Supported LDIF Files

AM installation deploys several LDIF files that can be used to create the schemas required by AM. LDIF files are available for Microsoft Active Directory, Microsoft Active Directory Lightweight Directory Services, Oracle Directory Server Enterprise Edition, ForgeRock Directory Services, Oracle Unified Directory, and IBM Tivoli Directory Server.

The following tables provide descriptions for each LDIF file:

Microsoft Active Directory LDIF Files
LDIF FileDescription
ad_config_schema.ldifLDIF for the configuration schema.
ad_dashboard.ldifLDIF to support the dashboard service.
ad_deviceprint.ldifLDIF to support the device print service.
ad_kba.ldifLDIF to support the User Self-Service's knowledge-based questions and answers service.
ad_oathdevices.ldifLDIF to support registered devices for the OATH authentication service.
ad_pushdevices.ldifLDIF to support registered devices for the PUSH notification service.
ad_user_schema.ldifLDIF for the user schema.
ad_webauthndevices.ldifLDIF to support registered devices for the Web Authentication (WebAuthn) authentication service.

Microsoft Active Directory Lightweight Directory Services LDIF Files
LDIF FileDescription
adam_dashboard.ldifLDIF to support the dashboard service.
adam_deviceprint.ldifLDIF to support the device print service.
adam_kba.ldifLDIF to support the User Self-Service's knowledge-based questions and answers.
adam_oathdevices.ldifLDIF to support registered devices for the OATH authentication service.
adam_pushdevices.ldifLDIF to support registered devices for the PUSH notification service.
adam_user_schema.ldifLDIF for the user schema.
adam_webauthndevices.ldifLDIF to support registered devices for the Web Authentication (WebAuthn) authentication service.

Oracle Directory Server Enterprise Edition LDIF Files
LDIF FileDescription
amsdk_pluginFolder containg the AM SDK LDIF files: amsdk_init_template.ldif and amsdk_sunone_schema2.ldif.
odsee_config_index.ldifLDIF for the ODSEE configuration indexes.
odsee_config_schema.ldifLDIF for the ODSEE configuration schema.
odsee_dashboard.ldifLDIF to support the dashboard service.
odsee_deviceprint.ldifLDIF to support the device print service.
odsee_kba.ldifLDIF to support the User Self-Service's knowledge-based questions and answers.
odsee_oathdevices.ldifLDIF to support registered devices for the OATH authentication service.
odsee_pushdevices.ldifLDIF to support registered devices for the PUSH notification service.
odsee_user_index.ldifLDIF for the user respository indexes.
odsee_user_schema.ldifLDIF for the user repository schema.
odsee_userinit.ldifLDIF for the setting up user session initialization.
odsee_webauthndevices.ldifLDIF to support registered devices for the Web Authentication (WebAuthn) authentication service.

DS LDIF Files
LDIF FileDescription
oath_2fa.ldifLDIF for the OATH two-factor authentication service.
opendj_aci_lift_user_password_restriction.ldifLDIF to add an ACI entry to the root suffix to allow users to modify the user password attribute.
opendj_aci_remove_blanket_deny_all.ldifLDIF to lift any user password restrictions for upgrade.
opendj_add_kba_attempts.ldifLDIF to upgrade a user data store from a version earlier than AM 6 to support account lockout when the user fails to answer their security questions a number of times.
opendj_config_schema.ldifLDIF for the DS configuration schema.
opendj_dashboard.ldifLDIF to support the dashboard service.
opendj_deviceprint.ldifLDIF to support the device print service.
opendj_deviceprofiles.ldif

LDIF to support storage of device information, collected by the SDK device authentication nodes.

Apply this LDIF if you intend to use the ForgeRock SDK for device profiling.

opendj_embinit.ldifLDIF for the DS user management and SMS/configuration datastore schema for evaluation (embedded DS) deployments.
opendj_kba.ldifLDIF to support the User Self-Service's knowledge-based questions and answers.
opendj_oathdevices.ldifLDIF to support registered devices for the OATH authentication service.
opendj_pushdevices.ldifLDIF to support registered devices for the PUSH notification service.
opendj_remove_config_schema.ldifLDIF to remove the configuration schema.
opendj_remove_user_schema.ldifLDIF to remove the user schema.
opendj_retry_limit_node_count.ldif

(Introduced in AM 7.0.2) LDIF to upgrade the identity store to support persisting failed login attempts to the user's profile when using the "Retry Limit Decision Node".

There are no equivalent files for other supported directory servers. Adapt the contents of the opendj_retry_limit_node_count.ldif file to work with your directory server.

opendj_uma_audit.ldifLDIF to add auditing capabilities for the UMA service.
opendj_uma_labels_schema.ldifLDIF to add a schema for the UMA service labels.
opendj_uma_pending_requests.ldifLDIF to add pending requests for the UMA service.
opendj_uma_resource_set_labels.ldifLDIF to support labels for UMA resources.
opendj_uma_resource_sets.ldifLDIF to support UMA resources.
opendj_update_aci_kba_attempts.ldifLDIF to upgrade a user data store from a version earlier than AM 6 to support account lockout when the user fails to answer their security questions a number of times.
opendj_user_index.ldifLDIF for the user respository indexes.
opendj_user_schema.ldifLDIF for the user repository schema.
opendj_userinit.ldifLDIF for the setting up user session initialization.
opendj_webauthndevices.ldifLDIF to support registered devices for the Web Authentication (WebAuthn) authentication service.
push_2fa.ldifLDIF for the push two-factor authentication service.

Tivoli LDIF Files
LDIF FileDescription
tivoli_dashboard.ldifLDIF to support the dashboard service.
tivoli_deviceprint.ldifLDIF to support the device print service.
tivoli_kba.ldifLDIF to support the User Self-Service's knowledge-based questions and answers.
tivoli_oathdevices.ldifLDIF to support registered devices for the OATH authentication service.
tivoli_pushdevices.ldifLDIF to support registered devices for the PUSH notification service.
tivoli_user_schema.ldifLDIF for the user repository schema.
tivoli_webauthndevices.ldifLDIF to support registered devices for the Web Authentication (WebAuthn) authentication service.

Read a different version of :