Sun Java System Access Manager 2005Q4
Sample
 

Main Page

User Management Samples

This Readme explains how to add new attributes to the User so that those new attributes can be managed via the user page in Access Manager. There are 2 ways to achieve this. You can modify the existing amUser.xml to add your new attributes, or group the new attributes into a service and import the new service to Access Manager.

 

I. Add new attributes to the User by creating a new service

The following procedures explain how to add new attributes to the User by creating a new service. The sample service in this example contains 4 user attributes.

  1. Import the new service sampleMailServerService to Access Manager
    • Solaris:
      <IS_install>/SUNWam/bin/amadmin
      --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --schema sampleMailServerService.xml
    • Windows2000:
      <IS_install>\bin\amadmin --runasdn
      uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --schema sampleMailServerService.xml
  2. Copy the properties file sampleMailServerService.properties to <IS_install>/SUNWam/locale (for Windows2000: <IS_install>\locale).
  3. Restart Access Manager.
  4. Login to Access Manager Administration Console and register the new sample service "Sample Mail Server Service" to the organization where you want users to have the new attributes.
  5. To manage the new attributes, assign the sample service "Sample Mail Server Service" to the users. Now you should be able to manage the new attributes under the user page.

 

II. Add new attributes to the User by modifying the amUser.xml

The following procedures explain how to add new attributes to the User by modifying the amUser.xml file.

  1. Add the following new attribute to the User subschema in <IS_install>/SUNWam/config/xml/amUser.xml (For Windows: <IS_install>\config\xml\amUser.xml).
    <AttributeSchema
        name="maildeliveryoption" 
        type="single" 
        syntax="string" 
        any="display"
        i18nKey="u150"
        />
  2. Add the i18n tag to the file <IS_install>/SUNWam/locale/amUser.properties (For Windows: <IS_install>\locale\amUser.properties).
    u150=Delivery Option
  3. Remove the service "iPlanetAMUserService" using amadmin.
    • Solaris:
      <IS_install>/SUNWam/bin/amadmin
      --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --deleteservice iPlanetAMUserService
    • Windows2000:
      <IS_install>\bin\amadmin --runasdn
      uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --deleteservice iPlanetAMUserService
  4. Reload the service.
    • Solaris:
      <IS_install>/SUNWam/bin/amadmin
      --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --schema amUser.xml
    • Windows2000:
      <IS_install>\bin\amadmin --runasdn
      uid=amAdmin,ou=People,<default_org>,<root_suffix>
      --password <password> --schema amUser.xml
  5. Using Directory Server Console, modify the entry dn: "ou=BasicUser,ou=CreationTemplates,ou=templates,ou=default,ou=GlobalConfig,ou=1.0,ou=DAI,ou=services,<root_suffix>" by adding the value "required=objectClass=mailrecipient" to the attribute iplanetkeyvalue.
  6. Restart Access Manager.
  7. Now you should be able to see the new attribute under the user profile.