Configuring OpenSSO Enterprise Server Using the ssoadm Command with add-amsdk-idrepo-plugin Subcommand
In this scenario, you do not want to customize the DAI service (ums.xml file). The ssoadm command with the add-amsdk-idrepo-plugin subcommand configures OpenSSO Enterprise server to enable the AMSDK Identity Repository plug-in by performing all of these tasks:
-
Loads the Directory Access Instructions (DAI) service
-
Adds the IdRepo subschema (sunIdentityRepositoryService)
-
Updates the Directory Server information in serverconfig.xml
-
Enables persistent searches for the AMSDK Identity Repository plug-in
To Configure OpenSSO Enterprise Server Using the ssoadm Command and add-amsdk-idrepo-plugin Subcommand
-
Execute the ssoadm command with the add-amsdk-idrepo-plugin subcommand. For example:
# ./ssoadm add-amsdk-idrepo-plugin -u amadmin -f ./password-file \ -a user-naming-attribute -o oranization-naming-attribute \ -b "dc=example,dc=com" -s ldaphost.example.com:389 \ -x ./dsamepassword -p ./proxypassword
where:
-u specifies the administrative user. For example: amadmin
-f specifies the password file for the administrative user.
-a and -o specify the user naming attribute and organization naming attribute, respectively. Both parameters are optional. The default values are uid and o.
-b specifies the base DN of the Directory Server in which the Access Manager repository is being configured. For example: dc=example,dc=com
-s specifies the directory server host, port, and protocol. Examples for the -s option are:
-
ldap://host:port
-
host:port (The protocol defaults to ldap.)
-
host (The protocol defaults to ldap, and the port defaults to 389.)
-x specifies the password file for dsameuser.
-p specifies the password file for proxyuser.
On Solaris and Linux systems, the password files specified by -x and -p must have 400 (read-only by owner) permissions.
-
-
Restart the OpenSSO Enterprise server web container.
-
Continue with Creating a Data Store Using the AMSDK Plug-in.
- © 2010, Oracle Corporation and/or its affiliates