Installation and Upgrade GuidesPolicy Server Installation GuideConfiguring SiteMinder Data Stores in a Relational Database › Import Default SiteMinder Objects into the Policy Store

Previous Topic: Configure a Database as a Session Store

Next Topic: Migrate an Existing Policy Store into a Relational Database

Import Default SiteMinder Objects into the Policy Store

When manually configuring a policy store, you are required to import the default SiteMinder objects. If you do not, you cannot use the Policy Server User Interface to configure policies.

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To import the default policy store objects

  1. From the Policy Server host system, navigate to siteminder_home/bin
  2. Change the SiteMinder super user password by completing the following steps:
    1. Copy the smreg utility (smreg.exe) from the Policy Server installation kit to siteminder_home\bin.
    2. Execute the following command: 
      smreg -su super_user_password
      super_user_password

      Specifies the password for the SiteMinder super user account. The password is not case–sensitive, except in cases where the password is stored in an Oracle policy store. The default administrator name is SiteMinder. Once the Oracle policy store is configured, administrator user names for the Policy Server User Interface are case–sensitive.

      Note: Be sure that there is a space between -su and the password.

    3. Delete smreg.exe.

      Deleting smreg.exe prevents someone from changing the super user password without knowing the previous one.

  3. From siteminder_home\bin, import the basic SiteMinder objects required to set up a policy store by running: 
    smobjimport -isiteminder_home\db\smdif\smpolicy.smdif
-dSM_super_user_name -wsuper_user_password -v
    siteminder_home

    Specifies the Policy Server installation path.

    smpolicy.smdif

    Specifies the name of the file containing the default policy store objects that are imported into the policy store.

    Note: When manually configuring a policy store on Windows, you can import one of the following:

    The file named smpolicy–secure provides additional security through enhanced default Web Agent configuration parameters.

    SM_super_user_name

    Specifies the name of the SiteMinder super user.

    super_user_password

    Specifies the password for the SiteMinder super user.

    If an argument contains spaces, use double quotes around the entire argument.

    Windows example: smobjimport -i
    “C:\Program Files\Netegrity\siteminder\db\smdif\smpolicy.smdif”
    -d"SM Admin" -wPassword -v

    UNIX example: smobjimport -i$NETE_PS_ROOT/db/smdif/smpolicy.smdif
    -d"SM Admin" -wPassword -v

    -v

    Outputs error, warning, and comment messages in verbose format so you can monitor the status of the import.

    Be aware of the following:

  4. Restart the Policy Server service by doing the following:
    1. Start the Policy Server Management Console.

      Important! If you are accessing this graphical user interface on Windows Server 2008, open the shortcut with Administrator permissions, even if you are logged into the system as an Administrator. For more information, see the release notes for your SiteMinder component.

    2. Under the Status tab, click Stop.

      The stoplight icon changes from green to red.

    3. Click Start to restart the service.
    4. Click OK to exit the Policy Server Management Console.

    For UNIX systems, enter the commands stop–all followed by start–all.

    The policy store is configured and you can now log into the Policy Server User Interface.

More Information:

Change the SiteMinder Super User Password Using smreg

Import Policy Data Using smobjimport

Policy Store Schema Considerations