Previous Topic: Run the smfedimport ToolNext Topic: Processing Import Files with Multiple Certificate Aliases

Federation Security Services GuideUse SAML 2.0 Provider Metadata To Simplify ConfigurationSiteMinder SAML 2.0 Metadata Tools OverviewCommand Options for smfedimport

Command Options for smfedimport

The command line options are listed in the following table.

Option

Description

Value

-attrname

Attribute name required for nameID

string

-authurl

Authentication URL

URL

-dnspec

DN specification required for name ID type only

string

-domainname

Affiliate domain name

string

-entityid

Entity ID

The Service Provider ID for the import or the Identity Provider ID for the import

-importkeys

Indicates whether the certificates in the metadata are imported into smkeydatabase.

string. Enter a name that becomes an alias associated with the certificate in smkeydatabase. If there are multiple certificates, the aliases are added as name, name1, name2.

-input

input file

string

-name

Indicates the name of the SiteMinder object, such as the name of the Service Provider or the name of a SAML authentication scheme

string

-nameidformat

Name ID format

(U)nspecificed--default

(E)mail address

(X)509 Subject name

(W)indows domain name

(K)erberos Principal Name

E(n)tity Identifier

(P)ersistent Identifier

(T)ransient Identifier

-nameidtype

Name ID type

(S)tatic

(U)ser attribute

(D)N attribute

-password

SiteMinder Administrator password

string, no default

-type

(Required)

Entity type of the import file

saml2idp

sam2sp

-silent

Determines whether the tool interactively prompts the user

 

With this option, the tool operates in silent mode. The tool does not interactively prompt the user for missing input. The tool also does not prompt the user to accept the import of each separate entity in the input file. The tool assumes that all entities in the input file must be imported.

true, if present

false otherwise

-username

SiteMinder Administrator name

string, no default

Processing Import Files with Multiple SAML 2.0 Providers

If multiple providers are specified in one import file, the tool imports them into the same affiliate domain. The names for each provider are based on the value you specify for the smfedimport command option -name.

For example, if there are three Service Providers in the import file and you specify:

-name mySP

The tool registers the imported providers as mysp, mysp_1, and mysp_2. The integer increases by one for each subsequent provider. If there is a mixture of Identity Providers and Service Providers in an import file, the naming convention still applies.