API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 12th, 2019
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.52 KB | None | 0 0
raw download clone embed print report
  1. Ch2L2.txt
  2.  
  3. # Chapter 2 Lesson 2 Exercise 1 Task 1 - View the CTS Configuration
  4.  
  5. /home/forgerock/ds/cfgstore/bin/ldapsearch --port 10389 --hostname appsvr.example.com --baseDN ou=tokens,o=cfgstore --bindDN "cn=Directory Manager" --bindPassword cangetinds objectclass="*"
  6.  
  7. # Chapter 2 Lesson 2 Exercise 2 Task 1 - Backup the embedded data store
  8.  
  9. cd /home/forgerock/am/opends/bin
  10.  
  11. ./export-ldif --backendId userRoot --ldifFile /var/tmp/amconfigCh1Ex2.ldif --bindDN "cn=directory manager" --bindPassword cangetinam --port 5444 --trustAll
  12.  
  13.  
  14. # Chapter 2 Lesson 2 Exercise 2 Task 2 - Install a DS Instance for CTS
  15.  
  16. cd /home/forgerock/ds
  17.  
  18. unzip /opt/forgerock/software/DS-eval-6.0.0.zip
  19.  
  20. mv opendj cts
  21.  
  22. cd cts
  23.  
  24. ./setup directory-server --acceptLicense --instancePath /home/forgerock/ds/cts --rootUserDn cn="Directory Manager" --rootUserPassword cangetinds --monitorUserDn uid=Monitor --monitorUserPassword cangetinds --hostname appsvr.example.com --adminConnectorPort 6444 --enableStartTls --ldapPort 20389 --ldapsPort 20636 --addBaseEntry --baseDN cn=cts,ou=famrecords,ou=openam-session,ou=tokens
  25.  
  26.  
  27. bin/status -h appsvr.example.com -p 6444 -D "cn=directory manager" -w cangetinds -X
  28.  
  29. # Chapter 2 Lesson 2 Exercise 1 Task 3 - Use AM Documentation to Configure an External CTS
  30.  
  31. cd /home/forgerock/ds/cts/bin
  32.  
  33. TOMCAT_OPENAM_WEBAPP=/opt/tomcat/webapps/am
  34.  
  35. T=/tmp/ldif
  36.  
  37. rm -rf $T
  38.  
  39. mkdir $T
  40.  
  41. cp $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-schema.ldif $T/cts-add-schema.ldif
  42.  
  43. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-schema.ldif
  44.  
  45. cp $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-multivalue.ldif $T/cts-add-multivalue.ldif
  46.  
  47. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-multivalue.ldif
  48.  
  49. cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-add-multivalue-indices.ldif | sed -e 's/@DB_NAME@/userRoot/' > $T/cts-add-multivalue-indices.ldif
  50.  
  51. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-add-multivalue-indices.ldif
  52.  
  53. cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-indices.ldif | sed -e 's/@DB_NAME@/userRoot/' > $T/cts-indices.ldif
  54.  
  55. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-indices.ldif
  56.  
  57. ROOT_SUFFIX="cn=cts,ou=famrecords,ou=openam-session,ou=tokens"
  58.  
  59. cat $TOMCAT_OPENAM_WEBAPP/WEB-INF/template/ldif/sfha/cts-container.ldif | sed -e "s/@SM_CONFIG_ROOT_SUFFIX@/$ROOT_SUFFIX/" > $T/cts-container.ldif
  60.  
  61. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds $T/cts-container.ldif
  62.  
  63. # Add CTS User
  64. cat /opt/forgerock/labs/AMprep/cts_user.ldif
  65.  
  66. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds /opt/forgerock/labs/AMprep/cts_user.ldif
  67.  
  68. # Add ACIs to the cts instance
  69. ./dsconfig set-access-control-handler-prop --no-prompt --hostname appsvr.example.com --port 6444 --bindDN "cn=Directory Manager" --bindPassword cangetinds --trustAll --add 'global-aci:(target = "ldap:///cn=schema")(targetattr = "attributeTypes || objectClasses")(version 3.0; acl "Modify schema"; allow (write) userdn = "ldap:///uid=openam_cts,ou=admins,cn=cts,ou=famrecords,ou=openam-session,ou=tokens";)'
  70.  
  71. ./dsconfig get-access-control-handler-prop --port 6444 --hostname appsvr.example.com --bindDN "cn=Directory Manager" --bindPassword cangetinds --property global-aci --trustAll --no-prompt
  72.  
  73. cat /opt/forgerock/labs/AMprep/cts_acis.ldif
  74.  
  75. ./ldapmodify --port 20389 --bindDN "cn=Directory Manager" --bindPassword cangetinds /opt/forgerock/labs/AMprep/cts_acis.ldif
  76.  
  77. # Import and rebuild CTS indexes using a batch file
  78. ./dsconfig --port 6444 --hostname appsvr.example.com --bindDN "cn=Directory Manager" --bindPassword cangetinds --batchFilePath /opt/forgerock/labs/AMprep/cts-add-indexes.txt --trustAll --no-prompt
  79.  
  80. #Stop the DS instance
  81. ./stop-ds

  82.  
  83. # Rebuild all indexes and then verify them
  84. ./rebuild-index --baseDN "cn=cts,ou=famrecords,ou=openam-session,ou=tokens" --rebuildAll --offline
  85. ./verify-index --baseDN "cn=cts,ou=famrecords,ou=openam-session, ou=tokens"
  86.  
  87. # Start the DS instance
  88. ./start-ds
  89.  
  90. # Chapter 2 Lesson 2 Exercise 1 Task 4 - Verify the External CTS Configuration
  91.  
  92. /opt/tomcat/bin/shutdown.sh
  93.  
  94. ps -ef | grep tomcat
  95.  
  96. /opt/tomcat/bin/startup.sh
  97.  
  98. /home/forgerock/ds/cts/bin/ldapsearch --port 20389 --hostname appsvr.example.com --baseDN cn=cts,ou=famrecords,ou=openam-session,ou=tokens --bindDN "cn=Directory Manager" --bindPassword cangetinds objectclass="*"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!