|
|
|
The Management Console Data tab is where you configure storage locations for Policy Server databases (Policy Store, Key Store, audit logs, Session Server, and Expiry Data Server).
The Data tab contains a number of context-sensitive controls. Select the database that you want to configure from the Database drop-down list. The database you select determines the storage possibilities that are available for that database type and, therefore, the options available on the Storage drop-down list. The combination of these settings determines the settings displayed in the context-sensitive storage options group box directly below them.
Specifies the database to configure. Select from Policy Store, Key Store, Audit Logs, and Session Server.
Specifies the type of storage in which the selected database is held. The list of options is context-sensitive, only including valid storage possibilities for the selected database.
Setting this option configures the Policy Server to use the Policy Store database to hold the selected database also.
Note: This option is only available if the Policy Store is configured with a compatible storage type (that is, if the Policy Store is configured to be stored in a database that is also a valid storage option for the currently selected database).
When Use Policy Store Database is set, the Storage drop-down list and the context-sensitive storage option group box are grayed-out.
When enabled, the Session Server is enabled, allowing the Policy Server to support persistent sessions.
Note: Only enable the Session Server if you are going to use persistent sessions in one or more realms; when enabled, the Session Server impacts Policy Server performance.
The Storage Options group box contains context-sensitive controls that allow you to configure options for the storage type selected from the Storage drop-down list.
Note: Whenever you update parameters relating to an LDAP database, restart the Policy Server to make the new parameters effective.
Use the LDAP storage options to configure LDAP database connections:
Server name or IP address of the LDAP server. For performance reasons, the IP address is preferred. You can specify multiple servers in this field to allow for LDAP server failover.
If the LDAP server is not listening on the default port, be sure to specify the port on which it is listening.
LDAP branch under which the SiteMinder schema is located in the Root DN field
Example: o=myorg.org
Select this check box if your system is communicating with the LDAP directory over SSL. If you select this check box, specify a certificate database in the Netscape Certificate Database File field.
DN of the LDAP directory administrator.
Example: cn=Directory Manager
Administrative password for the LDAP directory.
Used to verify the administrative password for the LDAP directory.
Press to verify that the LDAP parameters you entered are correct and that the connection can be made.
Use the ODBC storage options to configure ODBC database connections:
Indicates the name of the ODBC data source. You can enter multiple names in this field to enable failover.
(Optional) Indicates the user name of the database account with full rights to access the database.
Specifies the password of the database account.
Specifies a duplicate of the database account password, for verification.
Indicates the maximum number of ODBC connections per database allowed at one time.
Click to verify that the parameters you entered are correct and that the connection can be made.
Use the Text File storage options to configure a text file to store the Policy Store audit logs.
Specifies the full path of a file in which to store the Policy Server audit logs.
Opens a file browser in which you can navigate to the required directory and then select or type the name of a file; this selection is used to populate the File Name field.
Specifies the full path of the Certificate database file.
Opens a file browser in which you can navigate to the required directory and then select or type the name of a file; this selection is used to populate the Netscape Certificate Database File field.
Note: This field does not require a value for Active Directory user stores configured in the Policy Server User Interface using the AD namespace. AD user stores use the native Windows certificate repository when establishing an SSL connection.
Mark this check box to allow the Policy Server to use enhanced handling LDAP referrals at the Policy Server, rather than allowing LDAP referral handling by the LDAP SDK layer.
Indicates the maximum number of consecutive referrals that are allowed while attempting to resolve the original request. Because a referral can point to a location that requires additional referrals, this limit is helpful when replication is misconfigured, causing referral loops.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |