Tivoli Policy Director - IBMpublib.boulder.ibm.com/tividd/td/SW_30/GC32-0737-00/zh... · 2007-09-29 · ¶ 6Tivoli® SecureWay Policy Director Base \m8O7,GB84-0404-01 ... %"MX/@w#Tivoli

$Page 1: Tivoli Policy Director - IBMpublib.boulder.ibm.com/tividd/td/SW_30/GC32-0737-00/zh... · 2007-09-29 · ¶ 6Tivoli® SecureWay Policy Director Base \m8O7,GB84-0404-01 ... %"MX/@w#Tivoli$
Tivoli® SecureWayPolicy DirectorWeb Portal Manager \m8O

f> 3.8


Tivoli® SecureWayPolicy DirectorWeb Portal Manager \m8O

f> 3.8

Tivoli Policy Director® Web Portal Manager® \m8O

f(yw

© Copyright IBM Corporation 2001. All rights reserved. vI@U Tivoli Systems m~mI$-i(;V IBMm~mI$-i)9C,r_w* IBM M'-irmI$-iPX Tivoli z7D=<9C#4- IBM +>

BHifmI,9TNNN=rNNVN(gSD"z5D"E'D"b'D"/'D"K$DHH)T>iDNN?VxP4F"+%"*<"f"Zlw53Pr-kINNFczoT#IBM +>ZhzFwv)

zT:9CD2=4rNNICFcz&mDD5DP^mI,0aG?vbyD4F7y&XP IBM +>Df(yw#4- IBM +>BHifmI,;Zhf(PDd|(#>D5;G*zz<8D,"RGT0vK4,1Dy!a)D,;PNNN=D#$#XKywbPX>D5DyP#$,|(JzTMJCZ3

X(C>D#$#

U.S. Government Users Restricted Rights—Use, duplication or disclosure restricted by GSA ADP Schedule Contractwith IBM Corporation.

Lj

I B M " I B M U j " T i v o l i " T i v o l i U j " A I X " C r o s s - S i t e " N e t V i e w " O S / 2 " P l a n e tTivoli"RS/6000"SecureWay"Tivoli Certified"Tivoli Enterprise"Tivoli Enterprise Console"Tivoli Ready"TMEM WebSphere GzJL5zw+>r Tivoli Systems Inc. Z@zM/rd|zRrXxDLjr"aLj#

Java MyPyZ Java DLjMUjG Sun Microsystems, Inc. Z@zMd|zRrXxDLjr"aLj#

Lotus G Lotus Development Corporation D"aLj#

Microsoft"Windows"Windows NT M Windows UjG Microsoft Corporation Z@zM/rd|zRrXxDLj#

UNIX G The Open Group Z@zMd|zRrXxD"aLj#

d|+>"z7M~qFI\Gd|+>DLjr~qjG#

yw

>vfoPya=D Tivoli Systems r IBM Dz7"Lrr~q";5>b)z7"Lrr~q+ZyPP

Tivoli Systems r IBM 5qDzRrXxPa)#NNTb)z7"Lrr~qDC"GbZ5>v\9C

Tivoli Systems r IBM Dz7"Lrr~q#;*;V8 Tivoli Systems r IBM DP'*6z(rd|\(I#$D(,NN,H&\Dz7"Lrr~q,<ITC4zfya=Dz7"Lrr~q#Zkd|

z7aO9C1,KG)I Tivoli Systems r IBM w78(Dz7.b,d@@Mi$yIC'TP:p#

Tivoli Systems r IBM +>I\Q5PrZjkk>D5Z]PXDwn(#a)>D5"4ZhC'9Cb)(DNNmI$#PXmI$i/DBK,C'ITk IBM Director of Licensing, IBM Corporation,North Castle Drive, Armonk, New York 10504-1785, USA if*5#

© Copyright International Business Machines Corporation 2001. All rightsreserved.

?<

0T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

>8ODA_ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

>8ODZ] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

vfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Tivoli SecureWay Policy Director b . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

Z_CJvfo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix

):vfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

a)XZvfoD4! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

*5M''V . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x

>i9CD<(. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Ve<(. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Yw53`XDd?M76 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Z1B Web Portal Manager ri . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

e5a9M<u . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Z2B 20 Web Portal Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2~Mm~hs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

f.20 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

X8m~ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

rW20 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

20MdC Tivoli SecureWay Policy Director KP173M\m~qw. . . . . . 12

20MdC IBM WebSphere Application Server j<f,f> 3.5 . . . . . . . . . 12

WebSphere M LDAP KZE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

dMM(F20 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2+T*s. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

20=h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

20MdC IBM WebSphere Application Server ^)| 4. . . . . . . . . . . . . . . . 16

20MdC Web Portal Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

iiiTivoli SecureWay Policy Director Web Portal Manager \m8O

% Web Portal Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

JOoO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Z3B Web Portal Manager \m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

gfEv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Web Portal Manager G<M"z . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

C'Nq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

C' → Qw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

C'tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

C'tT → GSO >$ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

C'tT → GSO >$ → 4( GSO >$M4( GSO i>$ . . . . 31

C' → 4( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

iNq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

i → Qw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

itT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

i → 4( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

\#$TsUdNq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

TsUd → /@ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

\#$TstT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

\#$TstT → )9tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

\#$TstT → )9tT → 4()9tT. . . . . . . . . . . . . . . . . 42

CJXFmNq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

ACL → Pm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

ACL tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

ACL tT → ACL u?tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

ACL tT → 4( ACL u? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

ACL tT → K! ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

ACL tT → ACL iRa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

ACL tT → =S ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

ACL tT → )9tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

ACL tT → )9tT → 4()9tT . . . . . . . . . . . . . . . . . . . . . 52

iv f> 3.8

ACL → 4( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

ACL → mI(hv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

\#$Ts_TNq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

POP → Pm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

POP tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

POP tT → =S POP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

POP tT → POP iRa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

POP tT → )9tT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

POP tT → )9tT → 4()9tT . . . . . . . . . . . . . . . . . . . . . 60

POP → 4( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

GSO J4Nq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

GSO J4 → Pv GSO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

GSO J4tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

GSO J4 → 4( GSO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

GSO J4 → Pv GSO i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

GSO J4itT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

GSO J4 → 4( GSO i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Z4B /I\m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

/IC'\m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

/IG+\m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

/I\mNq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

/I\m → rPm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

/I\m → Pvs5r . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

/IrtT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

/IrtT → PvC' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

/IrtT → PvC' → /IC'tT . . . . . . . . . . . . . . . . . . . . 82

/IrtT → PvC' → /IC'tT → G+Vd . . . . . . . . . . . 84

/IrtT → 4(rC' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

/IrtT → PvSr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

/IrtT → 4(Sr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

vTivoli SecureWay Policy Director Web Portal Manager \m8O

/IrtT → G+Vd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

/IrtT → G+Vd → rrVdG+ . . . . . . . . . . . . . . . . . . . . 89

/IrtT → G+Vd → rG+VdC' . . . . . . . . . . . . . . . . . . 91

/IrtT → r\m1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

/IrtT → _6\m1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

/IrtT → \m1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

/IrtT → 'V\m1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

/I\m → 4(s5r . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

/I\m → 4(G+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

/I\m → PvG+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

G+tT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

G+tT → $nrG+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

G+tT → #9rG+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

/Ir → rC'Qw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

w . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

vi f> 3.8

0T

Tivoli® Policy Director GKP Tivoli Policy Director z7W~PD&C

Lryh*Dy!m~#|'VTa)c:6'DZ(Mbv=8D

Tivoli Policy Director &CLrD/I#w*/I/Dbv=8z[,b

)z7a)CJXF\mbv=8#Cbv=8GTgSLq&CDx

g2+T_TM&CLr2+T_T*PDD#VZa);VBD$_

(Web Portal Manager)#yZ Web DC<NC'gf(GUI)9z\4

PkS pdadmin |nPy4P`,D Tivoli Policy Director \mNq

0|`Nq#Web Portal Manager zfT0M Tivoli Policy Director ;

pa)D\mXF(#

6Tivoli® SecureWay Policy Director Web Portal Manager \m8O7b

MgN20"dCMC Tivoli® Policy Director Web Portal Manager#

>8ODA_

>8Ofr:p Tivoli Policy Director Web Portal Manager D20"d

CM\mD53\m1#

A_&1l$BPZ]:

¶ PC M UNIX® Yw53

¶ ]be5a9MEn

¶ 2+\m

¶ xJ-i,|( HTTP"TCP/IP"D~+M-i(FTP)"Telnet

¶ a?6?<CJ-i(LDAP)M?<~q

¶ O$MZ(

gtC2+WSVc(SSL)(E,z9&Cl$ SSL -i"\?;

;(+CM(C)"V)"S\c(MO$PD#

viiTivoli SecureWay Policy Director Web Portal Manager \m8O

>8ODZ]

>8O|,TBwZ:

¶ Z13D:Web Portal Manager ri;

a)iI Web Portal Manager D?D"e5a9M<uDEv#

¶ Z53D:20 Web Portal Manager;

hvgN20MdC Web Portal Manager,|(|DX8m~#bo

9PXZgNSzD53P% Web Portal Manager D8>E"M

20JOoO#

¶ Z213D:Web Portal Manager \m;

a) Web Portal Manager gfM|GgNKPDEv#|2hvk

0 C ' 1 " 0 i 1 " 0\# $ T s U d 1 " 0 C J X F m 1

(ACL)"0\#$Ts_T1(POP)M0+V"aJ41

(GSO)K%n`X*D&\r\Z]M\mDNq#

¶ Z713D:/I\m;

a) Web Portal Manager D/I\m&\D30EnM=(DEv#

|2hvk0/I\m1K%n`X*D&\r\Z]M\mDN

q#

vfo>ZPvK Tivoli Policy Director bPDvfoMd|`XD5#|2

hvKgNZ_CJ Tivoli vfo"gN): Tivoli vfoMgNT

Tivoli vfoab#

Tivoli SecureWay Policy Director bZz(C=(D Tivoli SecureWay Policy Director Base CD D /doc ?

<BM Tivoli M''V Web >cOa)BPZ_D5#6kHDA7

(,G|,Zzm~|PD2=4D5#XZ Tivoli SecureWay Policy

Director M`Xwb(|( LDAP M+C\?y!a9)DE"Dd|

44,kG<BP Web >c:

http://www.ibm.com/redbooks

¶ 6Tivoli® Policy Director kHDA7,G152-0081-00

viii f> 3.8

PvK Tivoli SecureWay Policy Director m~|DZ]"a)Khv

gN*<20M9Cz7DD57_<#

¶ 6Tivoli® SecureWay Policy Director Base \m8O7,GB84-0404-01

hv9C Tivoli SecureWay Policy Director ~qDEnML#a)

S pdadmin |nPgf4PNqD8>E"#

¶ 6Tivoli® SecureWay Policy Director Base 208O7,GB84-0407-01

hv20 Tivoli SecureWay Policy Director ~q=yP=((|(y

PX8m~)DEnML#

;Z Tivoli M''V Web >cOa)BP9dD5#XZgNCJC

Web >cDE",kND:Z_CJvfo;#

¶ Tivoli Policy Director Error Messages

PvK1z9C Tivoli Policy Director 1I\v=Dms"#zI

%wms"TT>I\D-rMbv=8#

¶ Tivoli Policy Director Base Administration API Developer’s Reference

a)KXZgN9C\m API T9&CLrPF.X4P Tivoli

Policy Director \mNqDE"#CD5hvK\m API D Java® M

C 5V#

¶ Tivoli Policy Director Base Authorization ADK Developer’s Reference

a)KXZgN9C*"$_MZ( API TtC&CLr9C Tivoli

Policy Director 2+TDE"#CD5hvKZ( API D Java M C

5V#

Z_CJvfozIZ_CJ Tivoli M''V Web >cODm` Tivoli vfo:

http://www.tivoli.com/support/documents/

b)vfoGT PDF M/r HTML q=a)D#3)z79a)-k

DD5#

*CJs?VD5,zh*j6M\k#gh*D0,zITSBP

Web >cq!#

ixTivoli SecureWay Policy Director Web Portal Manager \m8O

http://www.tivoli.com/support/getting/

):vfozIZBP Web >cPZ_):m` Tivoli vfo#

http://www.ibm.com/shop/publications/order

z2I(&rb)Ek.;g0)::

¶ Z@z:800-879-2755

¶ ZSCs:800-426-4968

¶ d|zRrXxDg0EkPm,kNDBP Web >c:

http://www.tivoli.com/inside/store/lit_order.html

a)XZvfoD4!RGG#Vb=z9C Tivoli z7MD5DP\,"RG#6-za

)Dx(i#gPNNPXz7MD5DbM(i,kTBP==.

;*5RG:

¶ "MgSJ~= [email protected]#

¶ ZBP Web >cPjIRGDM'4!wi:

http://www.tivoli.com/support/survey/

*5M''VgzTNN Tivoli z7PJb,zI*5 Tivoli M''V#kNDB

P Web >cD Tivoli Customer Support Handbook:

http://www.tivoli.com/support/handbook/

Vaa)XZgNy]JbDOXT*5 Tivoli M''VDE"MBP

E":

¶ "aMJq

¶ g0EkMgSJ~X7(!vZzyZDzRrXx)

¶ *5<u'V0&CU/DE"

x f> 3.8

>i9CD<(

>iTZXbuoMYwT0Yw53`XD|nM769C;)<

(#

Ve<(>i9CBPVe<(:

VeV vVZD>PD!4Ms!4lCD|n"|n!nM

j>sby,TVeV`MT>#

<NC'gf*X(K0ZMT0rDjbTb)M

|2sby,TVeV`MT>#

1eV d?"zXka)D5"BuoM?wDJT0Los

by,T1eV`MT>#

HmVe vVZ%@;PD|n"|n!nMj>"zk>"

dvM"D>sby,THmVe`MT>#

XkdkDD~M?<F"D>V.(vVZD>

P1)"Java =(M`DF"HTML k XML Dj

),2sby,THmVe`MT>#

Yw53`XDd?M76>iZ8(73d?1MT?<E9C UNIX <(#

19C Windows |nP1,TZ73d?kC %variable% zf

$variable "Z?<76PC41zf?;v1\(/)#

":gzZ Windows 53O9C bash bGLr,rzI9C UNIX

<(#

xiTivoli SecureWay Policy Director Web Portal Manager \m8O

xii f> 3.8

Web Portal Manager ri

Tivoli Policy Director,f> 3.7/3.7.1 +;vyZ Java™ D@"\mX

F(Cw Tivoli Policy Director \m1D\m GUI#VZa);VF*

Web Portal Manager DBi~#Tivoli Policy Director 3.8 Db;yZ Web

Di~+CZ\m2+rD2+T_T# Web Portal Manager a)TC

'"i"G+"(^"_TM&CLrCJ)&D\mMY]#

Kb,Web Portal Manager a)F*/IC'\mM/IG+\mD&

\#K&\9Tivoli Policy Director \m1\4(/IC'r,"*?v

/IC'rVdX(DC',9dI*\m1#b)\m1PD?;v

<GX(`MD\m1,JmTCrPDC'4PXp(eD\m&\

DS/#

":>ibZk6Tivoli® SecureWay Policy Director Base \m8O7;

paO9C#C\m8O|, Tivoli SecureWay Policy Director 5

3&\M\mNqDj85w#Web Portal Manager Tb)&\a

)yZ Web DCJ,"RC Web Portal Manager 8O"T9RG

J&bvBDgf#rK,Web Portal Manager 8OY(zQ-D

A"mb|,Z6Tivoli® SecureWay Policy Director Base \m8

O7PD&\"NqM5w#

e5a9M<u

Tivoli SecureWay Policy Director Web Portal Manager hFIITS Web

/@w9CD Web &CLr#|Z Web ~qwK9C Web &CLr

<u JavaServer Pages(JSP)C4|,\m&\_-Mm>q=#k Web

Portal Manager i~PXDw*i~Z< 1 PT>"ZBPPmPhv:

1

1Tivoli SecureWay Policy Director Web Portal Manager \m8O

1.W

ebP

ortal

Man

ager

r

i

¶ Web /@w#( HTML m%a) Policy Director \m&\#

¶ Web ~qw#S/@wSU HTML m%ks"wC JSP f#Z

4(BD HTML m%T|,\mksDa.s,Web ~qw+m

%"MX/@w#Tivoli Policy Director 9Cs(Z IBM WebSphere

z7PD IBM HTTP Server#

¶ JSP f#4(r0kkZ HTML m%ksP8(D JSP D~`T

&D Java .class D~#Tivoli Policy Director 9C|,Z IBM®

WebSphere® z7PD JSP f45VC?D#

¶ JSP D~#I JSP fVvszI .class D~,CD~|,4P

\m&\D_-#

¶ \m API Java |0w#*KzzT\m API DwC,II .class

D~49C\m Java API |0w#

¶ Tivoli Policy Director KP173M\m~qw\m API#\m API"

y!(EM4P\m&\D5J~qwzk#

g< 1 T>,1z9C Web Portal Manager,yPD\m&\<IS

Web /@wCJ#;h*Z/@wzwO20=SDm~#TZ?v\

m&\<P;] HTML m%,m%|, JSP D~M]dkE"#1

< 1. Tivoli Policy Director i~

2 f> 3.8

zZ/@wA;O%w4Sr4%T4(\m&\ks1,Web ~qw

9CQ+MD JSP D~E"wC JSP f#JSP f;s0kk JSP D

~`T&D .class D~(WHCJ JSP D~1,JSP fVvCD~

4( .java D~"+ .java D~`kI .class D~)#gNNC'

]dkf HTML m%;px4,10k .class D~1]Ma+M

x4#;s .class D~wC\m API Java |0wTzzIKP173

ya)D API wC#Z\m~qwT\mksxP~q.s,S Java |

0w5Xa#.class D~4(BD|,aD HTML m%,"R

Web ~qw+|+XC'D/@w#

Tb) HTML 3fDCJIC'O$y#$#WN"TCJNN\m3

fDC'a*=G<3fTcG\9T:q! Tivoli Policy Director D

O$#ZC'I&G<s,JVZGf0Gu<D3f#C3fZs

_K%r\PvK\m1I9CDyP&\#

r* Web /@wM Web ~qw.daPz\D](gG<\k)

w/,yT|G.dD(E+( HTTPS \=I6kZ Web /@wM

Web ~qwPD2+WSVc(SSL)\&D#$#


1.W

ebP

ortal

Man

ager

r

i

4 f> 3.8

20 Web Portal Manager

Z20 Web Portal Manager .0,z&Cl$ Web Portal Manager D

~Mzh*wvDdCv(#>B(a)BPwZ4ozz5VOv

*s:

¶ 2~Mm~hs

¶ f.20

¶ 20MdC IBM WebSphere Application Server j<f,f> 3.5

¶ 20MdC IBM WebSphere Application Server ^)| 4

¶ 20MdC Tivoli SecureWay Policy Director KP173M\m~q

w

¶ 20MdC Web Portal Manager

2~Mm~hs~qwDnMZfhsG 256 MB#~qwDFvZfG 512

MB#WebSphere PT:D2~hs,zIZBP Web X7PR=:

http://www–4.ibm.com/software/webservers/appserv/doc/ latest/idx_hwa.htm

Tivoli SecureWay Policy Director Web Portal Manager 'VBP~qw

=(:

¶ 0P Service Pack 6a D Microsoft Windows NT® 4.0

¶ 0P Service Pack 1 D Microsoft Windows 2000

2


2.2

0W

ebP

ortal

Man

ager

http://www4.ibm.com/software/webservers/appserv/doc/ latest/idx_hwa.htm

Web Portal Manager 'VBP/@w:

":/@wIKPZNN'V/@wD=(O#XZy'VD=(DE

",kND/@wf6#

¶ Netscape 4.6 M 4.7

¶ Internet Explorer 5.0 M 5.5

f.20

Z Web Portal Manager 20.0,h*4i8nf.n?"h*wvF

.v(#BPwZV[Kb)n?#

X8m~Zz20 Web Portal Manager D~.0,zXk4PBP=h:

":boP20 Web Portal Manager MyPX8m~(|,Z Web

Portal Manager CD P)DrW20E>#XZrW20D|È

",kND:rW20;#

1. 20MdC Tivoli SecureWay Policy Director KP173M\m~q

w#XZ|È",kNDZ123D:20MdC Tivoli SecureWay

Policy Director KP173M\m~qw;#KP173Xk20Z

IBM WebSphere Application Server D,;(zwO#\m~qwI

T20Z@"DzwO#

2. 20MdC IBM WebSphere Application Server j<f,f> 3.5#

XZ|È",kNDZ123D:20MdC IBM WebSphere

Application Server j<f,f> 3.5;#

3. 20MdC IBM WebSphere Application Server ^)| 4#XZ|`

E",kNDZ163D:20MdC IBM WebSphere Application

Server ^)| 4;#

rW20

*9CrW20E> ezinstall_pdwpm.bat 20 Web Portal Manager,

k4PBP=h:

6 f> 3.8

1. KP Tivoli SecureWay Policy Director Web Portal Manager CD O

D ezinstall_pdwpm.bat Tt/ Web Portal Manager rW20#

2. I\aa>z:QBH*KxL4(Kl&D~#k*9C

C:\TEMP\EZINSTALL.RSP w*l&D~p?[y | n]#gzT09C

rW20E>,dP|,NN Tivoli SecureWay Policy Director Base

rW20E>,rz+;\4=;vl&D~#dk y 9CCD~#

gz_PjDl&D~,r20L*<"R20yPXhD

D~#gz_P?VjDl&D~,kLxxP=h 3#

gzh*(;9Cl&D~(F20,k!q n "RLxxP=

h 4#

TVT 8>E":responsefile.gif

":gQ20KKP173M\m~qwT0|GDX8m~,

r;T> IBM HTTP Server"IBM SecureWay Directory Client

MKP173DdC0Z#xkb)!n`X*D=h#

3. 9C?VjDl&D~,CBP=h20MdC Web Portal

Manager:

":zI\4=BP0ZD+?r;G;?V,b!vZzl&D

~DZ]#gl&D~1Y0ZDu?,r+a;vV;v

0Z#

a. GSKit +aT/20MdC#


2.2

0W

ebP

ortal

Man

ager

b. T> IBM SecureWay Directory Client 20;C0Z#dk*2

0 Directory Client D;C"4B Enter |#

c. T> IBM HTTP Server dC0Z#dk\m\k"4B Enter|#

TVT 8>E":ibmhttp.gif

d. T> WebSphere dC0Z#dk\m\k"4B Enter |#

TVT 8>E":websphere.gif

e. 20L*<#20BPi~:

¶ GSKit

8 f> 3.8

¶ IBM SecureWay Directory Client

¶ KP173

¶ IBM WebSphere Application Server j<f,f> 3.5

¶ IBM WebSphere Application Server ^)| 4

¶ Web Portal Manager

4. 9CBP=hIT;9Cl&D~420MdC Web Portal

Manager:

a. 0ZT>Q-20ZzD53PDi~#4B Enter |Lx#

TVT 8>E":ezinstallno.gif

b. T/20MdC GSKit#

c. T> IBM SecureWay Directory Client 20;C0Z#dk*2

0 Directory Client D;C"4B Enter |#

d. T> IBM HTTP Server dC0Z#dk\m\k"4B Enter|#;sa>zdkx;=D|Dr4B y Lx#


2.2

0W

ebP

ortal

Man

ager

TVT 8>E":ibmhttp2.gif

e. T>KP173dC0Z#a>zdk LDAP ~qwwz"s

:M\m~qw#;sa>zdkx;=D|Dr4B y L

x#

TVT 8>E":runtimeconfig.gif

f. 1a>:gQ-tC PDMgr JmBX$iD~,+K!ntU#

qr,k8(I PDMgr dC4(D pdcacert.b64 D~#kdk

A Policy Director $iD~D76:gzP4tC\m~q

wTJmBX$iD~,rdkZD$iD~D+^(76"

4B Enter |#qr,+K!ntU"4 Enter |#

10 f> 3.8

g. T> WebSphere dC0Z#dk\m\k"4B Enter |#;

sa>zdkx;=D|Dr4B y Lx#

TVT 8>E":websphere2.gif

5. 20L*<#120jyPDi~,r4B Enter |XB<zD

zw#200ZT>yPQ20Di~#

TVT 8>E":installfinish.gif

;sdCQ20Di~,20MdCMjIK#


2.2

0W

ebP

ortal

Man

ager

20MdC Tivoli SecureWay Policy Director KP1

73M\m~qw*20 Tivoli SercureWay Policy Director KP173M\m~qw,k

ND6Tivoli® SecureWay Policy Director Base 208O7PD8>E"#

20KP173M\m~qwh*DyPX8m~#

20MdC IBM WebSphere Application Server j<

f,f> 3.5WebSphere 20ZdXk"b;)n?#b)|,:

¶ WebSphere M LDAP ~qwKZE

¶ dMM(F WebSphere 20

¶ 20 Websphere .sD2+T*s

WebSphere M LDAP KZE20 WebSphere sXk"b;)=Sn?#gZ,;(zwOdC

WebSphere M LDAP ~qw,r|G<+ IBM HTTP Server w* Web

~qw9C#LDAP D1!KZEG 8080 "R WebSphere D1!KZ

EG 80#gIZ LDAP DdCx+ Websphere DKZE|D*

8080,rzXk+CKZEDX 80#(^D IBM HTTP Server DB

PdCD~I|DKZE:

drive:\IBM HTTP Server\conf\httpd.conf

gZ,;(zwOdC WebSphere M Tivoli SecureWay Policy Director

WebSEAL,rzXk|D WebSEAL DKZE#*|DD0,k^D

WebSEAL DdCD~#k= WebSEAL dCD~D;C%ND|È

"#

dMM(F20TZ20 WebSphere P=v!n,dMM(F#FvdM20#g!

q(F20,zXk4PBPPD;n:

¶ TZ]b`MVN,k!q InstallDB#

¶ * WebSphere 4(]b#

12 f> 3.8

XZdMM(F20D|È",kN<zD WebSphere 20D5#

2+T*sdC5CLrdCLT/X* IBM WebSphere Application Server d

CZKZE 443 OD2+WSVc(SSL)'V#IBM HTTP Server d

CD~(httpd.conf)+T/dCT'V SSL 'VDibwz#ZdC

&mI&jI.s,zXk#9"XBt/ IBM HTTP Server#

dC5CLr!dCL%T IBM HTTP Server dCD~

(httpd.conf)yvD|D#SSL 'V;1#VP'1=M'#9"XB

t/ IBM HTTP Server#

BPO$PDD~M Web Portal Manager V"|,Z;p#CV"Gt

C HTTP CJ.0h*<k=z Web /@wDV"#

drive:\WebSphere\AppServer\hosts\default_host\pdadmin\config\pdwpm.arm

dP drive G20 WebSphere D/w#>\?]bD~M\kf

"D~2|,ZdP#$i+Z 2003 j 8 B 30 U=Z#

z&Cq!T:D$i"^D IBM HTTP Server dCD~

(httpd.conf),by~qwM\R=\?D~DB;C#

20=h

*20 IBM WebSphere Application Server j<f 3.5,k9CBP=

h:

1. S Tivoli SecureWay Policy Director Web Portal Manager CD Pq

C IBM WebSphere Application Server j<f,f> 3.5 20zk#

2. KP setup.exe t/ InstallShield Lr#

3. !qJ1DoT"%w7(#


2.2

0W

ebP

ortal

Man

ager

TVT 8>E":wsinstall1.gif

4. !qlY20(1!!n)"%wB;=#


5. Z02+T!n10ZPdkC'"\kM7O\k,;s!q

B;=#bG WebSphere DC'M\k"RXkG>XzwODC

'j6M\k#

14 f> 3.8


6. InstallShield Lr* WebSphere Application Server ?DX?<M IBM

HTTP Server a)K1!76#gzwQ-20K IBM HTTP

Server,rC!n;avV#!qB;=S\b)1!5#


":GBb)76,r* WebSphere Application Server ^)| 4 2

0Zdh*b)76#&CLr~qwD1!76G


2.2

0W

ebP

ortal

Man

ager

c:\WebSphere\AppServer#g IBM HTTP Server w* WebSphere

20D?~420D0,r|D1!76G c:\IBM HTTP

Server#g|w* Web Portal Manager rW20D?~rw*

Policy Director 20D?~20D0,r1!76G c:\Program

Files\IBM HTTP Server#

7. !q Windows0LrD~P1;C;1!;CG

IBM WebSphere\Application Server V3.5#!qB;=#


20L*<#20jIs,+P;ua>,/JzGq*XBt

/ Windows#

8. !qq,;*XBt/ Windows#zw+Z20C^)|.sXB

t/#

20MdC IBM WebSphere Application Server ^)

| 4*20 IBM WebSphere Application Server ^)| 4,k9CBP=h:

1. S Tivoli SecureWay Policy Director Web Portal Manager CD Pq

C IBM WebSphere Application Server ^)| 4 zk#

2. + PTF4 ?<DZ]4F=zzwDY1?<P#

3. r*|na>"+?<|DICY1?<#

16 f> 3.8

4. SC;CKP install.bat#

5. 1a>:kdk20 IBM WebSphere Application Server D?<1,

dk?<"4B Enter |;1!?<* c:\WebSphere\AppServer#

6. 1a>:*T WebSphere Application Server y>6p?1,k

!q No#

":10mI$-iJm WebSphere ;Gw* Web Portal Manager

Dgf49C#!q Yes a<B%4C-i,"RI\aCz

P\=SDQC#

7. 1a>T>/f":g20 IBM HTTP Server PTF,r;\j+

6X|#GSKit m~|+;a6X#z*T IBM HTTP Server 1.3.12

6p?1,k!q Yes#

8. 1a>:kdk20 IBM HTTP Server 1.3.12 D?<#1,kdk

?<"4B Enter |;1!?<G c:\IBM HTTP Server r

c:\Program Files\IBM HTTP Server#

6*<#a>T>"Z6 IBM JDK 1.2.2#C6+ IBM

Developer Toolkit Windows® f 1.2.2 20Z WebSphere ?<B#

gzQ-ZzwDd|X=20KC$_d,r;aPe;#

16jI1,a>T>":20jI,^ms#ki4n/U

>,q!j8E"#4Nb|Lx#

9. 4BNb|Lx#

10. WebSphere Application Server 3.5 M^)| 4 VZQ20#XB

<zDzw#

20MdC Web Portal Manager*20 Web Portal Manager,k9CBP=h#IBM WebSphere

Application Server Zz20 Web Portal Manager .0XkZKP#

1. *t/&CLr~qw,k!q

*< → Lr → IBM WebSphere → Application Server V3.5 → t

/\m~qw#C=hKP 50–60 MB Java &CLrTt/&CL

r~qw,"RbI\ah*8VS4jI,b!vZzD53#


2.2

0W

ebP

ortal

Man

ager

2. KP Tivoli SecureWay Policy Director Web Portal Manager CD P

D Windows\Pol icyDirector\DiskSpaceImages\Disk1\PDWPM\DiskSpaceImages\Disk1\Setup.exe t/ Web Portal

Manager InstallShield#

3. !qJ1DoT"%wB;=,;sT>0Web Portal Manager mI

$-i1T0r#

TVT 8>E":chooselang.gif

4. !qGS\mI$-iun"t/20L#20lYXjI#

TVT 8>E":license.gif

120 Web Portal Manager 1,Xk9C Tivoli SecureWay Policy

Director dC5CLrTdC|#!q*< → Lr → Policy Director→ dCT>dC5CLr#5CLrG;Em,|PvK PolicyDirector Web Portal Manager(PDWPM),+dhC*q#

18 f> 3.8

5. !qCP,"%wdC#dCL*<#dCU>D~;Z

c:\Program Files\Tivoli\Policy Director\log\pdwpm.log,|j8

5wKdCn/#U>D~;Z Tivoli SecureWay Policy Director K

P173D,;?<wP#

6. 1dCjI1,#9"XBt/ IBM HTTP Server#!q*< → L

r → IBM HTTP Server → #9 HTTP Server #9~qw,"R

!q*< → Lr → IBM HTTP Server → t/ HTTP Server TX

Bt/~qw#

7. *t/ Web Portal Manager,kZ/@wPdkBP Web X7:

https://host_name/pdadmin

2+,ST0rf, Web Portal Manager 6-A;;pT>#

% Web Portal Manager*% Web Portal Manager,zXkWH9CBP=h!dC|#

1. !q*< → Lr → Policy Director → dCT>dC5CLr#

dC5CLrT>;Em,|PvK Policy Director Web PortalManager(PDWPM),k+dhCIG#

2. !qCP"%w!dC,;s!dCL*<#dCU>D~

;Z c:\Program Files\Tivoli\Policy Director\log\pdwpm.log,

|j85wKdCn/#U>D~;Z Tivoli SecureWay Policy

Director KP173D,;?<wP#

3. 1!dCjI1,9C Windows0mS/>Lr1% Web

Portal Manager#!q*< → hC → XFfe → mS/>Lr,

T>0mS/>LrtT1T0r#

4. Z020/6X1!n(Ov/LrPm"!q Policy DirectorWeb Portal Manager,;s%wmS/>#T/%KLr#

5. 1%Lr1,!q7(XUT0r#

JOoO

gzZ Web Portal Manager rNNX8m~D20Zdv=Jb,r

zII!;)JOoO=hT"TM9HCiv#


2.2

0W

ebP

ortal

Man

ager

g20s Web Portal Manager ;Pt/,rli WebSphere ~qw

GqZKP#zI9C WebSphere \mXF(44PCYw#9CC

XF(;G*Kli~qwD4,#NNd|&\I\a0l WebSphere

Application Server 20"<B;IV4Dp5#

*T> WebSphere \mXF("li~qw4,,k9CBP=h:

1. *T>\mXF(,k!q*< → Lr → IBM WebSphere →Application Server V3.5 → \m1XF(#

2. !q")9BPwn:

¶ WebSphere \mr

¶ wz

¶ 1!~qw

¶ 1!!~qLrf

3. i$ pdadmin PZ01!!~qLrf1DBf"R|T_Dr

G6+D(ZKP)#grGl+D,r~qw#9#

4. g~qwQ#9,r!q|"%wt/#~qwt/"Rrd*

6+#

g WebSphere Application Server ZKP,rB;=*liDn?G

IBM HTTP Server#9CZ173D:20MdC Web Portal Manager;

PD8>E"t/M#9~qw#g Web Portal Manager T;;\K

P,rk*5 Tivoli M''V#

20 f> 3.8

Web Portal Manager \m

Web Portal Manager i~Jmz4(/IC'r,"*?v/IC'r

VdX(DC',9dI*\m1#b)\m1PD?;v<GX(`

MD\m1,JmTCrPDC'4PXp(eD\m&\DS/#

gfEv

Web Portal Manager I Web 3fPD=vISDr\iI:K%r\

M&\r\#;Zs_(\GI)DK%r\G;v HTML r\,C

r\T>KyPw*O6K%nD Policy Director I\mTsMw*B

6K%nD\m&\#b)\m&\'VOv\mTs#

TVT 8>E":z&1hCs5r"C'"G+M Policy Director \m

1TbT6Tivoli SecureWay Policy Director Base \m8O7#ND>

vfoD TVT 8>E"rWH4PXZCvfoD TVT bT,T7#

zICJyPDA;#2IT Policy Director \m1m]G<= Web

Portal Manager#menuframe.gif

3


3.W

ebP

ortal

Man

ager

\m

?vSK%(&\)nG;v HTML 4S#gz%wb)nPDNN

;v,`&D&\r\T>Z Web 3fDR_#

TVT 8>E":functionframe.gif

< 2. K%r\

22 f> 3.8

?v&\r\P|GT:DXhDdkVNMYw4%#1zn4yP

DXhDdkVN,;s%wJ1DYw4%1,rjIKC&\"R

Zr\OT>a#gZz%wYw4%14jIyPDXnVN,

rmsa>"LT>ZA;O#gI&4PK&\"T>KIKzz

D],rIKzzD?;u]I\G;v HTML 4S,zI%w|

T>m;v&\r\#

g,Z%wK%r\PDC' → Qw.s,0C'Qw1r\T>Z

R_#ZzdkQwu~.s,avVZ&\r\PT>DC'Pm

P#PmPD?vC'4S=CC'D0C'tT1&\r\;Cr\

T>10C'DyPtT#

BPyPw?V<4UK%r\PT>D4ScNa94i/#cNa

9PD7=v4SvVZZ;?V,xsx4SvVZsfD?V#7

=v4SZsfD?V;YX4#g,Z;vxr|*C' → Q

w#B;vxr|*C'tT;CxrD5J76GC' → Qw → C

'tT#

< 3. &\r\


3.W

ebP

ortal

Man

ager

\m

Web Portal Manager G<M"zbo;P4S8rG<= Web Portal Manager D Web 3f,+Gg

z;P Tivoli SecureWay Policy Director G<OBD,ra+zX(r

AC Web 3f#G<3fZz%wK%r\OD"z&\.sr1zD

G<a0Q-=Z1T>zWN"TCJ Web Portal Manager D1d#

*t/MG< Web portal manager,k9CBP=h:

1. *t/ Web Portal Manager,kZ/@wPdkBP Web X7:

https://<host name>/pdadmin

gz49C SSL,kdk http://<host name>/pdadmin#2+,S

T0rf, Tivoli SecureWay Policy Director Web Portal Manager 6

-A;;pT>#

TVT 8>E":login.gif

2. S06-13f,ZD>VNPdkP'DC'j6M\k#

3. !qG<#gG<'\,aT>ms"#gG<I&,Ma

+z(rAu<A;#CA;Dsf_PK%r\#

24 f> 3.8

TVT 8>E":welcome.gif

*"z Web portal manager,k9CBP=h:

