•
• host is the box where the web application deployed.
• port is the port number of the java server.
• tsam is the Oracle TSAM Plus URL.Oracle TSAM Plus Manager provides some global parameters for tuning purpose. They are available at the Data Management/Global Parameters page. For more information, see Oracle TSAM Plus User Guide.There are two kinds of authentication types, Database first and LDAP only. The user information can be stored in the Oracle TSAM Plus database or an existing LDAP server. The authentication type Database first supports both. LDAP only exclusively supports LDAP authentication.You can specify the authentication type during TSAM Plus installation process. For more information, refer to Choose Authentication Type in Installing Oracle TSAM Plus Manager Using GUI-Mode Installation.
2.
3.
4. Specify Authentication Type.You can specify the Group ID during TSAM Plus installation process. For more information, refer to Set Groups ID in Installing Oracle TSAM Plus Manager Using GUI-Mode Installation.
2.
3. You can specify an LDAP configuration file during installation process. For more information, refer to LDAP Configuration in Installing Oracle TSAM Plus Manager Using GUI-Mode Installation.You can also update the LDAP configuration information in the tsam.ear file (located at <TSAM_DIR>/deploy) using the following LDAP deployment utilities:
• Unix/Linux LDAP Deployment: LDAPDeployer.sh
• Windows LDAP Deployment: LDAPDeployer.cmdListing 2‑1 and Listing 2‑2 show Unix/Linux and Windows LDAP Deployment utility examples accordingly.
Note: The LDAP information in the tsam.ear file is overwritten after you run the LDAP Deployment utility. You must redeploy the tsam.ear file on the application server.Listing 2‑1 Unix/Linux LDAP Deployment Utility ExampleListing 2‑2 Windows LDAP Deployment Utility ExampleThe Oracle TSAM Plus LDAP configuration file is similar to the Oracle Tuxedo GAUTHSVR configuration file.
• Table 2‑1 lists the LDAP configuration file keywords.
Table 2‑1 LDAP Configuration File Keywords An LDAP search filter for finding a user given the name of the user. The default is (&(cn=%u)(objectclass=person)) The maximum number of seconds to wait for the LDAP connection to be established. If set to 0, there is no maximum time limit.
The default value is 0. The default value is TUXEDO_UID. The default value is TUXEDO_GID.Listing 2‑3 shows a Weblogic embedded LDAP server LDAP configuration file example.You can use the tpmigldif command utility to migrate TSAM Plus user and group information to LDAP servers in LDAP Interchange Format (LDIF). In order to use tpmigldif, you must create a migration template.Table 2‑2 lists the command line options for the tpmigldif utility. The order of the command line options does not matter.
Table 2‑2 tpmigldif Command Line Options The full directory path for the tpusr file. The full directory path for the tpgrp file.Listing 2‑4 shows a tpusr file with five fields separated by a colon:name:password(encrypted):user id:group id:client name::Listing 2‑4 Example tpusr FileListing 2‑5 shows a tpgrp file with three fields separated by a colon:Listing 2‑5 Example tpgrp FileUsing a text-editor, there are two methods you can use to modify tpusr file passwords:
• Modify the tpusr file password field to change the user password for each user in the file. The password field is the second field in the tpusr file. Each user is entered on a separate line in the tpusr file. See listing Listing 2‑4, for original tpusr file example.
• Add a new password to the last tpusr file fieldThe migration template is a text file used by the tpmigldif command utility to translate the tpusr or tpgrp file into an LDIF output file.Listing 2‑6 shows a tpusr-template migration file example. <%n> refers to a tpusr file field, where n starts at 1.
Note: Listing 2‑6 tpusr-templateListing 2‑7 shows the LDIF output from the tpusr-template.Listing 2‑7 LDIF OutputOracle Tuxedo provides an example template for supported LDAP servers. The files are listed in Table 2‑3.
Table 2‑3 Supported LDAP Server Template Example1 Active Directory2