Installation and Upgrade Guides › Directory Configuration Guide › Siemens DirX 6.0 D00 Directory Server › Create a SiteMinder 6.0 Policy Store in DirX Directory Server

Create a SiteMinder 6.0 Policy Store in DirX Directory Server

Use these procedures to configure the Policy Server with a Siemens DirX 6.0 D00 on Windows 2000 SP4 Advanced Server.

Note: This procedure uses script files to help with Policy Store configuration. Download the files from the Technical Support Site (https://support.netegrity.com).

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To create the required SiteMinder 6.0 policy store schema in Siemens DirX 6.0 D00 Directory Server

1. Install DirX 6.0 D00.

   If you do not have an existing database, install the example database.

   Accept all the defaults during the install.

2. Copy the following files to:

   <DirX_ install_ path>\scripts\security\Netegrity\SiteMinder

   Example: C:\program files\siemens\dirx\scripts\security\Netegrity\SiteMinder

   schema_ext_for_SiteMinder60.adm
   l-bind.cp
   subschema_ext_for_SiteMinder60.cp
   _setup.bat
   setup.bat
   bind.tcl
   GlobalVar.tcl
   

3. Rename the following files by removing the characters 6n from the file names:
   • schema_ext_for_SiteMinder60.adm becomes schema_ext_for_SiteMinder.adm
   • subschema_ext_for_SiteMinder60.cp becomes subschema_ext_for_SiteMinder.cp
4. Copy dirxabbr-ext.Siteminder60 to <DirX_install_path>\client\conf.
5. Rename dirxabbr-ext.Siteminder60 to dirxabbr-ext.Siteminder.
6. Stop and start the DirX service.
7. Edit GlobalVar.tcl to change to the global variables the DirX scripts reference. These are some of the default values:
   • Root DN: o=pqr
   • Admin username: cn=admin,o=pqr
   • Admin password: dirx
   • LDAP port: 389
8. Run setup.bat.

   Check the resulting log file, setup.txt, for errors.

9. Rebind to the DSA using the DirXmanage tool. Watch for potential errors.
10. In DirX, create the base tree structure to hold the policy store data. Use the DirXmanage tool to create the following organizational units:
    1. Under o=PQR, create:

          OU=Netegrity
       

    2. Under ou=Netegrity, create:

          OU=SiteMinder
       

    3. Under ou=SiteMinder, create:

          OU=PolicySvr4
       

11. Use the Data tab of the Policy Server Management Console to point SiteMinder to the DirX directory that you installed.
12. Import the base policy store data from the file smpolicy.smdif into DirX. If you need to import from an existing policy store, refer to the Policy Server Installation Guide section on migrating policy store data.

    $ smobjimport -i<siteminder_installation>\db\smdif\smpolicy.smdif -v
    

    You can pipe smobjimport output to a log file. After the policy store data import is complete, you can check the log file for errors.

    Note: When manually configuring a policy store on Windows, you can import one of the following:

    • smpolicy.smdif
    • smpolicy–secure.smdif

    The file named smpolicy–secure provides additional security through enhanced default Web Agent configuration parameters.

13. Set the Siteminder admin password:

    smreg -su <password>
    

14. Configure the Siteminder policy server to point to DirX:
    • LDAP IP Address: 123.456.7.8
    • Root DN: o=pqr
    • Admin username: cn=admin,o=pqr
    • Admin password: ********