Installation and Upgrade GuidesPolicy Server Installation GuideConfiguring LDAP Directory Servers as a Policy or Key StoreCreate a Policy Store in an LDAP Directory › Configure the Policy Server to Use IBM Directory Server as Policy Store

Previous Topic: Configure the Policy Server to Use OID as a Policy Store

Next Topic: SiteMinder Key Store Overview
Configure the Policy Server to Use IBM Directory Server as Policy Store

To configure the Policy Server to use an IBM directory server as a Policy Store

  1. Edit the V3.matchingrules file by adding the following line: 
    MatchingRules=(2.5.13.15 NAME ‘integerOrderingMatch’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27)
  2. Using the IBM Directory Server Configuration Tool, create/load a server suffix if one does not exist.
  3. Using the IBM Directory Server Web Administration Tool:
    1. Create a directory entry (for example, ou=Nete) for the Root DN of the policy server data.
    2. Create the root nodes (ou=PolicySvr4, ou=SiteMinder, ou=Netegrity) under ou=Nete.
  4. Using the IBM Directory Server Configuration Tool, add the supplied schema file V3.siteminder60, which is located in siteminder_home\IBMDirectoryServer, to the Manage Schema Files section of the schema configuration.

    Note: If you are upgrading from SiteMinder 5.x, remove the old SiteMinder schema file before adding the new V3.siteminder60 file. For more information about upgrading, see the SiteMinder Upgrade Guide.

  5. Restart the IBM Directory Server.
  6. From the Policy Server host system, open the Policy Server Management Console and select the Data tab to bring it to the front.

    Important! If you are accessing this graphical user interface on Windows Server 2008, open the shortcut with Administrator permissions, even if you are logged into the system as an Administrator. For more information, see the release notes for your SiteMinder component.

  7. Point the Policy Server at the directory by doing the following:
    1. In the Database drop-down menu, select Policy Store.
    2. In the Storage drop-down menu, select LDAP.
    3. Configure the fields for the LDAP policy store under LDAP Policy Store. The following are sample values for the fields:

      LDAP IP Address: 123.123.12.12:3500

      Root DN: o=test

      Admin Username: cn=admin,ou=people,o=test

      Password: <masked password>

      Note: For more information about the LDAP settings, see the Policy Server Management Guide.

    4. Click Apply.
    5. Click Test LDAP Connection.

    If the connection is successful, SiteMinder returns a confirmation. If the connection is not successful, SiteMinder returns an error message. If you receive an error message, verify that the values you entered are correct and that the directory is running.

  8. Complete steps 5-7 in Manually Configure Policy Store Data in an LDAP Directory.

    Note: IBM Directory Server referrals are incompatible with SiteMinder.

    The policy store is configured and you can now log into the Policy Server User Interface.