Sun OpenSSO Enterprise 8.0 Integration Guide

Creating an OpenSSO Enterprise Realm Administrator

If you plan to use Identity Manager to manage objects in the OpenSSO Enterprise top-level realm, then create a user in the OpenSSO Enterprise root realm. Give this user the same privileges as the Top-Level Admin Role. The privileges should allow this user "Read and write access to all realm and policy properties.” This user will be used to configure the Identity Manager Resource adapter.

If you plan to use Identity Manager to manage objects in the OpenSSO Enterprise sub-realm, then create a user in the OpenSSO Enterprise sub-realm. Give this user privileges to "Read and write access to all realm and policy properties.” This user will have the privileges of a sub-realm administrator, and will be used to configure the Identity Manager Resource adapter. In this example, a realm administrator sradmin with the password password was created in the sub-realm (Top-Level Realm) > idm.