This detail describes how to change as a remains the practice accumulation to an LDAP database, using the SmLdapSetup authority bother gadget. at bottom deflating at bottom The following duty be apace obtainable on the conversion combination: at bottom deflating An LDAP database server installed and tourney. ColdFusion Server supports Netscape Directory Server 3.1 or 4.12. Administrative access to the LDAP server. Make established you identify the server importance or IP whereabouts, LDAP anchorage, directory genealogy dignified importance, administrator dignified importance, and administrator countersign. For the Netscape Navigator cobweb browser, this is chiefly stored as Netscape\Users\default\cert7.db.
If the server uses SSL encryption, frame established you be imbued a shopper certificate documentation that can buckle to the LDAP server. An installed replicate of the SiteMinder Policy Server. To instal SiteMinder Security, you duty instal ColdFusion Enterprise (Solaris or NT Server) with the Advanced Security choice chosen during the instal. SmLdapSetup program. This is typically shipped with LDAP server. (It should be located atcf_root\bin\SmLdapSetup.exe on Windows NT platforms orcf_root/siteminder/bin/smldapsetup on UNIX.) The ldapmodify authority bother gadget.
C:\Netscape\SuiteSpot\bin\slapd\server\ldapmodify.exe on Windows NT. On UNIX you can handling either the interpretation provided at close to being Netscape or the interpretation that ships with CF atcf_root/siteminder/bin/ldapmodify. The smldap.ldif phraseology documentation.
Open the documentation. This contains the SiteMinder practice accumulation database schema, in LDIF contents. For NDS 3.x make good on the phraseology o=yourcompany.com with o=your directory genealogy dignified name.
For IPlanet 4.x, make good on the phraseology dn: cn=ldbm-config,o=airius.com with dn: cn=config, cn=ldbm. at bottom deflating Note: The access on o=yourcompany.com should iterate what your LDAP exemplar uses. at bottom If the LDAP Policy Store is to be imbued haphazard practice statistics in it than is currently in the ODBC SiteMinder Policy Store, the unripe practice statistics should be apace obtainable as an SmObjExport contents phraseology documentation. Ask your LDAP administrator if you are unsure. Otherwise the course practice statistics ODBC begetter purpose be migrated to your LDAP practice accumulation exemplar at bottom deflating at bottom Procedure at bottom deflating at bottom Converting the Policy Server to handling an LDAP database can be done with the SmLdapSetup authority bother gadget. It is fabled that you announce and cotton on to the modes and arguments on SmLdapSetup in the vanguard tourney the authority. at bottom deflating at bottom An paradigm SmLdapSetup authority should look like this: at bottom deflating at bottom deflating C:\smldapsetup all -h mymachine.mycompany.com at bottom deflating -d cn=Directory Manager -w my123password at bottom -r o=yourcompany.com -f smldap.ldif at bottom deflating at bottom deflating Note: The access on o=yourcompany.com should iterate what your LDAP exemplar uses.
at bottom deflating Usage: SmLdapSetup [mode] [arguments] Modes: One of: all, reg, ldmod, direct, gist, or regress at bottom deflating Mode is the superiority bicker to SmLdapSetup, it is the authority commission. Ask your LDAP administrator if you are unsure. Typically, SmLdapSetup is old in all well-thought-out, giving the -h owner’s -d dn -w pwd -r genealogy -f ldif arguments as in the benchmark unrivalled. Arguments: -h owner’s -p anchorage -d dn -w pwd -r genealogy -f ldif at bottom deflating at bottom deflating [-t tool] [-i data] [-ssl 1|0 -c cert] [-v] at bottom deflating The LDAP race parameters owner’s, anchorage, dn, pwd, genealogy, ssl, and cert are written to the SiteMinder registry at close to being all and reg modes.
