How to export a SAML 2.0 partnership from one environment to another

book

Article ID: 40890

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Introduction: 

How to export a SAML 2.0 partnership from one environment to another

Background:

If you would like to export an entire partnership which includes the partnership object, entities and certificates associated, use this method rather than doing a full policy store export.

Environment:

Windows, Linux & Unix. Siteminder/SSO version 12.5 and above.

Instructions:

1.  Open a command line in your environment, Windows or Linux

2.  Run xpsexplorer 

3.  Find SPPartnership or IDPPartnership and verify the partnership you want to export by name. Choose the number for that option e.g.: 75- SPPartnership 

4. Hit "S" to search the objects 

5.  Copy the whole object ID: CA.FED::[email protected] 

6.  Hit "Q" x3 to exit XPSExplorer 

7.  Run the command similar to the below identifying the file that you want to save it to and add your object ID

Example:  XPSExport full_partnership.xml -rm -xo CA.FED::[email protected] -npass 

8.   Save this file to your new environment and open a command line and run:

XPSimport CA.FED::[email protected] -npass 

9.   When you log back into the AdminUI you should see the partnership and entities.

10. You will need to activate it in order to start using the partnership. 

Additional Information:

For reference, I have put the description of the commands included in my XPSexport command:

-rm ::= Set default method to Merge for objects appearing after this option on the command line. 

-xo <object> ::= Export specified object. 

-npass ::= Specifies that no passphrase is to be used. Sensitive data will be exported in clear text. 

 

*You can find a full list of commands for XPSexport by typing "XPSExport ?" in the command line.

 

 

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component: