Installation and Upgrade Guides › Directory Configuration Guide › Siemens DirX EE 1.0 Directory Server › Create a SiteMinder 6.0 Policy Store in a DirX Directory Server

Create a SiteMinder 6.0 Policy Store in a DirX Directory Server

Use these procedures to configure the Policy Server with a Siemens DirX EE 1.0 directory server on Windows 2000 SP 4 Advanced Server.

Note: This procedure uses script files to help with Policy Store configuration. Download the files from the Technical Support Site (https://support.netegrity.com).

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

To create the required SiteMinder 6.0 policy store schema in Siemens DirX EE 1.0 Directory Server

1. Install DirX EE 1.0.
2. Keep the Siemens_DirXEE folder in

   <DirX EE_Installation_Path>\scripts\Stand_alone\

   The folder contains the following files:

   • dirxabbr-ext.SiteMinder60,
   • schema_EE_ext_for_SiteMinder60.adm,
   • subschema_ext_for_SiteMinder60.cp,
   • bind.tcl,
   • GlobalVar.tcl,
   • initialize_DSA.cp,
   • setup.bat
3. Copy dirxabbr-ext.Siteminder60 to <DirX_install_path>\client\conf.
4. Run setup.bat.
5. Check the resulting log file, setup.txt, for errors.
6. Rebind to the DSA using the DirXmanage, through the administrator of DSA (cn=admin,o=My-Company), to download all classes attribute types and nameforms from the DSA schema. Then, bind through the user (cn=user,o=My-Company). Watch for potential errors.

   (Solaris Only)

   1. Run setup.sh and answer yes to the first two questions
   2. Open another terminal window. Use dirxadm to bind as admin, stop the server, then start the server
   3. Go back to the terminal window running setup.sh and answer yes to the last question.

      This creates a log file (setup.log). Check in this file for errors.

7. In DirX, create the base tree structure to hold the policy store data. Use the DirXmanage tool to create the following organizational units:
   1. Under o=My-Company, create:

         OU=Netegrity
      

   2. Under ou=Netegrity, create:

         OU=SiteMinder
      

   3. Under ou=SiteMinder, create:

         OU=PolicySvr4
      

8. Use the Data tab of the Policy Server Management Console to point SiteMinder to the DirX directory that you set up.
9. Import the base policy store data from the file smpolicy.smdif into DirX. If you need to import from an existing policy store, refer to the Policy Server Installation Guide section on migrating policy store data.

   $ smobjimport -i<siteminder_installation>\db\smdif\smpolicy.smdif -v
   

   You can pipe smobjimport output to a log file. After the policy store data import is complete, you can check the log file for errors.

   Note: When manually configuring a policy store on Windows, you can import one of the following:

   • smpolicy.smdif
   • smpolicy–secure.smdif

   The file named smpolicy–secure provides additional security through enhanced default Web Agent configuration parameters.

10. Set the Siteminder admin password:

    smreg -su <password>
    

11. Configure the Siteminder policy server to point to DirX:
    • LDAP IP Address: 123.456.7.8
    • Root DN: o=My-Company
    • Admin username: cn=admin,o=My-Company
    • Admin password: direx