Installation and Upgrade Guides › Directory Configuration Guide › Critical Path inJoin Directory Server › Create a SiteMinder 5.5 or 6.0 Policy Store in InJoin Directory Server v4.2

Create a SiteMinder 5.5 or 6.0 Policy Store in InJoin Directory Server v4.2

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To create the required SiteMinder 5.5 or 6.0 policy store schema in InJoin Directory Server (IDS)

1. Start the DSA, using Critical Path's iCon GUI.
2. Perform an LDAP modify, using the supplied IDS_Add_Schema_55.ldif or IDS_Add_Schema_60.ldif file.

   6.0 example:

   ldapmodify -h <server_IP> -p <port_number> -D "cn=manager" -w <password> -c -f
   "IDS_Add_Schema_60.ldif"
   

   Note: ldapmodify requires version 4.2 of the Critical Path InJoin Directory Server.

3. Use the iCon GUI to reload the schema or verify that the schema has been updated.
4. Go to dsa, comms, LDAP and modify the option "paging mode" to always. Restart the DSA.
5. Manually create the root nodes (ou=PolicySvr4, ou=SiteMinder, ou=Netegrity) via iCon's DIT admin interface.
6. Import the base policy store data from the file smpolicy.smdif.

   Example: smobjimport -i<siteminder_installation>\db\smdif\smpolicy.smdif -v

   Note: When manually configuring a policy store on Windows, you can import one of the following:

   • smpolicy.smdif
   • smpolicy–secure.smdif

   The file named smpolicy–secure provides additional security through enhanced default Web Agent configuration parameters.