Computer Accessories User Manual
2. In Directory Server console , add the following ACI.
dn:ou=1.0,ou=SunAMClientData,ou=ClientData,<ROOT_SUFFIX>
changetype:modifyadd:aci
aci: (target="ldap:///ou=1.0,ou=SunAMClientData,ou=ClientData,<ROOT_SUFFIX>")
(targetattr = "*"(version 3.0; acl "SunAM client data anonymous access";
allow (read, search, compare) userdn = "ldap:///<AuthUIuser’s DN>";)
Notice that the userdn is set to "ldap:///<AuthUIuser’s DN>".
3. See the instructions in the “To Install and Congure a Distributed Authentication UI
Server” in Sun Java System Access Manager 7.1 Postinstallation Guide for editing the
amsilent le, and for running the amadmin command.
4. In the amsilentle, set the following properties:
APPLICATION_USER Enter AuthUIuser.
APPLICATION_PASSWD Enter a password for AuthUIuser.
5. Save the le.
6. Run the amconfig script using the new conguration le. For example, on a Solaris system
with Access Manager installed in the default directory:
# cd /opt/SUNWam/bin
# ./amconfig -s ./DistAuth_config
7. Restart the web container on the Distributed Authentication UI server.
Incompatibility for Access Manager default conguration of Statistics
Service for legacy (compatible) mode (6286628)
After installation with Access Manager in legacy mode, the default conguration for the
Statistics Service has changed:
■
The service is turned on by default (com.iplanet.services.stats.state=file).
Previously, it was o.
■
The default interval (com.iplanet.am.stats.interval) has changed from 3600 to 60.
■
The default stats directory (com.iplanet.services.stats.directory) has changed from
/var/opt/SUNWam/debug to /var/opt/SUNWam/stats.
Workaround: None.
Attribute uniqueness broken in the top-level organization for naming
attributes (6204537)
After you install Access Manager, login as amadmin and add the o, sunPreferredDomain,
associatedDomain, sunOrganizationAlias, uid, and mail attributes to the Unique Attribute
Known Issues and Limitations
Sun Java System Access Manager 7.1 Release Notes • March 200724