How to Configure ADAM as a Policy Store for SiteMinder?

Document ID : KB000051230
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

This document explains step-by-step how to configure ADAM as a policy store for SiteMinder

Solution:

  1. Install ADAMSP1_x86_English.exe

  2. Install ADAMSP1MUI_x86.exe

  3. Create an instance named training

  4. Create an application partition named dc=training,dc=com

  5. Import all LDF ldif file

  6. Edit msDS-Other-Settings attribute of cn=directory service,cn=windows
    nt,cn=services,cn=configuration,cn={guid}

  7. Change ADAMAllowADAMSecurityPrincipalsInConfigPartition=0 to
    ADAMAllowADAMSecurityPrincipalsInConfigPartition=1

  8. Edit the Configuration partition under cn=Roles create a user named admin : password
    set user admin attribute msDS-UserAccountDisabled to false
    under that user copy its entire DN

  9. Edit member of cn=Administrator and add ADAM Account, and paste the above copied DN in a text file for further use.

  10. Open the dc=training,dc=com partition and under roles, edit member of
    cn=Administrator and add ADAM Account, and paste the above copied DN in the configuration partition, edit the user admin object and modify
    attribute.

    the administrative DN is for example:
    CN=admin,CN=Roles,CN=Configuration,CN={3B1FF893-289D-452F-9C26-C9F05B7FE5F2}
    the root dn is : dc=training,dc=com

  11. Manually modify the /opt/CA/siteminder/xps/db/ADAM.ldif file and change {guid} with the GUID defined in ADAM configuration partition as above, for example:

    {3B1FF893-289D-452F-9C26-C9F05B7FE5F2}
    # /opt/CA/siteminder/xps/db/ADAM.ldif

  12. Manually run these commands:

    # smldapsetup ldgen -f /tmp/sm.ldif
    # smldapsetup ldmod -f /tmp/sm.ldif
    # smldapsetup ldmod -f /opt/CA/siteminder/xps/db/ADAM.ldif