Description:

This document explains step-by-step how to configure ADAM as a policy store for SiteMinder

Solution:

1. Install ADAMSP1_x86_English.exe
   
   
2. Install ADAMSP1MUI_x86.exe
   
   
3. Create an instance named training
   
   
4. Create an application partition named dc=training,dc=com
   
   
5. Import all LDF ldif file
   
   
6. Edit msDS-Other-Settings attribute of cn=directory service,cn=windows
   nt,cn=services,cn=configuration,cn={guid}
   
   
7. Change ADAMAllowADAMSecurityPrincipalsInConfigPartition=0 to
   ADAMAllowADAMSecurityPrincipalsInConfigPartition=1
   
   
8. Edit the Configuration partition under cn=Roles create a user named admin : password
   set user admin attribute msDS-UserAccountDisabled to false
   under that user copy its entire DN
   
   
9. Edit member of cn=Administrator and add ADAM Account, and paste the above copied DN in a text file for further use.
   
   
10. Open the dc=training,dc=com partition and under roles, edit member of
    cn=Administrator and add ADAM Account, and paste the above copied DN in the configuration partition, edit the user admin object and modify
    attribute.
    
    the administrative DN is for example:
    CN=admin,CN=Roles,CN=Configuration,CN={3B1FF893-289D-452F-9C26-C9F05B7FE5F2}
    the root dn is : dc=training,dc=com
    
    
11. Manually modify the /opt/CA/siteminder/xps/db/ADAM.ldif file and change {guid} with the GUID defined in ADAM configuration partition as above, for example:
    
    {3B1FF893-289D-452F-9C26-C9F05B7FE5F2}
    # /opt/CA/siteminder/xps/db/ADAM.ldif
    
    
12. Manually run these commands:
    
    # smldapsetup ldgen -f /tmp/sm.ldif
    # smldapsetup ldmod -f /tmp/sm.ldif
    # smldapsetup ldmod -f /opt/CA/siteminder/xps/db/ADAM.ldif