You must create a IBM Security Verify Access user
that is used to configure the single sign-on.
Before you begin
Depending on how your system administrator customized your system, you might not
have access to this task. To obtain access to this task or to have someone complete it for you,
contact your system administrator.
IBM Security Verify Access must
be installed.
About this task
Use the pdadmin command to create a user
in IBM Security Verify Access that
can be used by WebSEAL. For this task, the user name is sso.
You can also use the web interface to create the user.Perform this
task on the server where IBM Security Verify Access is installed.
Procedure
- Start the utility by typing pdadmin at
a command prompt. The pdadmin command is located
in the /PolicyDirectory Installation path/bin directory.
- Log in to a secure domain as the sec_master administration
user to use the utility.
- At the command prompt, type login.
- Type sec_master when prompted
for a user ID.
- Specify the associated password at the Enter
Password prompt.
For example:
pdadmin> login
Enter User ID: sec_master
Enter Password: password
pdadmin>
- To create the sso user, type the
following command on one line at the command prompt.
pdadmin sec_master> user create sso cn=sso,cn=Users,secAuthority=Default
sso sso password
- sso
- Specifies the user name you want to create. In this case, the
user is sso.
- cn=sso,cn=Users,secAuthority=Default
- Specifies the full LDAP distinguished name (DN).
- password
- Specifies the password for the user.
- To make the user account valid, type this command
pdadmin sec_master> user modify sso account-valid yes