Installation and Upgrade Guides › Directory Configuration Guide › Siemens DirX 6.0 D00 Directory Server › Configure a DirX 6.0 D00 Directory Server as a Policy Store

Configure a DirX 6.0 D00 Directory Server as a Policy Store

You can configure a Siemens DirX 6.0 D00 Directory Server as a SiteMinder r12.0 SP3 policy store.

Follow these steps:

1. Install DirX 6.0 D00, and accept all of the defaults during installation.

   Note: If you do not have an existing database, install the sample database.

2. Log in to the Policy Server host system.
3. Copy the following files from siteminder_home\db\tier2\SiemensDirx to

   DirX_install_path\scripts\security\Netegrity\SiteMinder:

   • dirxabbr-ext.SiteMinderR12sp3
   • schema_ext_for_SiteMinderR12sp3.adm
   • subschema_ext_for_SiteMinderR12sp3.cp
   • bind.tcl
   • l-bind.cp
   • _setup.bat
   • setup.bat
   • GlobalVar.tcl

   Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with administrator permissions. Open the command line window this way, even if your account has administrator privileges.

   siteminder_home

   Specifies the Policy Server installation path.

   DirX_install_path

   Specifies the DirX installation path.

   Example: C:\program files\siemens\dirx

4. Copy the following files from siteminder_home\xps\db\tier2\dirx to

   DirX_install_path\scripts\security\Netegrity\SiteMinder:

   • dirxabbr-ext.XPS
   • schema_ext_for_XPS.adm
   • subschema_ext_for_XPS.cp
5. Rename the following files:
   • schema_ext_for_SiteMinderR12sp3.adm to schema_ext_for_SiteMinder.adm
   • subschema_ext_for_SiteMinderR12sp3.cp to subschema_ext_for_SiteMinder.cp
6. Copy the following files to DirX_install_path\client\conf:
   • dirxabbr-ext.SiteMinderR12sp3
   • dirxabbr-ext.XPS
7. Rename dirxabbr-ext.SiteMinderR12sp3 to dirxabbr-ext.SiteMinder.
8. Stop and restart the DirX service.
9. Edit GlobalVar.tcl to update the global variables that the DirX scripts reference.

   Default values:

   • LDAP port: 389
   • Root DN: o=pqr
   • Admin username: cn=admin,o=pqr
   • Admin password: dirx
10. Run setup.bat, and check the resulting log file, setup.log, for errors.
11. Rebind to the DSA using the DirXmanage tool.

    Note: Watch for errors.

12. Create the base tree structure using the DirXmanage tool:
    1. Under o=PQR, create ou=Netegrity.
    2. Under ou=Netegrity, create ou=SiteMinder.
    3. Under ou=SiteMinder, create ou=PolicySvr4.
    4. Under ou=PolicySvr4, create ou=XPS

    The policy store schema is created for r12.0 SP3.

13. Point the Policy Server to the DirX Directory Server by using the Data tab on the Policy Server Management Console.

    Sample values:

    • LDAP IP Address: 123.456.7.8
    • Root DN: o=pqr
    • Admin username: cn=admin,o=pqr
    • Admin password: ********
14. Run the following command:

    smreg -su password
    

    The SiteMinder super user password is set.

15. Navigate to policy_server_home\bin.

    policy_server_home

    Specifies the Policy Server installation path.

16. Run the following command:

    smobjimport -ipolicy_server_home\db\smdif\smpolicy.smdif -v
    -dsiteminder_super_user_name -wsiteminder_super_user_password
    

    -i

    Specifies the path and name of the import file.

    -v

    Turns on tracing and outputs error, warning, and comment messages.

    Note: You can output to a log file and check for errors.

    The base policy store data is imported from the file smpolicy.smdif.

17. Run the following command:

    smobjimport -ipolicy_server_home\db\smdif\ampolicy.smdif
    -dsiteminder_super_user_name -wsiteminder_super_user_password -f -v -l -c
    

    -i

    Specifies the path and name of the import file.

    -dsiteminder_super_user_name

    Specifies the name of the SiteMinder Super User account.

    -wsiteminder_super_user_password

    Specifies the password for the SiteMinder Super User account.

    -f

    Overrides duplicate objects

    -v

    Turns on tracing and outputs error, warning, and comment messages in verbose format so that you can monitor the status of the import.

    Default value: stdout

    -l

    Creates a log file.

    -c

    Indicates that the smdif input file contains unencrypted data.

    smobjimport imports the policy store objects. These objects are automatically imported to the appropriate locations.

    Note: Importing ampolicy.smdif makes available Federation Security Services, Web Service Variables, and eTelligent Rules functionality that is separately licensed from SiteMinder. If you intend on using the latter functionality, contact your CA account representative for more information on licensing.

    The DirX Directory Server is configured as a policy store.

Note: You can now import the policy store data definitions.