Use the Policy Server Configuration wizard to configure or reconfigure the following components after installing the Policy Server:
Note: You cannot change the Policy Server FIPS–mode of operation using the Policy Server Configuration Wizard. For more information about changing the Policy Server FIPS–mode of operation, see the CA SiteMinder® Upgrade Guide.
Important! If you configured an Oracle iPlanet web server instance for the OneView Monitor UI or SNMP, do not use the wizard to configure new instances. Configuring new web server instances can cause the existing web server instance to fail.
Complete the following procedures to use the Policy Server Configuration wizard:
The Policy Server Configuration Wizard requires specific information to configure Policy Server components.
Note: Installation worksheets are provided to help you gather and record information prior to installing or configuring Policy Server components using the Policy Server Installation Wizard or the Policy Server Configuration Wizard. You may want to print these worksheets and use them to record required information prior to running either wizard.
Active Directory LDS Server Information
Gather the following required information to configure Microsoft Active Directory LDS as a policy store:
Example: dc=ca,dc=com
Example: CN=user1,CN=people,CN=Configuration,CN=guid
Note: This user must have the necessary permissions to modify attributes and change passwords.
siteminder
Limits:
Note: We recommend that you do not use the default superuser for day-to-day operations. Rather, use the default superuser to access the Administrative UI for the first–time and then create an administrator with superuser permissions.
Oracle Directory Server Information
Gather the following required information to configure Oracle Directory Server to function as a policy store:
Default: 389
Example: o=yourorg.com
Example: cn=Directory Manager
Note: This user must have the necessary permissions to modify attributes and change passwords.
siteminder
Limits:
Note: We recommend that you do not use the default superuser for day-to-day operations. Rather, use the default superuser to access the Administrative UI for the first–time and then create an administrator with superuser permissions.
Microsoft SQL Server Information
To configure Microsoft SQL Server as a policy store, gather the following required information:
Identify the IP address or name of the database host system.
Note: For more information about IPv6 support, see the CA SiteMinder® Platform Support Matrix.
Identify the named instance or the name of the database that is to function as the policy store.
Identify the port on which the database is listening.
Identify the name and password of an administrator account with permission to do the following operations:
Note: If the CA SiteMinder® schema is already present in the database, the wizard does not require the credentials of a database administrator with create permission. For more information, see Configure a SQL Server Policy Store.
The default CA SiteMinder® superuser account has maximum permissions. Determine the password for the default superuser account. The name of the default account is:
siteminder
Limits:
Note: We recommend that you do not use the default superuser for day-to-day operations. Rather, use the default superuser to access the Administrative UI for the first–time and then create an administrator with superuser permissions.
Oracle RDBMS Information
Gather the following required information to configure Oracle RDBMS as a policy store.
Identify the IP address or the name of the database host system.
Note: For more information about IPv6 support, see the CA SiteMinder® Platform Support Matrix.
Identify the service name of the database that is to function as the policy store.
Identify the port on which the database is listening.
Identify the name of an administrator account with permission to do the following operations:
Identify the password of the administrator account.
The default CA SiteMinder® superuser account has maximum permissions. Determine the password for the default superuser account. The name of the default account is:
siteminder
Limits:
Note: We recommend that you do not use the default superuser for day-to-day operations. Rather, use the default superuser to access the Administrative UI for the first–time and then create an administrator with superuser permissions.
OneView Monitor Information
You only have to gather OneView Monitor information if you plan on configuring the OneView Monitor.
Gather the following required information to configure the OneView Monitor. You can use the OneView Monitor Information Worksheet to record your values.
Example: /usr/local/NewAtlanta/ServletExecAS
Example: /sunjavasystem_home/location
Specifies the installed location of the Sun Java System.
Specifies the installed location of the Sun Java System Web servers.
To run the configuration wizard
The Policy Server configuration wizard starts.
Specifies the Policy Server installation path.
Important! If you are running this wizard on Windows Server 2008, run the executable file with administrator permissions. Use these permissions even if you are logged in to the system as an administrator. For more information, see the release notes for your CA SiteMinder® component.
Note: When prompted to initialize the LDAP instance do so only to configure a new policy store instance.
The wizard configures the selected components to work with the Policy Server.
Note: This can take several minutes.
The components you selected are configured.
Note: If you experience problems, you can locate the Policy Server installation log file and the policy store details file in siteminder_home\siteminder\install_config_info.
Specifies the Policy Server installation path.
Copyright © 2014 CA.
All rights reserved.
|
|