Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Ch2L2.txt
- # Chapter 2 Lesson 2 Exercise 1 Task 1 - View the CTS Configuration
- /home/forgerock/ds/cfgstore/bin/ldapsearch --port 10389 --hostname appsvr.example.com --baseDN ou=tokens,o=cfgstore --bindDN "cn=Directory Manager" --bindPassword cangetinds objectclass="*"
- # Chapter 2 Lesson 2 Exercise 2 Task 1 - Backup the embedded data store
- cd /home/forgerock/am/opends/bin
- ./export-ldif --backendId userRoot --ldifFile /var/tmp/amconfigCh1Ex2.ldif --bindDN "cn=directory manager" --bindPassword cangetinam --port 5444 --trustAll
- # Chapter 2 Lesson 2 Exercise 2 Task 2 - Install a DS Instance for CTS
- cd /home/forgerock/ds
- unzip /opt/forgerock/software/DS-eval-6.0.0.zip
- mv opendj cts
- cd cts
- ./setup directory-server --acceptLicense --instancePath /home/forgerock/ds/cts --rootUserDn cn="Directory Manager" --rootUserPassword cangetinds --monitorUserDn uid=Monitor --monitorUserPassword cangetinds --hostname appsvr.example.com --adminConnectorPort 6444 --enableStartTls --ldapPort 20389 --ldapsPort 20636 --addBaseEntry --baseDN cn=cts,ou=famrecords,ou=openam-session,ou=tokens
- bin/status -h appsvr.example.com -p 6444 -D "cn=directory manager" -w cangetinds -X
- # Chapter 2 Lesson 2 Exercise 1 Task 3 - Use AM Documentation to Configure an External CTS
- cd /home/forgerock/ds/cts/bin
- TOMCAT_OPENAM_WEBAPP=/opt/tomcat/webapps/am
- T=/tmp/ldif
- rm -rf $T
- mkdir $T
- cp $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-schema.ldif $T/cts-add-schema.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-schema.ldif
- cp $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-multivalue.ldif $T/cts-add-multivalue.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-multivalue.ldif
- cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-multivalue-indices.ldif | sed -e 's/@DB_NAME@/userRoot/' > $T/cts-add-multivalue-indices.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-multivalue-indices.ldif
- cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-indices.ldif | sed -e 's/@DB_NAME@/userRoot/' > $T/cts-indices.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-indices.ldif
- ROOT_SUFFIX="cn=cts,ou=famrecords,ou=openam-session,ou=tokens"
- cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-container.ldif | sed -e "s/@SM_CONFIG_ROOT_SUFFIX@/$ROOT_SUFFIX/" > $T/cts-container.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-container.ldif
- # Add CTS User
- cat /opt/forgerock/labs/AMprep/cts_user.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds /opt/forgerock/labs/AMprep/cts_user.ldif
- # Add ACIs to the cts instance
- ./dsconfig set-access-control-handler-prop --no-prompt --hostname appsvr.example.com --port 6444 --bindDN "cn=Directory Manager" --bindPassword cangetinds --trustAll --add 'global-aci:(target = "ldap:///cn=schema")(targetattr = "attributeTypes || objectClasses")(version 3.0; acl "Modify schema"; allow (write) userdn = "ldap:///uid=openam_cts,ou=admins,cn=cts,ou=famrecords,ou=openam-session,ou=tokens";)'
- ./dsconfig get-access-control-handler-prop --port 6444 --hostname appsvr.example.com --bindDN "cn=Directory Manager" --bindPassword cangetinds --property global-aci --trustAll --no-prompt
- cat /opt/forgerock/labs/AMprep/cts_acis.ldif
- ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds /opt/forgerock/labs/AMprep/cts_acis.ldif
- # Import and rebuild CTS indexes using a batch file
- ./dsconfig --port 6444 --hostname appsvr.example.com --bindDN "cn=Directory Manager" --bindPassword cangetinds --batchFilePath /opt/forgerock/labs/AMprep/cts-add-indexes.txt --trustAll --no-prompt
- #Stop the DS instance
- ./stop-ds
- # Rebuild all indexes and then verify them
- ./rebuild-index --baseDN "cn=cts,ou=famrecords,ou=openam-session,ou=tokens" --rebuildAll --offline
- ./verify-index --baseDN "cn=cts,ou=famrecords,ou=openam-session, ou=tokens"
- # Start the DS instance
- ./start-ds
- # Chapter 2 Lesson 2 Exercise 1 Task 4 - Verify the External CTS Configuration
- /opt/tomcat/bin/shutdown.sh
- ps -ef | grep tomcat
- /opt/tomcat/bin/startup.sh
- /home/forgerock/ds/cts/bin/ldapsearch --port 20389 --hostname appsvr.example.com --baseDN cn=cts,ou=famrecords,ou=openam-session,ou=tokens --bindDN "cn=Directory Manager" --bindPassword cangetinds objectclass="*"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement