Previous Topic: Create a Directory for the SUN ONE User StoreNext Topic: Create a Directory for CA Directory


Create an Environment for the SUN ONE User Store

Valid for Windows

After you create and configure the directory settings for the SUN ONE directory, you create an environment. An environment is a view of the user store. In an environment you manage users, groups, organizations, tasks and roles.

Note: The JBoss application server service automatically starts during Windows startup and if an environment does not exist, one is created. We recommend that you disable the automatic service startup. If the environment exists, delete it before you create the environment for the SUN ONE user store.

Before you create the environment, you must define the system manager account in the Sun ONE user directory.

Important! Verify that you do not define the system manager account directly under the search root Organization Unit (OU) rather, under an Organization Unit that is located under the search root. For example, if the search root you defined is dc=company, dc-com, create the system manager account under the Users OU as follows: uid=Sysmanager,ou=Users,dc=company,dc=com

Follow these steps:

  1. Navigate to the following directory, where JBOSS_HOME indicates the directory where you installed JBoss:
    JBOSS_HOME/server/default/deploy/IdentityMinder.ear/user_console.war/META-INF/
    
    1. Locate the following files and copy them to a temporary directory:
      ac-RoleDefinitions_Iplanet_EN.xml
      
      ac-environmentSettings.xml
      
    2. Delete the ac-environment.properties files, if exists.
  2. Open the CA Identity Minder Management Console, select Environments, then select New.

    The new environment screen appears.

  3. Enter ac-env as the name of the environment, provide a description and enter ac as the public URL alias, then click Next..

    A screen appears displaying a list of available directories.

  4. Select the SUN ONE directory you have defined to associate with this environment, then click Next.
    1. (Optional) Select the directory to use as the provisioning directory for this environment, then click Next.
    2. (Optional) Specify the user account to authenticate anonymous connections with, then select Validate.

      CA Identity Minder Management Console validates the user account.

  5. Click Next to continue.
  6. Select Import Roles from File and use Browse to locate the file ac-RoleDefinitions_iPlanet_EN.xml, click Next.
  7. Specify the user manager account, select Add and then select Next.

    A summary screen opens.

    Important! Verify that the user manager account exists in the directory.

  8. Review the summary and click Finish.

    CA Identity Minder Management Console creates the environment.

  9. Select Environments, ac-env, Advanced Settings, then click Import.

    The Import Settings window opens.

    1. Browse to the directory where you saved the ac-environmentSettings.xml file, select it, then click Finish.

      CA Identity Minder Management Console creates the environment.

  10. Select Continue then select Start.

    The environment starts up.

  11. Select Environments, ac-env, Advanced Settings, Workflow.

    The workflow properties windows opens

    1. Check the box next to the Enabled property to enable workflow and then click save.

      CA Identity Minder Management Console applies the changes to the environment.

  12. Select Environments, ac-env, System Manager.

    The System Manager windows opens.

    1. Specify the system manager user account, then select Validate.

      CA Identity Minder Management Console displays the system manager account properties.

    2. Select Next, Finish.

      CA Identity Minder Management Console displays the system manager configuration output and specifies errors, if identified.

    3. Select Continue.
  13. In the Status field, select Restart.

    CA Identity Minder Management Console restarts the environment.

  14. Restart the JBoss application server.
  15. Open a Command Prompt window and navigate to the bin directory.
  16. Run the following command to execute ComponentRegistration:
    ComponentRegistration -comp jcs -register -userDN cn=root,dc=etasa -serverDN dc=im,dc=etasa -pwd <communication_password> -port 20411 -ssl yes -file C:\temp\output.txt -verbose
    

    For example: ComponentRegistration -comp jcs -register -userDN cn=root,dc=etasa -serverDN dc=im,dc=etasa -pwd password -port 20411 -ssl yes -file C:\temp\output.txt -verbose

You have defined the SUN ONE directory as the user store for CA ControlMinder Enterprise Management. You can now log in to CA ControlMinder Enterprise Management.