Previous Topic: Create a Directory for CA DirectoryNext Topic: Configure the Connection to the Connector Server


Create an Environment for CA Directory

Valid on Windows

After you create and configure the directory settings for CA Directory, you create an environment. An environment is a view of the user store. In an environment you manage users, groups, organizations, tasks and roles.

Note: The JBoss application server service automatically starts during Windows startup and if an environment does not exist, one is created. We recommend that you disable the automatic service startup. If the environment exists, delete it before you create the environment for CA Directory.

Before you create the environment, define the system manager account in CA Directory.

Important! Verify that you do not define the system manager account directly under the search root Organization Unit (OU) rather, under an Organization Unit that is located under the search root. For example, if the search root you defined is dc=company, dc-com, create the system manager account under the Users OU as follows: uid=Sysmanager,ou=Users,dc=company,dc=com

Note: For multiple domDN.ins support, define the user full DN.

Follow these steps:

  1. Open the CA Identity Minder Management Console, select Environments, then select New.

    The new environment screen appears.

  2. Enter ac-env as the name of the environment, provide a description and enter ac as the public URL alias, then click Next.

    A screen appears displaying a list of available directories.

  3. Select CA Directory to associate with this environment, then click Next.
    1. (Optional) Select the directory to use as the provisioning directory for this environment, then click Next.
    2. (Optional) Specify the user account to authenticate anonymous connections with, then select Validate.

      CA Identity Minder Management Console validates the user account.

  4. Click Next to continue.
  5. Select Import Roles from File and use Browse to locate the file ac-RoleDefinitions_CADir_EN.xml, click Next.
  6. Specify the user manager account, select Add and then select Next.

    Note: For multiple domains support, specify the user full DN.

    A summary screen opens.

    Important! Verify that the user manager account exists in the directory.

  7. Review the summary and click Finish.

    CA Identity Minder Management Console creates the environment.

  8. Select Environments, ac-env, Advanced Settings, then click Import.

    The Import Settings window opens.

    1. Browse to the directory where you saved the ac-environmentSettings.xml file, select it, then click Finish.

      CA Identity Minder Management Console creates the environment.

  9. Select Continue then select Start.

    The environment starts up.

  10. Select Environments, ac-env, Advanced Settings, Workflow.

    The workflow properties windows opens

    1. Check the box next to the Enabled property to enable workflow and then click save.

      CA Identity Minder Management Console applies the changes to the environment.

  11. Select Environments, ac-env, System Manager.

    The System Manager windows opens.

    1. Specify the system manager user account, then select Validate.

      CA Identity Minder Management Console displays the system manager account properties.

    2. Select Next, Finish.

      CA Identity Minder Management Console displays the system manager configuration output and specifies errors, if identified.

    3. Select Continue.
  12. In the Status field, select Restart.

    CA Identity Minder Management Console restarts the environment.

  13. Restart the JBoss application server.
  14. Restart the CA ControlMinder services.

You have defined CA ControlMinder Enterprise Management to use CA Directory. You can now log in to CA ControlMinder Enterprise Management.