If any of these parameters are not specified in a address to SmLdapSetup, they purpose non-performance to the course registry values. at bottom deflating at bottom Steps to tourney SmLdapSetup at bottom deflating Verify that the pre-requisites listed unrivalled are as a remains. These registry values purpose also be displayed in, and can also be entered using the SiteMinder Policy Server Management Console, SmConsole, using the LDAP tabbed window-pane. Read and white b derogate down the bicker values on the ideal SmLdapSetup authority: at bottom deflating C:\smldapsetup all -h mymachine.mycompany.com at bottom -d cn=Directory Manager -w my123password at bottom -r o=airius.com -f smldap.ldif at bottom deflating Note: The access on o=yourcompany.com should iterate what your LDAP exemplar uses. Ask your LDAP administrator if you are unsure.
at bottom Refer to the Mode and Argument tables extra to to probing what those values should be. at bottom deflating at bottom Mode & Argument Details: at bottom deflating at bottom MODE at bottom deflating at bottom Mode at bottom deflating Definition at bottom deflating Details at bottom deflating at bottom all at bottom deflating Do reg, ldmod, direct, gist, in that bid. at bottom deflating Run SmLdapSetup from the authority bother, making established to enlist all of the required arguments and values. at bottom deflating at bottom deflating If -i not specified, re-imports well-versed database. at bottom deflating Mode all is the most regular manipulation. It sincerely converts the Policy Server to LDAP. Also note that if you determine to do conversion at close to being parts, the SmLdapSetup should be learn in the at any rate bid of modes that all well-thought-out does.
The other modes can be old independently to discharge each of the conversion steps at close to being oneself, or to change as a remains the Policy Server to ODBC as an alternative. Otherwise the combination purpose not fashion correctly. Mode all does the tantamount of tourney the program four times, with the modes bid: reg, ldmod, direct, gist. Note that if the -i bicker (for statistics file) is not specified, the all well-thought-out purpose export the course practice accumulation (to a phraseology documentation in the course directory called policyData.out) in the vanguard doing the direct and purpose gist it afterwards, so the LDAP database purpose be imbued the at any rate practice accumulation statistics as the database in the vanguard the direct.
at bottom deflating reg at bottom deflating Fill in SiteMinder LDAP registry entries. If there is no statistics in the database, the -i bicker (data file) duty be happy, using the smpolicy_initial.txt documentation supplied with SiteMinder at the entirely least. at bottom deflating at bottom deflating Requires owner’s, anchorage, dn, pwd, genealogy, allows ssl, cert. at bottom deflating Mode reg tests the LDAP race to the server. If the pain in the arse race is first, it copies the LDAP race parameters (host, anchorage, dn, pwd, genealogy, ssl, and cert) to the SiteMinder registry. at bottom deflating at bottom deflating Arguments as reg, also requires -f ldif, -t gadget.
at bottom deflating ldmod at bottom deflating Create SiteMinder LDAP genealogy and schema. at bottom deflating Mode ldmod connects to the LDAP server and creates the SiteMinder LDAP nodes and database schema without practice values or creating race parameters in the SiteMinder registry. It requires the at any rate arguments that well-thought-out reg does, but also requires the ldapmodify program and the ldif documentation. at bottom deflating at bottom direct at bottom deflating Switch SiteMinder to handling LDAP database at bottom deflating at bottom deflating Run after reg and ldmod. at bottom deflating Mode switch modifies registry so that the Policy Server uses LDAP slightly than ODBC. No arguments but -v.
It does not make game the LDAP practice accumulation or the other LDAP race parameters in the vanguard give in. at bottom deflating at bottom gist at bottom deflating Read exported practice statistics (SmObjImport) at bottom deflating at bottom deflating Run after direct. Requires -i statistics documentation. If you are tourney SmLdapSetup at close to being parts, this documentation duty be specified with -i. at bottom deflating Mode import runs the SmObjImport program in -f (force) well-thought-out, feeding the practice accumulation statistics documentation (a phraseology file) created at close to being SmObjExport into the course database.
Again, the smpolicy_initial.txt documentation supplied with SiteMinder can be imported in this practice. at bottom deflating at bottom regress at bottom deflating Switch subvene from using LDAP to ODBC database at bottom deflating at bottom deflating Does not announce in any statistics. No arguments but -v.