1. !qK%r\OD"z#%K\m1D Policy Director G<OB

D#

2. T>0G<13f#

C'NqK%r\ODC'jb_P=vSjb:QwM4(#b)&\-z(

;10 Tivoli SecureWay Policy Director C'"T>"`-C'tTM

4(BC'#

TVT 8>E":usertasks.gif

< 4. C'NqK%r\


3.W

ebP

ortal

Man

ager

\m

C' → Qw0C'Qw1&\r\a)r%DC'j6Qw&\T(; Policy

Director C'#

TVT 8>E":usersearch.gif

*Qw Policy Director C',k9CBP=h:

1. ZFKwVNPdkQwu~#zI9C(d|(*)Qw?

V%d#

":gzkT>(EDC'j6,kdkjDj6,;sT>

CC'tTx;GaPm#

2. Zns0kVNPdk*T>Da;1!hCG 100#dk\

sDns0kI\a<B:Dl&1d#

3. !qQw#Qw*<"RaT>ZBPjbP:BPC'kQw

u~%d:#

< 5. C'Qw

26 f> 3.8

TVT 8>E":usersearchresults.gif

T>ZaPmPD?vC'j6G;v4S,C4ST>CC'

D0C'tT1&\r\#XZC'tTD|È",kND:C

'tT;#

C'tT

0C'tT1&\r\T>KyPky!qDC'`X*DtT#zI

^DC'tT"S Policy Director C'"am>C'rT> GSO >

$&\r\#

TVT 8>E":userproperties.gif


3.W

ebP

ortal

Man

ager

\m

TBGC'tT:

¶ C'j6(;I^D)

¶ \k

¶ i$\k

¶ hv

¶ (;I^D)

¶ U(;I^D)

¶ LDAP DN (;I^D)

¶ J'GqP'(4!r)

< 6. C'tT

28 f> 3.8

¶ \kGqP'(4!r)

¶ Gq* GSO C'(4!r)

¶ i1m]

C'10ytDiT>Zi1m]irZDv/PmP#*mSBD

i,kZiD>VNPdki"%wmS#iamS=PmP#*

%i,k!qPmPDi"%w%#SPmP%Ki#

*T>yPiDPm,k%wPm#T>iQw0Z#

TVT 8>E":grouplist.gif

9CBP=hQwi:


V%d#

< 7. iPm


3.W

ebP

ortal

Man

ager

\m

":gzkT>(EDij6,kdkjj6,;sT>CC

'tTx;GaPm#


sDns0kI\a<B:Dl&1d#

3. !qQw#Qw*<"RaT>ZBPjbP:Qwa#

!qiT+C'mS=aPm"%w&C#!qXUTXUiP

m0Z#

!q4;T+yPDVNV4=|GDu<4,;gz;Pa;ks

rg9;P!q^DC',rz;\V4b)VN#*^DtT,k

|DwVD>VNM4!r"!q^DC'#g^DI&,r"B

0C'tT1&\r\"|BtT#

*S Policy Director C'"am>C',k!q0C'tT1&\r

\W?D>KC'#*S LDAP M Policy Director C'"am>C

',k!qGq> LDAP u??4!r,;s!q>KC'#!q

GSO >$4STT>0GSO >$1&\r\#

":gC'G GSO C',r;T> GSO >$4S#gC';G

GSO C',r;sT>ywC';G GSO C'D""T>0C

'tT1&\r\#

C'tT → GSO >$

0GSO >$1&\r\T>Ky!qDC'D Tivoli SecureWay Global

Sign-On >$Mi>$#zISCr\P4(r>b)>$#

TVT 8>E":gsocred.gif

30 f> 3.8

?v>$ri>$PZmP"R>$DT_P4!r#*>NN>

$,k!qT&D4!r"%w>4%#g>I&,r"B

0GSO >$1&\r\"|B>$#

C'tT → GSO >$ → 4( GSO >$M4( GSO i>$

04( GSO >$1M04( GSO i>$1&\r\CZ4(y!qC

'DBD Tivoli SecureWay Global Sign-On >$ri>$#

TVT 8>E":gsocredcreate.gif

< 8. GSO >$


3.W

ebP

ortal

Man

ager

\m

9CBP=hT4(BD>$#

":4(vK>$Mi>$D=hG`,D#+=h 1 Di GSO j6

zf GSO j6#

1. dkBPVNPyhDE"#

¶ GSO j6

":j6h*w*VP Tivoli SecureWay Global Sign-On J4#

¶ C'"aj6

¶ \k

¶ i$\k

2. !q4(#g&mI&,rT>0GSO >$1&\r\"PvBD

>$#g&m'\,rT>0GSO >$1&\r\Mms"#

C' → 4(04( Policy Director C'1&\r\Jmz4(BD Policy Director

C'#C&\r\OT>DD>VNM4!rkT>Z0C'tT1&

\r\OD;y#XZG)tTD|È",kNDZ273D:C't

T;#

< 9. 4( GSO >$

32 f> 3.8

TVT 8>E":usercreate.gif

*4(BC',k9CBP=h:

1. dkBD Policy Director C'DtT#C'j6"\k"i$\k"

UM LDAP DN GyPXnVN#

2. gCC'D\k;XqU10 Tivoli SecureWay Policy Director \

k_T,r!qI!D^\k_T4!r#4!r1nu4(C'

1GICD#;)4(KC',rC4!rM;YIC#

3. Zi1m]irP,dk?viDF#CiGCC'h*I*d

I1Di#Z?vu?.s%wmS#*T>yPiDPm,k%

wPm#T>KiQw&\r\#XZiQw&\r\D|È

",kNDZ293D<7#

4. *+yPDVNV4*|GDu<4,,k!q4;#;P1z9

;P!q4(C'1,E\9CC!qV4CVN#

5. ZdkyPDE".s,k!q4(C'T4(BC'#gxL

'\,rT>ms",RXk|;7Du?#gxLI

&,rT>",ywxLI&jI#9T>BC'D0C't

T1&\r\D4S#

< 10. 0C'4(1&\r\


3.W

ebP

ortal

Man

ager

\m

iNqK%r\PDijbP=vSjb:QwM4(#b)&\-z(;1

0 Policy Director i"T>"`-itTM4(Bi#

TVT 8>E":grouptasks.gif

i → Qw0iQw1&\r\a)r%Dij6Qw&\T(; Policy Director

i#

TVT 8>E":groupsearch.gif

*Qw Policy Director i,k9CBP=h:

< 11. 0iNq1K%r\

< 12. iQw

34 f> 3.8


V%d#

":gzkT>(EDij6,kdkj6,;sT>CitT

x;GaPm#


sDns0kI\a<B:Dl&1d#

3. !qQw#Qw*<"RaT>ZBPjbP:BPikQwu

~`%d:#

TVT 8>E":groupsearchresults.gif

T>ZaPmPD?vij6G;v4S,C4ST>CiD

0itT1&\r\#XZitTD|È",kNDitT#

itT

0itT1&\r\T>yPky!qDi`X*DtT#zIS Policy

Director ^DiDtTr>i#

TVT 8>E":groupproperties.gif


3.W

ebP

ortal

Man

ager

\m

TBGitT:

¶ ij6(;I^D)

¶ hv

¶ LDAP CN(;I^D)

¶ LDAP DN(;I^D)

gzQ-^DKtT"k+yPDitThCV4=|GT0Dh

C,r!q4;;gz;Pa;ksrg9;P!q^Di,rz

;I9CC!q#

*^DtT,kwv|D"!q^Di#g^DI&,r"B0it

T1&\r\"|BtT#*S0Policy Director1i"am>i,k

!q0itT1&\r\W?D>Ki#*S LDAP M Policy Director

i"am>i,k!qGq> LDAP u??4!r,;s!q>

KC'#

!qmSiI1TT>0mSiI11&\r\#%?ir4PvKC

'mS&\#dkC'j6TmS=iP"%wmS#W?ir4P+

VC'QwT"VC'#XZQwC'D|È",kND Z263D

< 13. itT

36 f> 3.8

:C' → Qw;#ZaPmPT>C'#*+C'mS=i,k!q

C'T_D4!r"%wmSy!I1#

TVT 8>E":addgroupresults.gif

!q10iI1TT>010iI11&\r\#Cr\4PC'Qw

&\TiRC',CC'Gy!qDiDI1#aPmPT>K*C

iI1DyPC'#*Si%C',k!qC'T_D4!r"%w

%y!qD#

TVT 8>E":currentgroupresults.gif

< 14. mSiI1


3.W

ebP

ortal

Man

ager

\m

i → 4(04( Policy Director i1&\r\Jmz4(BD Policy Director i#

C&\r\OT>DD>VNMT>Z0itT1&\r\OD;y#

XZG)tTD|È",kNDZ353D:itT;#

TVT 8>E":groupcreate.gif

< 15. 10iI1

38 f> 3.8

*4(BD Policy Director i,k9CBP=h:

