Creating application domains

How to create an application domain.

About this task

You can create an application domain from only the default domain. When you create an application domain, the password map from the default domain is inherited.

If you do not need these password aliases, delete them.
When password aliases in the default domain are added or deleted or the password changes for a password alias, the password aliases in the application domain are not added, deleted, or changed. After initial creation, you must independently manage the password aliases in the password map in each domain.

You can associate the security context for the configuration data in the domain.

Domain: Permission to configuration data is limited to the current domain.
Global: Permission to configuration data is subject to the specified access profile. This profile is applied globally to all configuration data in the domain.

Specific

Permission to configuration data is subject to the access profile that an object instance references. You can assign this mode to the following contexts.

The location that a configuration sequence monitors. For more information, see Creating a configuration sequence.
The command sequence for an event trigger. For more information, see Adding event triggers to a log target.

After you create an application domain, you can access that domain to modify its domain settings to manage domain-specific behavior.

Procedure

In the search field, enter domain.
From the search results, click Application domain.
Click Add.
Define the basic properties - Name, administrative state, and comments.

In the Main section, provide the basic settings.

With the Visible application domains control, add the application domains that this application domain can see.
Use the File permission for the local: directory checkboxes to select the wanted file access permissions.
Permissions apply to the local: directory of the new application domain.
Use the File-monitoring for the local: directory checkboxes to select the wanted monitoring and logging states for files in the local: directory.
Logging and auditing each creates a record of file accesses and activities that can be useful later to determine changes to files.

In the Configuration section, provide the settings to apply to the configurations in the domain.

In the Configuration checkpoint limit field, specify the maximum number of configuration checkpoints to allow.
From the Configuration mode list, select the wanted configuration mode: Local or import.
If the configuration mode is import, define the import characteristics.
1. In the Import URL field, specify a URL for the file.
2. From the Import format list, select the file format.
3. Optional: From the Deployment policy list, select a deployment policy.
  The package to import is preprocessed before it is applied to the configuration file.
4. Optional: From the Deployment policy variables list, select the deployment policy variables to preprocess the deployment policy.
5. Optional: Disable Rewrite local IP addresses.
  When enabled, local IP addresses in the import package are rewritten to match the local DataPower® address. In other words, a service that binds to eth10 in the import package is rewritten to bind to the local DataPower IP address of eth10.
From the Configuration permission mode list, select the security context for the configuration data in this domain.
In the Configuration permission profile field when the permission mode is Global, specify the access profile that controls permission to configuration data.
For more information, see Access policy builder.
Click Apply to save changes to the running configuration.
Click Save to save changes to the persisted configuration.

What to do next

Access the application domain to modify domain settings.