Configure an Oracle Internet Directory 10g 9.0.4 as a Policy Store

Configuration Guides › Directory Configuration Guide › Oracle Internet Directory Server 10g 9.0.4 › Configure an Oracle Internet Directory 10g 9.0.4 as a Policy Store

Configure an Oracle Internet Directory 10g 9.0.4 as a Policy Store

To configure an Oracle Internet Directory 10g 9.0.4 as a policy store

Right-click Entry Management, and select Create using the ODM.
A domain is created in OID.
Click Add on the Distinguished Name dialog, and select the domain.
Enter dc=dcbok as the Distinguished Name value and dc as the dc value.
Create an organizational unit, select the organizational unit, and enter ou=bok,dc=dcbok as the Distinguished Name value and bok as the ou value.
Point the Policy Server at the Oracle Directory Server that you plan to use as a policy store. The following are examples of values that you can enter:
- Database
  Policy Store
- Storage
  LDAP
- LDAP IP Address
  192.168.122.18:389
- Admin Username
  oracleadmin
- Root DN
  ou=ps12,dc=CA
Note: For more information, see the Policy Server Installation Guide.
Navigate to policy_server_home/bin on the system where the Policy Server is installed.
- policy_server_home
  Specifies the Policy Server installation path.
Run the following command:
```
smldapsetup ldgen -ffile_name.ldif
```
- -f
  Specifies the name of the schema file that you are creating for the policy store.
Run the following command:
```
smldapsetup ldmod -ffile_name.ldif
```
- -f
  Specifies the name of the schema file that you created for the policy store.
Run the following command:
```
ldapmodify -hhost -pport -dAdminDN -wAdminPW
-c -fdir_config_home/xps/oid_10g/OID_10g.ldif
-Z -Pcert 
```
- -h host
  Specifies the IP address of the LDAP directory server.
  
  Example: 123.123.12.12
- -p port
  Specifies the port number of the LDAP directory server.
  
  Example: 3500
- -d AdminDN
  Specifies the name of the LDAP user who has the privileges needed to create a new LDAP schema in the LDAP directory server.
- -w AdminPW
  Specifies the password of the administrator specified by the -d option.
- -c
  Specifies continuous mode (do not stop on errors).
- -f
  Specifies the path and file name of the XPS schema file that is supplied with r12.1.
- dir_config_home
  Specifies the Directory Configuration installation path.
- -Z
  Specifies an SSL-encrypted connection.
- -P cert
  Specifies the path to the directory where the SSL client certificate database file (cert7.db) exists.
  
  Example:
  
  If cert7.db exists in app/siteminder/ssl, specify:
```
-Papp/siteminder/ssl
```
The policy store schema is created for r12.1.
Run the following command:
```
smobjimport -ipolicy_server_home/db/smdif/smpolicy.smdif -v
```
- -i
  Specifies the path and name of the import file.
- -v
  Turns on tracing and outputs error, warning, and comment messages.
The base policy store data is imported from the file smpolicy.smdif.
Run the following command:
```
smobjimport -ipolicy_server_home\db\smdif\ampolicy.smdif
-dsiteminder_super_user_name -wsiteminder_super_user_password -f -v -l -c
```
- -i
  Specifies the path and name of the import file.
- -dsiteminder_super_user_name
  Specifies the name of the SOA Security Manager Super User account.
- -wsiteminder_super_user_password
  Specifies the password for the SOA Security Manager Super User account.
- -f
  Overrides duplicate objects.
- -v
  Turns on tracing and outputs error, warning, and comment messages in verbose format so that you can monitor the status of the import.
  
  Default value: stdout
- -l
  Creates a log file.
- -c
  Indicates that the smdif input file contains unencrypted data.
smobjimport imports the policy store objects. These objects are automatically imported to the appropriate locations.

Note: Importing ampolicy.smdif makes available CA SiteMinder Federation Security Services, Web Service Variables, and eTelligent Rules functionality that is separately licensed from SOA Security Manager. If you intend on using the latter functionality, contact your CA account representative for more information on licensing.

Note: You can now import the policy store data definitions.

Email CA about this topic