1. dkBD Policy Director iDtT#ij6M LDAP DN GXnV

N#XZ7D LDAP DN o(DE",kN<BP Web >cD

LDAP Implementation Cookbook:

http://w3.itso.ibm.com/itsoapps/Redbooks.nsf

2. dkBiDI!Ts]w#bJmzZ(ED Tivoli SecureWay Policy

Director TsUdP4(Bi#XZ Policy Director TsUdDj8

E",kND6Tivoli® SecureWay Policy Director Base \m8O7#

3. *+yPDVNV4*|GDu<4,,k!q4;#;P1z9

;P!q4(i1,E\9CC!qV4VN#

4. ZdkyPDE".s,k!q4(iT4(Bi#g&m'

\,rT>ms""RXk|;7Du?#g&mI&,

rT>yw&mI&jID"#9T>=BC'D0itT1&

\r\D4S#

\#$TsUdNqK%r\PDTsUdjbP;vSjb:/@#C&\;+T> Policy

Director TsUdDcNa9xR9T>KTsUdtT#

< 16. i4(


3.W

ebP

ortal

Man

ager

\m

http://w3.itso.ibm.com/itsoapps/Redbooks.nsf

TVT 8>E":obspacetasks.gif

TsUd → /@0/@TsUd1&\r\;vPv10%cD Tivoli SecureWay Policy

Director TsUdxR9PvK=SZ?vTsUdDCJXFm

(ACL)M\#$TsD_T(POP)#

TVT 8>E":obspacebrowse.gif

?vTsUdDT__P)9(+),I)9TsUdTT>|DS

Ts#%w)9IT>STs#;s|Br\TT>yPDSTs,

TZKTsUdvT>;c#9T>=SZb)STsD ACL M POP#

?vyT>DTsUdG;v4S,C4ST>KKTsUdD0\#

$TstT1&\r\#XZTsUdtTD|È",kND

< 17. \#$TsUdNq

< 18. /@TsUd

40 f> 3.8

:\#$TstT;#mb,?vyT>D ACL M POP 2G;v4

S,C4ST>0ACL tT1&\r\r0POP tT1&\r\#XZ

ACL M POP tTD|È",kNDZ443D:ACL tT;MZ563

D:POP tT;#

\#$TstT

0\#$TstT1&\r\T>yPky!qDTsUd`X*Dt

T#zI^DTsUdDtT,|(=SMpk ACL M POP#

TVT 8>E":obspaceprop.gif

TBGTsUdtT:

¶ \#$Tsj6(;I^D)

¶ hv

¶ `M(T>TsUd`MDB-K%)

¶ _TGqIT=SAKTs

¶ =SD ACL

¶ =SD POP

< 19. \#$TstT


3.W

ebP

ortal

Man

ager

\m

g ACL r POP =S=KTsUd,rI!qpk4pk|#*^D

tT,kwv|D"!q^Di#g^DI&,r"B0\#$Ts

tT1&\r\"|BtT#!q)9tTTT>KTsUdD10)

9tTr4(|DB)9tT#

\#$TstT → )9tT

0)9tT1&\r\T>TsUd)9tT#y!qDTsUdDy

P)9tTPZtTmP,"=OtTM5#I4(M>TsUd

)9tT#

TVT 8>E":obspaceextend.gif

¶ *4(BDTsUd)9tT,k!q4(BtTTT>04()

9tT1&\r\#XZ4()9tTD|È",kND:\#

$TstT → )9tT → 4()9tT;#

¶ *>)9tT,k!qzk>DtTT_D4!r"%w>

tT#g&mI&D0,rT>0)9tT1r\M|BDtT

m#

\#$TstT → )9tT → 4()9tT

04()9tT1&\r\Jmz4(TsUdDBD)9tT#

< 20. TsUd)9tT

42 f> 3.8

TVT 8>E":obspaceextendcreate.gif

*4(BDtT,k9CBP=h:

1. ZtTFD>rPdktTDF#

2. ZtT5D>rPdktT5#

3. ZdkyPDE".s,k!q4(T4(BDtT#g&mI

&,rT>0)9tT1&\r\"RZtTmPPvBDtT#

CJXFmNqK%r\PD ACL jb_PvSjb:Pm"4(MmI(hv#b

)&\PvKyPVPD Policy Director ACL;T>"`-r> ACL

tTM ACL u?tT;4( ACL u?;K! ACL;iR=S ACL D

Ts;+ ACL =S=TsUd;4( ACL;4(r> ACL )9t

T;T0i4mI(hv#

TVT 8>E":acltasks.gif

< 21. TsUd4()9tT


3.W

ebP

ortal

Man

ager

\m

ACL → Pm0ACL Pm1&\r\PvyPVPD Policy Director ACL#?vyT

>D ACL G;v4S,C4ST>K ACL D0ACL tT1&\r\#

TVT 8>E":acllist.gif

ACL tT

0ACL tT1&\r\T>yPky!qD ACL `X*DtT#zI

^D ACL DtT"> ACL T04("^Dr> ACL u?#

TVT 8>E":aclprops.gif

< 22. ACL Nq

< 23. ACL Pm

44 f> 3.8

TBG ACL tT:

¶ ACL j6(;I^D)

¶ hv

¶ ACL u?

zIZD>VNPdkD>hv4hC ACL Dhv"!qhChv#

y!qD ACL DyPVPD ACL u?w*4S,PvZu?irP#

I4("^DM> ACL u?#

¶ *T> ACL u?tT,k!q ACL u?4S,+T>0ACL u

?tT1&\r\#XZ ACL u?tTD|È",kNDZ463

D:ACL tT → ACL u?tT;#

¶ *4(BD ACL u?,k!q4(Bu?TT>04( ACL u

?1&\r\#XZ4( ACL u?D|È",kNDZ473D

:ACL tT → 4( ACL u?;#

¶ *> ACL u?,k!qzk>D ACL u?T_D4!r"%

w>u?#g&mI&,rT>0ACL tT1r\M|BD

ACL u?m#

< 24. ACL tT


3.W

ebP

ortal

Man

ager

\m

zISK&\r\jId|8v&\:

¶ *4(10 ACL DK!,k!qK!TT>0K! ACL1&\r

\#XZK! ACL D|È",kNDZ483D:ACL tT → K

! ACL;#

¶ *iRyP=S ACL DTs,k!qiRTT>0ACL iRa1

&\r\#XZiR=S ACL DTsD|È",kNDZ493D

:ACL tT → ACL iRa;#

¶ *+K ACL =S=TsUdrTsP,k!q=STT>0=S

ACL1&\r\#XZ+ ACL =S=TsD|È",kNDZ50

3D:ACL tT → =S ACL;#

¶ *T>"4(r>)9 ACL tT,k!q)9tTTT>0)9

tT1&\r\#XZ)9tTD|È",kNDZ513D

:ACL tT → )9tT;#

¶ *>K ACL,k!q>K ACL#S Policy Director >K

ACL#

ACL tT → ACL u?tT

0ACL u?tT1&\r\T>yPky!qD ACL u?`X*Dt

T#z;I^D ACL u?mI(#

TVT 8>E":aclentryprops.gif

46 f> 3.8

TBG ACL u?tT:

¶ ACL(;I^D)

¶ u?`M(;I^D)

¶ u?F(;P1u?`MGC'ri1ET>)

¶ mI(

(!qr!!q?vmI(T_D4!r,zI|D ACL u?mI

(#*+yPVNV4=|G-4DhC,k!q4;;;P1z9;

Pa;ks"R9;P!q^DmI(1,zEI9CC!q#Zwv

zD!q.s,k%w^DmI(T|DmI(#g&mI&,rT

>0ACL tT1&\r\#

ACL tT → 4( ACL u?

04( ACL u?1&\r\Jmz4( ACL DBu?#

TVT 8>E":aclentrycreate.gif

< 25. ACL u?tT


3.W

ebP

ortal

Man

ager

\m

*4(Bu?,k9CBP=h:

1. 9CB-K%T!qu?`M:!qC'"i"Nbd|r4O

$#!qC'riT4(C'rimI(#!qNbd|T4(N

NQqO$DC'DmI(,+G";PT ACL PDC'u?r

ACL PDiI1u?w7XPv#!q4O$T4(yPd|4qO

$DC'DyP(#

2. g+C'riw*u?`M4!q,rZu?FD>rPdk

u?DF#gz!qm;vu?`M,rx==h 3#

3. ZmI(0qPdku?mI(#!qr!!q?vmI(T_

D4!rTdkk*DmI(#

4. *+yPDu?4;=|GT0DhC,k!q4;#;P1z9

;P!q4(u?1,E\9CC!qV4VN#

5. ZdkyPDE".s,k!q4(u?T4(Bu?#g&m

I&,rT>0ACL tT1&\r\"Zu?mPPvKBu?#

ACL tT → K! ACL0K! ACL1&\r\Jmz4(10 ACl DK!#C&\+4(_P

k10 ACL `, ACL u?DB ACL#

< 26. 4( ACL u?

