Osarobo_Idehen

CA Directory User Store Configuration

Blog Post created by Osarobo_Idehen Employee on Aug 11, 2017

CA Directory User Store Configuration:

 

1) Download the latest CA Directory version :
https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/technical-document-index/ca-directory-12_0_18-latest-cumulative-release-download.html?id=%7BEF969875-A501-47B5-BB84-A0660FF77577%7D%3Fid%3D%7BEF969875-A501-47B5-BB84-A0660FF77577%7D

 

2) Install downloaded CA Directory and create new DSA by using following command:

dxnewdsa caustore 389 "o=ustore,c=es"

 

3) If the DSA does not automatically start, run the following:

dxserver start caustore

 

4) Download and install Jxplorer Ldap browser:

http://jxplorer.org/downloads/

 

5) Create admin user by first connecting as anonymous user:
Host: hostname
Port: 389(ensure port 389 is not already being used on the host machine)
Base DN: o=ustore,c=es

 

6) create admin user and submit

Parent DN: ou=people,o=ustore,c=es
Enter RDN: cn=admin
Add available classes: inetOrgPerson, organizationalPerson, person, top

Enter, and Re-enter Password (select SHA encryption)

 

7) Access below directory on the CA Directory host machine:

C:\Program Files\CA\Directory\dxserver\config\servers

 

8) Open the caustore.dxi( the .dxi file for the user store DSA), and add below lines:

#SiteMinder
set mimic-netscape-for-siteminder=true;
set concurrent-bind-user=<c es><o ustore><cn admin>;
set ignore-name-bindings=true;
set hold-ldap-connections=true;

 

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/policy-server-configuration/user-directories/configure-a-ca-directory-user-directory-connection

 

9) Stop and start the user store DSA as below:

dxserver stop caustore

dxserver start caustore

 

10) Access the AdminUI and create User Directory connection using below sample details:

| ip | xx.xx.xx.xx:389 |
| hostname | abc.xyz.com |
| username | cn=admin,o=ustore,c=es |
| Password | password |
| Root | o=ustore,c=es |
| Start | (cn= |
| End | ) |
| Universal ID (R) | cn |
| Disabled Flag (RW) | carlicense |
| Password Data (RW) | jpegphoto |
| Password (RW) | userPassword |

 

View user store contents should be successful!

 

Further details:

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/policy-server-configuration/user-directories/configure-a-ca-directory-user-directory-connection

Outcomes