Technical Note: Sun Java System Access Manager ACI Guide

Removing ACIs on Solaris, Linux, and HP-UX Systems

To remove unneeded ACIs on Solaris, Linux, and HP-UX systems in Realm Mode:

  1. On the Access Manager server, login as or become superuser (root).

  2. To ensure that Access Manager is in Realm Mode, check the AM_REALM parameter in the amsamplesilent file . The parameter should be set as follows:


    The amsamplesilent file is located in the following directory, depending on your platform:

    • Solaris systems: AccessManager-base/SUNWam/bin

    • Linux and HP-UX systems: AccessManager-base/identity/bin

    AccessManager-base is the base installation directory: /opt on Solaris systems and /opt/sun on Linux and HP-UX systems.

  3. Run the amtune-prepareDSTuner script to create the amtune-directory.tar file.

  4. Copy the amtune-directory.tar file to a temporary location on the Directory Server machine and untar the file in the temporary location.

  5. Because he amtune-directory script tunes Directory Server, it is recommended that you first run the script in REVIEW mode. In the amtune-directory script, set REVIEW mode as follows:


  6. Run the amtune-directory script in REVIEW mode and review the recommended tuning settings for Directory Server in the tuning log file.

  7. If the changes in the debug log file are acceptable for your deployment, modify the amtune-directory script to run in CHANGE mode by setting AMTUNE_MODE as follows:


  8. Backup the Directory Server data.

  9. Run the amtune-directory script to remove the ACIs.

  10. Check the tuning log file for the results of the run.