Upgrade a Sun Java Microsystems Policy and Key Store

Installation and Upgrade Guides › SiteMinder Upgrade Guide › Upgrade Procedures from 5.x › Step 1: Upgrade the 5.x Policy Server to 6.x › Upgrade a 5.x Policy Store › Upgrade a Sun Java Microsystems Policy and Key Store

Upgrade a Sun Java Microsystems Policy and Key Store

The version of the Sun Java Microsystems directory server that is functioning as the 5.x policy store determines if you can upgrade the policy store or if a policy store migration is required.

Note: For a list of supported Sun Java Microsystems LDAP directory servers, go to the Technical Support site and search for the SiteMinder Platform Matrix for 6.0.

If SiteMinder r6.0 SP6 supports the directory server, use the following procedure to upgrade the policy store.
If SiteMinder r6.0 SP6 does not support the directory server, see How to Migrate a 5.x Policy Store.

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To upgrade the policy store

Create the r6.0 SP6 policy and key store schema with the following smldapsetup commands.
Note: For more information about using the smldapsetup tool, see the Policy Server Installation Guide.
1. smldapsetup ldgen -hhost_IP -pport -duser_dn -wuser_pw -rpolicy_store_root -ssl1/0
  -ccert -ffile_name -u -m6
  
  -hhost_IP
  
  Specifies the IP Address of the directory server host system.
  
  -pport
  
  Specifies the port on which the directory server is listening.
  
  -duser_dn
  
  Specifies the distinguished name of a directory server user with privileges to create LDAP schema in the directory server.
  
  -wuser_pw
  
  Specifies the password for the directory server user specified by -d.
  
  -rpolicy_store_root
  
  Specifies the DN location of the SiteMinder data in the directory server.
  
  -ssl1/0
  
  (Optional) Specifies an SSL connection.
  
  Limits: 0=no | 1=yes
  
  Default: 0
  
  -ccert
  
  (Only required if the ssl value is 1) Specifies the path to the directory where the SSL client certificate database file, cert7.db, exists.
  
  -ffile_name
  
  Specifies the name of the schema (LDIF) file you are creating.
  
  -u
  
  Creates the r6.0 SP6 upgrade schema file.
  
  -m6
  
  Specifies that a Sun Java Microsystems directory server is being upgraded.
2. smldapsetup ldmod -hhost_IP -pport -duser_dn -wuser_pw -rpolicy_store_root
  -ssl1/0 -ccert -ffile_name
Import the required r6.0 SP6 policy store objects by entering the following command:
```
smobjimport -isiteminder_home\db\smdif\
sm_upgrade_55_to_60sp6.smdif -dadmin_name -wadmin_pw -v -f
```
siteminder_home

Specifies the Policy Server installation path.

-dadmin_name

Specifies the name of the SiteMinder administrator with super user privileges.

-wadmin_pw

Specifies the password for the SiteMinder super user.

-v

Outputs error, warning, and comment messages in verbose format. Verbose format lets you monitor the status of the import.

-f

Overwrites duplicate policy store objects with the r6.0 SP6 policy store objects.

Note: If an argument contains spaces, use double quotes around the entire argument.

Example:
```
smobjimport -i“C:\Program Files\CA\SiteMinder\db\
smdif\sm_ps_upgrade_55_to_60sp6.smdif” -d"SM Admin" -wPassword -v -f
```

Important! If you do not complete this step, the required SiteMinder objects are not added to the policy store. As a result, you cannot use the Policy Server User Interface to configure policies.

Email CA Technologies about this topic