Friday, February 10, 2006

AM7 role management

(1) Static Role Creation






PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>










(2) create filtered role







PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>








(|(objectclass=inetOrgPerson)(uid=*))





(2) Realm Role Service Registration







PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI
DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>





iceName="iPlanetAMSessionService" >


125



35




3



5






(3) add user to role






PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>







uid=ituser1,ou=people,dc=jesswitch,dc=com





(1) user service registration to role






PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>









en_US



PST




en



Active







(2) admin service to realm role







PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>









false



5




100



25






(2) assign auth config service to realm






PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>





"iPlanetAMAuthConfiguration" >



ldapService






(3) assign disco service to realm role






PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>





"sunIdentityServerDiscoveryService" >






(8) service registration, there will no diff from
static role and filtered role.







PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>








125



35




3



5
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)