Create A Top Secret Profile ACID Using LDAP

book

Article ID: 109853

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

What is the method to create a Top Secret PROFILE ACID using LDAP?

Environment

Release:
Component: TSSLDP

Resolution

To add a PROFILE: 

./ldapmodify -c -h YourHost -p nnnn -D cn=Admin -w XXXX -x -f add_profile.ldif 

where:
YourHost is your Host name
nnn is your port number
Admin is your TSS administrator
XXXX is the administrator password
add_profile.ldif is the ldif file containing the profile definition to be created. 

Here is an example of the add_profile.ldif:

*** Top of file **** 
dn:tssproflist=profldap,tssacidgrp=proflist,tssacid=myacid,tssadmingrp=acids,host=YourHost,o=ca,c=us 
changetype: add 
objectClass: tssproflist 
Profile-Before: prof001 
Profile-Until-Date: 10/12/20 
Target-Nodes-for-Cmds: = 
**** End of file **** 

To permit a resource to a PROFILE, the ldapmodify command is the same as above, but the ldif file name 'per_resource.ldif' will be different. For example: 

**** Top of file **** 
dn: tssresname=ZZZZ,tssresclass=IBMGROUP,tssacidgrp=Permissions, 
tssprofile=PROFLDAP,tssadmingrp=profiles,host=YourHost,o=ca,c=us 
changetype: add 
objectClass: tssresname 
tssresclass: IBMGROUP 
tssresname: ZZZZ 
**** End of file **** 

To create an acid, the ldapmodify command is the same as above, but the ldif file name 'create_acid.ldif' will be different. For example:

**** Top of file **** 
version: 1 
dn:tssacid=000002,tssadmingrp=acids,host=usi252me,o=ca,c=us 
changetype: add 
objectClass: tssacid 
Name:DEFAULT USER 2 
tssacid:000002 
User-Type:USER 
Department:D112 
userPassword:000002 
userPassword-Expire: Y 
My-Phone-Number-is:06.17.69.89.00 
My-Street-is:£4, Place des Pyramides 
**** End of file ****