Installation and Upgrade GuidesDirectory Configuration GuideOpenWave Directory Server 6.0.1 › Create a SiteMinder 6.0 Policy Store in an Openwave Directory Server

Previous Topic: Policy Store Schema Considerations

Next Topic: Connect to an Openwave Policy Store

Create a SiteMinder 6.0 Policy Store in an Openwave Directory Server

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To create a policy store in a Openwave directory server

  1. Point the Policy Server at the directory by doing the following:
    1. In the Database drop-down menu, select Policy Store.
    2. In the Storage drop-down menu, select LDAP.
    3. In the LDAP Policy Store box, configure the fields for the LDAP policy store.

      The following lists sample values for the fields:

      • LDAP IP Address: 123.123.12.12:3500
      • Root DN: o=nete,c=us
      • Admin Username: cn=root
      • Password: <masked password>

      Note: Refer to the Policy Server Management Guide for a complete description of the LDAP settings.

    4. Click Apply after you have modified the LDAP fields.
    5. Click the Test LDAP Connection button to test the connection.

    If the connection is successful, SiteMinder returns a confirmation. If it is not successful, SiteMinder returns an error message. If you receive an error message, verify that the values you entered are correct and that the directory is running.

  2. Copy the supplied schema.txt into <siteminder_installation>\bin directory.
  3. Execute the following command from the <siteminder_installation>\bin directory: 
    smldapsetup ldmod -fschema.txt
  4. On the machine where Openwave Directory Server is installed, log in to the primary master directory server as the directory user.
  5. For the supplied index.sql file:
    1. Edit the file by changing the path for the tablespace creation.
    2. Place the file in the home directory.
  6. Execute the following command: 
    sqlplus /nolog
  7. At the sql prompt, run the following commands: 
    conn <directory user name>/<directory user password>
@index.sql
  8. Execute the following Openwave command: 
    imconfedit
  9. Do the following:
    1. Find the configuration key /*/common/tableMapping:
    2. At the end of this key, add the contents of the supplied tablemap.txt file.
  10. Save the file and restart the directory server.
  11. To check whether the server has started properly, execute the following command: 
    imservping imdirserv
  12. On the Policy Server machine, change the SiteMinder Super User password by completing the following steps:
    1. Copy smreg from either \win32\tools or solaris/tools on the SiteMinder CD-ROM to <siteminder_installation>\bin.
    2. Execute the following command:

      smreg -su <superuserpassword>

      where <superuserpassword> is the password for the SiteMinder Super User account.

      Note: Ensure there is a space between -su and the <superuserpassword>.

    3. Delete smreg.exe.

      Deleting smreg.exe prevents anyone from changing the Super User password without knowing the previous one.

  13. From <siteminder_installation>/bin, import the basic SiteMinder objects required to set up a policy store by running: 
    smobjimport -i<siteminder_installation>\db\smdif\smpolicy.smdif
-d<SM_Super_User_Name> -w<superuserpassword> -v
    siteminder_installation

    Specifies the installed location of SiteMinder.

    smpolicy.smdif

    Specifies the name of the file containing the default policy store objects that are imported into the policy store.

    Note: When manually configuring a policy store on Windows, you can import one of the following:

    The file named smpolicy–secure provides additional security through enhanced default Web Agent configuration parameters.

    SM_Super_User_Name

    Specifies the Super User name of the SiteMinder administrator.

    superuserpassword

    Specifies the password for the SiteMinder Super User.

    If an argument contains spaces, use double quotes around the entire argument. For example,

    Windows Systems:

    smobjimport -i“C:\Program Files\Netegrity\siteminder
    \db\smdif\smpolicy.smdif” -d"SM Admin" -wPassword -v

    UNIX Systems:

    smobjimport -i$NETE_PS_ROOT/db/smdif/smpolicy.smdif
    -d"SM Admin" -wPassword -v

    The policy store is configured and you can now log into the Policy Server User Interface.