48 f> 3.8

TVT 8>E":aclclone.gif

*K! ACL,k9CBP=h:

1. dkBD ACL j6Mhv#

2. !q4( ACL K!#g&mI&,rT>BD ACL D0ACL t

T1&\r\#|M-4D ACL _P`,DtT,;G_P;vB

Dj6#

ACL tT → ACL iRa

0ACL iRa1&\r\T>=Sy!qD ACL DyPTs#?v

yT>DTsG;v4S,C4ST>KKTsD0\#$TstT1

&\r\#XZTsUdtTD|`tT,kNDZ413D:\#$T

stT;#

TVT 8>E":aclpropfind.gif

< 27. K! ACL


3.W

ebP

ortal

Man

ager

\m

ACL tT → =S ACL0=S ACL1&\r\9z\+ ACL =S=TsUdrTs#*+

ACL =S=TsUdrTsP,rZD>rPdkTsDj76"%

w=S#g&mI&,rT>y!qD ACL D0ACL tT1&\r

\#

TVT 8>E":aclpropattach.gif

< 28. ACL iRa

50 f> 3.8

ACL tT → )9tT

0)9tT1&\r\T> ACL )9tT#y!qD ACL DyP)9

tTPZtTmP,"=OtTM5#I4(M> ACL )9tT#

TVT 8>E":aclext.gif

< 29. =S ACL


3.W

ebP

ortal

Man

ager

\m

¶ *4(BD ACL )9tT,k!q4(BtTTT>04()9t

T1&\r\#XZ4()9tTD|È",kND:ACL tT →

)9tT → 4()9tT;#


tT#g&mI&D0,rT>0)9tT1r\"|BDtT

m#

ACL tT → )9tT → 4()9tT

04()9tT1&\r\Jmz4( ACL DBD)9tT#


< 30. ACL )9tT

52 f> 3.8

*4(BDtT,k9CBP=h:

1. ZtTFD>rPdktTDF#

2. ZtT5D>rPdktT5#

3. ZdkyPDE".s,!q4(T4(BDtT#g&mI


ACL → 4(04( ACL1&\r\Jmz4(BD ACL#

TVT 8>E":aclcreate.gif

< 31. ACL 4()9tT


3.W

ebP

ortal

Man

ager

\m

*4(BD ACL,k9CBP=h:

1. Z ACL j6D>rPdk ACL j6#

2. ZhvD>rPdk ACL hv#

3. ZdkyPDE".s,k!q4( ACL T4(BD ACL#g&

mI&,rT>0ACL tT1&\r\"RzI4P ACL \mD&

\#XZ ACL tTD|È",kNDZ443D:ACL tT;#

ACL → mI(hv0ACL mI(hv1&\r\T>CZ Policy Director DyPmI(h

CDhv#Z0ACL u?tT1r\M04( ACL u?1r\PhC

Kb)mI(#XZhCmI(D|È",kNDZ463D:ACL t

T → ACL u?tT;MZ473D:ACL tT → 4( ACL u?;#C

r\;JCZE"#

TVT 8>E":aclperm.gif

< 32. 4( ACL

54 f> 3.8

\#$Ts_TNqK%r\PD POP jb_P=vSjb:PmM4(#b)&\PvK

yPVPD Policy Director POP;T>"`-r> POP tT;iR=

S POP DTs;+ POP =S=TsUd;4( POP;T04(r>

POP )9tT#

TVT 8>E":poptasks.gif

< 33. ACL mI(hv

< 34. POP Nq


3.W

ebP

ortal

Man

ager

\m

POP → Pm0POP Pm1&\r\T>KyPVPD Policy Director POP#?vy

T>D POP G;v4S,C4ST>K POP D0POP tT1&\r

\#

TVT 8>E":poplist.gif

POP tT

0POP tT1&\r\T>yPky!qD POP `X*DtT#zI^

D POP tT"> POP#

TVT 8>E":popprop.gif

< 35. POP Pm

56 f> 3.8

TBG POP tT:

¶ POP j6(;I^D)

¶ hv

¶ sF6p

¶ #$6p

¶ vZvV_T%1/f

¶ ?UDCJ1d

(9CGZ84!r!qJmCJDUS,T!q?UCJD1d#

9C+lrTB1dZ%!4%4hCG)lDCJ1d#gz!q

TB1dZ,kT>X1dr+rj<1d(UTC)1ddk*<1d

Max1d#

zI(!qr!!q?vtTT_D4!rrB-K%4|D POP

tT#*e+?DVN,k!q4;;gz9;Pa;zDksr

9;P!q^D Pop,rz;I9CC!q#Zzwv!q.s,%w

^D Pop I|DtT#

zISK&\r\jId|8v&\:

< 36. POP tT


3.W

ebP

ortal

Man

ager

\m

¶ *iRyP=S POP DTs,k!qiRTT>0POP iRa1

&\r\#XZiR=S POP DTsD|È",kNDZ593D

:POP tT → POP iRa;#

¶ *+K POP =S=TsUdrTsP,k!q=STT>0=S

POP1&\r\#XZ+ POP =S=TsD|È",kND:POP

tT → =S POP;#

¶ *T>"4(r>)9 POP tT,k!q)9tTTT>0)9

tT1&\r\#XZ)9tTD|È",kNDZ593D

:POP tT → )9tT;#

¶ *>K POP,k!q>K POP#S Policy Director >K

POP#

POP tT → =S POP0=S POP1&\r\Jmz+ POP =S=TsUdrTs#*+ POP

=S=TsUdrTsP,rZD>rPdkTsDj76"%w=

S#g &mI&,rT>y!qD POP D0POP tT1&\r\#

TVT 8>E":attachpop.gif

< 37. =S POP

58 f> 3.8

POP tT → POP iRa

0POP iRa1&\r\T>=Sy!qD POP DyPTs#?vy

T>DTsG;v4S,C4ST>KKTsD0\#$TstT1&

\r\#XZTsUdtTD|`tT,kNDZ413D:\#$Ts

tT;#

TVT 8>E":popfind.gif

POP tT → )9tT

0)9tT1&\r\T>K POP )9tT#y!qD POP DyP)

9tTPZtTmP,"=OtTM5#I4(M> POP )9t

T#

TVT 8>E":popextend.gif

< 38. POP iRa


3.W

ebP

ortal

Man

ager

\m

¶ *4(BD POP )9tT,k!q4(BtTTT>04()9t

T1&\r\#XZ4()9tTD|È",kND:POP tT →

)9tT → 4()9tT;#


tT#g&mI&D0,rT>0)9tT1r\"|BDtT

m#

POP tT → )9tT → 4()9tT

04()9tT1&\r\Jmz4( POP DBD)9tT#


< 39. POP )9tT

60 f> 3.8

*4(BDtT,k9CBP=h:

1. ZtTFD>rPdktTDF#

2. ZtT5D>rPdktT5#

3. ZdkyPDE".s,!q4(T4(BDtT#g&mI


POP → 4(04( POP1&\r\Jmz4(BD POP#

TVT 8>E":popcreate.gif

< 40. POP 4()9tT


3.W

ebP

ortal

Man

ager

\m

*4(BD POP,k9CBP=h:

1. Z POP j6D>rPdk POP j6#

2. ZhvD>rPdk POP hv#

3. !qOJDsF6p4!rThCK POP DsF6p:^"jT

r#\T#

4. 9CB-K%!qOJD#$6p#

5. !qvZvV_T%1/fT_D4!rTtC/f==tT#

6. (9CGZ84!r!qJmCJDUS,T!q?lCJD1

d#9C+lrTB1dZ%!4%4hCG)lDCJ1d#g

z!qTB1dZ,kT>X1dr(C-w1d(UTC)dk

*<1dMax1d#

7. *eyPDVN,k!q4;#;P1z9;P!q4( POP1,E\9CC!qeVN#

8. ZdkyPDE".s,k!q4( POP T4(BD POP#g&

mI&,rT>0POP tT1&\r\"RzI4P POP \mD&

\#XZ POP tTD|È",kNDZ563D:POP tT;#

< 41. POP 4(

62 f> 3.8

GSO J4NqK%r\PD GSO J4jb_PDvSjb:Pv GSO"4(

GSO"Pv GSO iM4( GSO i#b)&\PmPvyPVPD

GSO J4;T>J4tT;4(r>J4;PvyPVPDJ4i;

T>r`-J4itT;T04(r>J4i#

TVT 8>E":gsotasks.gif

GSO J4 → Pv GSO0GSO J4Pm1&\r\PvyPVPD GSO J4#?vyT>D

J4G;v4S,C4ST>KJ4D0GSO J4tT1&\r\#

TVT 8>E":gsolist.gif

< 42. GSO J4Nq


3.W

ebP

ortal

Man

ager

\m

GSO J4tT

0GSO J4tT1&\r\T>KyPky!qDJ4`X*DtT#

zIi4J4DtT">J4#

TVT 8>E":gsoprop.gif

< 43. GSO Pm

64 f> 3.8

TBGJ4tT:

¶ GSO j6(;I^D)

¶ hv(;I^D)

*>KJ4,k!q>#S Tivoli SecureWay Policy Director P>

KJ4#g&mI&,rT>"|B0GSO J4Pm1&\r\#

GSO J4 → 4( GSO0GSO J44(1&\r\Jmz4(BDJ4#

TVT 8>E":gsocreate.gif

< 44. GSO J4tT


3.W

ebP

ortal

Man

ager

\m

*4(BDJ4,k9CBP=h:

1. Z GSO j6D>rPdkJ4j6#

2. ZhvD>rPdkJ4hv#

3. *eyPDVN,k!q4;#;P1z9;P!q4(1,E

\9CC!qeVN#

4. ZdkyPDE".s,k!q4(T4(BDJ4#g&mI

&,rJ4j6w*;v4S4T>#1!qKK4S,rT>

0GSO J4tT1&\r\"RzI4PJ4\mD&\#XZJ4

tTD|È",kNDZ643D:GSO J4tT;#

GSO J4 → Pv GSO i0GSO J4iPm1&\r\PvyPVPD GSO J4i#?vyT

>DJ4iG;v4S,C4ST>KJ4iD0GSO J4itT1&

\r\#

TVT 8>E":gsogrouplist.gif

< 45. GSO J44(

66 f> 3.8

GSO J4itT

0GSO J4itT1&\r\T>KyPky!qDJ4i`X*Dt

T#zIi4J4iDtT;i4r^DJ4itT;T0>J4

i#

TVT 8>E":gsogroupprop.gif

< 46. GSO J4iPm


3.W

ebP

ortal

Man

ager

\m

TBGJ4itT:

