You point the Policy Server to the directory server to configure the Policy Server with the required system and administrative information. The Policy Server uses this information to manage policy store objects.
Note: The Policy Server can bind to an AD LDS policy store using a proxy object. A proxy object is created on AD LDS and is associated with an Active Directory account through the Security Identifier of the account. For more information about binding to an AD LDS instance using a proxy object, see the Microsoft documentation. If you configure a Policy Server connection using a proxy object and plan on using password policies, AD LDS must be configured for SSL.
Follow these steps:
smldapsetup status -hhost -pport -dAdminDN -wAdminPW -rroot -ssl1/0 -ccert
Specifies the IP Address of the LDAP server host system.
Specifies the port on which the LDAP server is listening.
Specifies the full domain name, including the guid value, of the directory server administrator.
Example: CN=user1,CN=People,CN=Configuration,CN,{guid}
Specifies the password for an LDAP user with privileges to create the LDAP schema in the LDAP directory server.
Specifies the existing root DN location of the application partition in the ADAM or AD LDS server. The existing root DN location is where the utility imports the policy store schema.
Specifies an SSL connection.
Limits: 0=no | 1=yes
Default: 0
(Only required if the SSL value is 1) Specifies the path to the directory where the SSL client certificate database file, cert8.db, exists.
The correct configuration of the LDAP policy store connection parameters is verified.
smldapsetup reg -hhost -pport -dAdminDN -wAdminPW -rroot -ssl1/0 -ccert
The connection to the directory server is configured as a policy store.
|
Copyright © 2012 CA.
All rights reserved.
|
|