Installation and Upgrade GuidesPolicy Server Installation GuidePolicy Server ToolsMigrate 6.x Policy Stores With Different Environments › Example 1 Policy Stores with Different Objects and Environments

Previous Topic: Migrate 6.x Policy Stores With Different Environments

Next Topic: Example 2 Policy Stores with Same Objects But Different Environments
Example 1 Policy Stores with Different Objects and Environments

In this example, there are two policy stores--one for test.com and another for production.com--containing different objects and environments. The goal is to migrate and override existing policy store data objects in production.com with those from test.com but keep production.com’s environment settings by following the steps listed in the following figure.

  1. Export the Test.com policy store into test.smdif, which backs up the policy data, and test.cfg, which preserves the environment settings.

    Note: The text in the .cfg file is separated by tabs and you can read it in any text editor or as a tab-delimited file in Microsoft Excel.

  2. To change test.com’s environment to match the settings in production.com, do the following:
    1. Using Microsoft Excel or a text editor, open test.cfg.
    2. Replace the test.com values with those from production.com. For illustrative purposes only, replace values such as IP Addresses, registration URLs, shared secrets, and agent names listed in the following table with those from production.com listed in the second table.

      Note: These are just four sample values and you will need to edit other values based on your own environment.

    Important! Make sure you only edit the Value entries and not the ones for Object OID, Object Class, Property Type.

Object OID

Object Class

Property Type

Value

Trusted Host OID

TrustedHost

IPAddr

192.216.167.23

reg scheme OID

SelfReg

RegistrationURL

http://test.url
.com

auth scheme OID

Scheme

Secret

testpassword

agent OID

Agent

Name

testagent

The Object OID column is represented only by the OID variable since OIDs such as the following are too long to fit in the above table:

Trusted Host OID = 0d-6dc75be0-1935-11d3-95cc-00c04f7468ef

Object OID

Object Class

Property Type

Value

Trusted Host OID

TrustedHost

IPAddr

192.216.167.24

reg scheme OID

SelfReg

RegistrationURL

http://production.url.com

auth scheme OID

Scheme

Secret

productionpassword

agent OID

Agent

Name

productionagent

  1. Import test.smdif and test.cfg, which you edited to include the values from production.com, into the Production.com policy store: 
    smobjimport -itest.smdif -dSiteMinder -wpassword -v -f -t

    Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

    Note: To override existing data and matching objects in the Production.com policy store with that of Test.com, use the -f argument.

smobjexport and smobjimport let you export or import an entire policy store or an individual domain.

Note: For more information about exporting or importing individual objects on a smaller scale, see the API Reference Guide for Perl.