Configure the runtime environment

To configure the runtime environment with the local management interface, use the Runtime Component management page.

Steps

  1. Select Web > Manage > Runtime Component.

  2. Click Configure. You can configure the policy server to be local or remote.

    • Local policy server with a remote LDAP user registry

      1. Under Policy Server, select Local.

      2. Under User Registry, select LDAP Remote.

      3. Click Next.

      4. On the Policy Server tab, provide settings for the fields displayed. Fields with an asterisk are required and must be completed.

          Management Suffix The LDAP suffix used to hold the IBM Security Verify Access secAuthority data. To create the domain at the secAuthority=Default tree, leave this field blank.
          Management Domain The IBM ISAM domain name. Ensure the domain name specified is unique among all domains on the LDAP server. The existence of a domain with the same name in a different suffix also causes an error. As this field is the name of the management domain, do not specify an LDAP DN. Here are some example settings and the corresponding result data:

          Administrator Password The security administrator's password.
          Confirm Administrator Password The security administrator's password.
          SSL Server Certificate Lifetime (days) The lifetime in days for the SSL server certificate.
          SSL Compliance Additional SSL compliance. If FIPS is enabled on the appliance, the SSL Compliance field cannot be set to No additional compliance.

      5. Click Next.

      6. On the LDAP tab, provide settings for the fields displayed.

          Host name The name of the LDAP server.
          Port The port to be used the system communicates with the LDAP server.
          DN The distinguished name used when the system contacts the user registry.
          Password The password for the DN.
          Enable SSL Whether SSL is enabled.
          Certificate Database The KDB file containing the certificate used to communicate with the user registry. This field is required if Enable SSL is selected.
          Certificate Label The label of the SSL certificate that is presented to the user registry upon request. This field is optional and is only required if SSL is enabled, and the user registry is configured to require a client certificate.

      7. Click Finish to save the settings.

    • Local policy server with a local user registry

      Users and groups within the local user registry are managed through the ISAM administration framework; for example, pdadmin. All these users and groups are housed under the suffix dc=iswga.

      1. Under Policy Server, select Local.

      2. Under User Registry, select LDAP Local.

      3. Click Next.

      4. On the Policy Server tab, provide settings for the fields displayed. Fields with an asterisk are required and must be completed.

          Administrator Password The security administrator's password.
          Confirm Administrator Password The security administrator's password.
          SSL Server Certificate Lifetime (days) The lifetime in days for the SSL server certificate.
          SSL Compliance Specifies any additional SSL compliance.

      5. Click Next.

      6. On the LDAP tab, provide settings for the fields displayed. Fields with an asterisk are required and must be completed.

          Clean existing data
          Select this check box to delete any existing data in the embedded LDAP server before the configuration.

      7. Click Finish to save the settings.

    • Remote policy server

      1. Under Policy Server, select Remote.

      2. Under User Registry, select Whether to use LDAP.

      3. Click Next.

      4. On the Policy Server tab, provide settings for the fields displayed.

      5. Click Next and complete settings on the LDAP tab.

          Host name The name of the LDAP server.
          Port The port to be used when the system communicates with the LDAP server.

      6. Click Finish to save the settings.

Parent topic: Runtime environment