Create a Profile using CA LDAP for CA Top Secret

Document ID : KB000109853
Last Modified Date : 07/08/2018
Show Technical Document Details
Issue:
Creating a PROFILE acid using CA LDAP for CA Top Secret.
Resolution:
Adding a PROFILE: 

./ldapmodify -c -h YourHost -p nnnn -D cn=Admin -w XXXX -x -f add_profile.ldif 

YourHost is your Host name; nnnn is your port number; Admin is your TSS administrator; XXXX is the administrator password; add_profile.ldif is the ldif file containing the profile definition to be created. 

add_profile.ldif may looks like (just an example): 

*** Top of file **** 
dn:tssproflist=profldap,tssacidgrp=proflist,tssacid=myacid,tssadmingrp=acids,host=YourHost,o=ca,c=us 
changetype: add 
objectClass: tssproflist 
Profile-Before: prof001 
Profile-Until-Date: 10/12/20 
Target-Nodes-for-Cmds: = 
**** End of file **** 

Permitting a resource to a PROFILE: 

The ldapmodify command is the same as above, but the ldif file name. 

per_resource.ldif may looks like (just an example): 

**** Top of file **** 
dn: tssresname=ZZZZ,tssresclass=IBMGROUP,tssacidgrp=Permissions, 
tssprofile=PROFLDAP,tssadmingrp=profiles,host=YourHost,o=ca,c=us 
changetype: add 
objectClass: tssresname 
tssresclass: IBMGROUP 
tssresname: ZZZZ 
**** End of file **** 

Creating an acid: 

The ldapmodify command is the same as above, but the ldif file name. 

create_acid.ldif may looks like (just an example): 

**** Top of file **** 
version: 1 
dn:tssacid=000002,tssadmingrp=acids,host=usi252me,o=ca,c=us 
changetype: add 
objectClass: tssacid 
Name:DEFAULT USER 2 
tssacid:000002 
User-Type:USER 
Department:D112 
userPassword:000002 
userPassword-Expire: Y 
My-Phone-Number-is:06.17.69.89.00 
My-Street-is:£4, Place des Pyramides 
**** End of file **** 

If you want to create a PROFILE, then just get rid of the unuseful lines.