in edge 3) create sso adapter template for SunOneCalendar 


     * click on the "Edit Properties..." link of SunOneCalendar on the left panel
   * update the following properties
       o  host: edge-cal1.us.example.com
       o  port e.g. 143
       o  clientPort e.g. 80

  8. Disable authless anonymous portal


    * Logon to amconsole
   * select the "Service Configuration tab
   * select Portal Desktop under Portal Server Configuration
   * Check the Disable radio button under Authentication-less Portal Desktop Configuration

  9. Setup user profile for MAP application access (at/after user loading) (note: this may already covered in user profile loading) add objectclass to pre-selected users (/apps/dirserv/shared/bin/wirelessUserProvision.sh) 


    * sunmobileappmailpersion
   * sunmobileappcalendarperson
   * sunssoadapterperson
   * sunportaldesktopperson
   * sunmobileappabperson
   * sunportalgatewayaccessservice