DS 7.2.4

Install DS for AM identities

Use this profile when setting up DS as an AM identity repository and user data store. It includes the additional LDAP schema and indexes required to store AM identities:

  1. Before proceeding, install the server files.
    For details, see Unpack files.

  2. Run the setup command with the --profile am-identity-store option:

    $ /path/to/opendj/setup \
     --deploymentId $DEPLOYMENT_ID \
     --deploymentIdPassword password \
     --rootUserDN uid=admin \
     --rootUserPassword str0ngAdm1nPa55word \
     --monitorUserPassword str0ngMon1torPa55word \
     --hostname ds.example.com \
     --adminConnectorPort 4444 \
     --ldapPort 1389 \
     --enableStartTls \
     --ldapsPort 1636 \
     --httpsPort 8443 \
     --replicationPort 8989 \
     --bootstrapReplicationServer rs1.example.com:8989 \
     --bootstrapReplicationServer rs2.example.com:8989 \
     --profile am-identity-store \
     --set am-identity-store/amIdentityStoreAdminPassword:5up35tr0ng \
     --acceptLicense
    • The deployment ID for installing the server is stored in the environment variable DEPLOYMENT_ID. Install all servers in the same deployment with the same deployment ID and deployment ID password. For details, read Deployment IDs.

    • The service account to use in AM when connecting to DS has:

      • Bind DN: uid=am-identity-bind-account,ou=admins,ou=identities.

      • Password: The password you set with am-identity-store/amIdentityStoreAdminPassword.

    • The base DN for AM identities is ou=identities.

    • AM does not require change number indexing, which involves resource-intensive processing. If AM is the only application using this data, disable change number indexing. For details, see Disable change number indexing.

      For the full list of profiles and parameters, see Default setup profiles.

  3. Finish configuring the server before you start it.

    For a list of optional steps at this stage, see Install DS for custom cases.

  4. Start the server:

    $ /path/to/opendj/bin/start-ds
Copyright © 2010-2023 ForgeRock, all rights reserved.