Extend the CA Directory Policy Store Schema

Installation and Upgrade Guides › SiteMinder Upgrade Guide › Upgrading from r6.x › How to Migrate from r6.x › Migrate AM Key Store Data into a SiteMinder Key Database › How to Upgrade an r6.x Policy Store › Extend the CA Directory Policy Store Schema

You extend the policy store schema to store objects introduced by r12.0 SP3. The existing r6.x policy store schema has not changed.

To extend the CA Directory policy store schema

Copy the following file into the CA Directory DXHOME\config\schema directory:
etrust.dxc

Note: The etrust.dxc file is installed with the Policy Server in policy_server_home\xps\db.

policy_server_home

Specifies the policy server installation path.
Copy the following files into the CA Directory DXHOME\bin directory.
- etrust_schema.txt
- schema.txt
Note: The etrust_schema.txt file is installed with the Policy Server in policy_server_home\xps\db. The schema.txt file is installed with the Policy Server in policy_server_home\eTrust.

policy_server_home

Specifies the Policy Server installation path.
Open the SiteMinder schema file (.dxg), and add the following lines to the bottom of the file:
```
#CA Schema
source "netegrity.dxc"
source "etrust.dxc"
```
Edit the DXI file for the DSA by adding the following lines to the bottom of the file:
- r12
```
# cache configuration
set max-cache-size = 100;
set cache-attrs = all-attributes;
set cache-load-all = true;
set ignore-name-bindings = true;
```
  Note: The DXI file is located in DXHOME\config\servers. The max-cache-size entry is the total cache size in MB. Adjust this value based on the total memory available on the CA Directory server and overall size of the policy store.
- r12 SP1 or later
```
# cache configuration
#set max-cache-size = 100;
#set cache-attrs = all-attributes;
#set cache-load-all = true;
set ignore-name-bindings = true;
```

Open the default DXC file (default.dxc) for the DSA and locate the following:

# size limits
set max-users = 255;
set credits = 5;
set max-local-ops = 100;
set max-dsp-ops = 100;
set max-op-size = 200;
set multi-write-queue = 20000;

Note: The default DXC file is located in DXHOME\dxserver\config\limits.

Edit the settings to match the following and save the DXC file:
```
# size limits
set max-users = 1000;
set credits = 5;
set max-local-ops = 1000;
set max-dsp-ops = 1000;
set max-op-size = 4000;
set multi-write-queue = 20000;
```
Note: Editing the size limits settings prevents cache size errors from appearing in your CA Directory log files.

Important! The multi-write-queue setting is for text–based configurations only. If the DSA is set up with DXmanager, omit this setting.
Use JXplorer to access the policy store DSA.
Under the root element, locate the following base tree structure:
Netegrity, SiteMinder, PolicySvr4
Create an organizational unit (root element) under PolicySvr4 called:
XPS
As the DSA user, stop and restart the DSA using the following commands:
```
dxserver stop DSA_Name
```
```
dxserver start DSA_Name
```
DSA_Name

Specifies the name of the policy store DSA.

The policy store schema is extended to store objects introduced by r12.0 SP3.