¶ GSO ij6(;I^D)

¶ hv(;I^D)

¶ GSO I1

¶ ICD GSO

GSO I1MICD GSO PmCZSKJ4imSr>J4#9CB

P=hTSCimSr>J4#

1. *+J4mS=CiP,k9CBP=h:

a. !q*SICD GSO PmPmSDJ4#

b. !qOfD74%(<<<)#

2. *SCiP%J4,k9CBP=h:

a. !q*S GSO I1PmP>DJ4#

b. !qBfD74|(>>>)#

3. *>yPzD!q,k%w4;;;P1z9;Pa;ksr9

;P!q^D,E\9CC!q#

< 47. GSO J4itT

68 f> 3.8

4. ZwvzD!q.s,k%w^DT|DtT#g&mI&,r

T>0GSOJ4itT1&\r\M|BDtT#

*>KJ4,k!q>#S Tivoli SecureWay Policy Director P>

KJ4#g&mI&,rT>"|B0GSO J4Pm1&\r\#

GSO J4 → 4( GSO i0GSO J4i4(1&\r\Jmz4(BDJ4i#

TVT 8>E":gsogroupcreate.gif

*4(BDJ4i,k9CBP=h:

1. Z GSO ij6D>rPdkJ4ij6#

2. ZhvD>rPdkJ4ihv#

3. *+J4mS=CiP,k9CBP=h:

a. !q*SICD GSO PmPmSDJ4#

b. !qOfD74%(<<<)#

4. *SCiP%J4,k9CBP=h:

< 48. GSO J4i4(


3.W

ebP

ortal

Man

ager

\m

a. !q*S GSO I1PmP>DJ4#

b. !qBfD74|(>>>)#

5. *>yPDVN,k!q4;#;P1z9;P!q4(1,E

\9CC!qeVN#

6. ZdkyPDE".s,k!q4(T4(BDJ4i#g&m

I&,rJ4ij6w*;v4S4T>#1!qKK4S,rT

>0GSO J4itT1&\r\"RzI4PJ4\mD&\#XZ

J4tTD|È",kNDZ673D:GSO J4itT;#

70 f> 3.8

/I\m

9C Web Portal Manager D/I\ma)x Tivoli SecureWay Policy

Director \m14(/IC'r"4(BC'"+VPDC'mS==S

Dr"T0+;,`MD\m1mS=;,rD\&#;s/I\m1

y]GD`MMGVdDrZDC',I4P;!i\m&\#/

IC'\mDbvEnI&CZyPD Policy Director C',byMN

IKC'rDcNa9#ZVcD2EB,?v Policy Director C';

IIC'GdI1DrD\m1r,6rD\m14\m(>BDsf

axPbM)#\m1\4PD7P&\!vZGVdD\m1`

M#

/IC'\m

Policy Director \m1,g sec_master,I4(m`s5r"+;V

r`V`MD\m1Vd=?vs5r#s5rD\m1IZrP4(

BC'"+VPD Policy Director C'mS=rP#

K_PKC'`XD&\b,Policy Director \m1IZs5r6p

(Sr)B4(BDr,"+C'Vd*b)BrD\m1(r\m

1)#;sBrD\m1IZGT:DrP4(BDC'#

s5rD Policy Director \m1(rD,6r)9_P\mKrD(^#

Policy Director \m1I4hs4(M\mG(^BDrTzcG(

;DL5h*#

":s5ry>OG%cr,"RZs5r6pTB4(DNNrMP

vr#

4


4./

I\

m

w*Z<49P`vr\mDK`MD>,Policy Director \m1I4(

s5r A M B,"*?vrVd\m1#s5r B Dr\m1I4(

BDC' P"Q#Policy Director \m1IZs5r A M B B4(r

C M D,"+r\m1Vd= C M D#;s Policy Director \m1I

Zr D B4(r E,"+r\m1Vd= E#r E Dr\m1SEZ

r E ZI4(BC' X"Y M Z#r*rDr\m19I\mKrD

Sr,yTr D Dr\m1Ms5r B Dr\m1I4(r E DC'

(r4Pd|\mD&\)#

TZ?v/IC'r(|(s5r),ZKrPIVd$(eD\m1

`M#TBGwV\m1`MMb)`MD\m1y\4PD\m&\

D/O:

¶ Policy Director \m1# Policy Director \m1G iv-admin iP

DI1#Policy Director \m1I4PyP/I\m&\#

< 49. /I\m1

72 f> 3.8

¶ r\m1#r\m1IZGDrZ4PC'\mD&\#r\m

1ZGT:DrZ4(BDC'/\m1,"+VPDrC'V

d*rD\m1(Kr\m1DNN`M)#

¶ _6\m1#K;\Vd=S\m1b,_6\m1kr\m1

_P;yD(^#

¶ \m1#K\m1^(4(BrC'Tb,\m1k_6\m1

_P;yD(^#\m1I^DVPC'DtT#

¶ 'V\m1#'V\m1Toz@fDG+~qC',"R\i4

C'DtT,|DC'D\k"^DC'D\kGqP'?j>#

/IC'\m$_(?v\m1`M4S?I4PD\mD&\#1

\m1G<1,a)KkC'D\m1`M#V;BD\mD&\#

/IG+\m

Web Portal Manager D/I\m53Dm;v?VGG+\m#*I&

D?p Policy Director,rXk(ewCJTsD2+T_T,9Xk

(eIZTsO4PDYw#r*2+T_T?wDG+V2+TJ

b,-#Ii/D_6pI1(e,yTC_TD4P(#G'QD#

;s_TXkIi/D>XI15)Yw,CI1y"bDGM6pD

j8E"Mk5VPXDZ]#(#b=iKTZvi/D2+T_

P`FD?j,+G+b=V;,D[c`%NSp4GPt=TD#

yZG+D\m*i/D2+Ta)v?D\&Tzc104SD2+

T*s,gIluT"rWTMinTD*s#

*mbG+\m,WHXk(eDEnGG+#G+I5VX(w5h

syh*D;)Nq"0pr<uyiI#+K(ek Tivoli SecureWay

Policy Director DCJXFm(ACL)#MxPTH1,G+MI*;T

r`TTsM&CZTsD;vr`vCJmI(DPm#g:

¶ Ts 1:mI( 1

¶ Ts 2:mI( 2"3 M 4

¶ Ts 3:mI( 5


4./

I\

m

*K9CG+,Xk$n|#1 Tivoli SecureWay Policy Director \m

1Z Policy Director FUdPtCG+D(e1,M$nKG+#Z

$n3vG+"+C'VdxCG+.s,C'_PTs 1 DmI( 1"

Ts 2 DmI( 2"3 M 4"Ts 3 DmI( 5#b)TsDCJm

I(JmC'CJTs,"RrK4PG+y(eDw50p#g,

I+:aFG+;(eIIBP=TTsMmI(yiI:

¶ $J%Ts:4(/^D/>

¶ (zksTs:z<

1$nKCG+"+aF?EPDM1Vd=CG+1,KM1MI4

("^Dr>$J%"Iz<(zks,byM\4P#aF4P

Dw5#

*I&X\mG+,\m1Xk\4PNqDV`M:

¶ G+4(

¶ G+Vd

¶ G+$n

G+4(|((eG+,by|M_P;Tr`T Tivoli SecureWay

Policy Director TsMIJCZTsDmI(DPm#1Z Web Portal

Manager P4(G+1,M4( Tivoli SecureWay Policy Director iT

zmCG+#9Z\mTsUdP4(K`&DiTs#G+DTs/

mI(TE"f"ZkiTs`X*D)9tTP#;P Tivol i

SecureWay Policy Director \m1\4(G+#

G+VdI+C'Vd=Q-4(DG+yiI#+C'Vd=G+D

30?DGCG)C'_PZG+P(eDTsDCJmI(#K&\

uYK|,Z,$C' * mI( * TsX5PD$w?,r*G+V

dSTs/CJmI(\mPVkKv4#1Z Web Portal Manager P

+C'Vd=G+1,r+C'mS*zmG+DiDI1#r\m

1"_6\m1M3vrD\m1IZGDrZ+C'Vd=G+#

G+$ntCB4(DG+4KP#Z4(G+"+C'VdxCG+

.s,C'"4_PTZG+P(eDTsDCJmI(,1=$nK

G+*9#1Z Web Portal Manager P$nG+1,TZ?v(eZG

74 f> 3.8

+PDTsxT,|,zmG+DiMZG+P(eDCJmI(D

ACL u?+amS=CG+PD?vTsD ACL P#r*1+C'V

d=CG+1C'QmS=iP,yT;PZ$nG+.sKC'EP

CJTsDmI(#;P Tivoli SecureWay Policy Director \m1\$

nG+#

G+G;v5e#(+G+Vd=r,ITsTC';y/I"\m

C5e#14(G+1,I+|Vd=s5r#r\m1I@N+Kr

ZDNNG+Vd=NNSr#;)+G+Vd=Sr,rCSrD\

m1I+NNSrC'Vd=CG+#Iy]h*X4+G+Vd=S

rDL,byG+MIa)xJ1DC'#;P Policy Director \m

1I4P+G+Vd=s5r#r\m1I+G+Vd=GDSr#

/I\mNq1zT Policy Director \m1G<1,K%r\PD/I\mjb_P

evSjb:Pvs5r"4(s5r"4(G+"PvG+MrC'

Qw#1zTd|\m1`MG<1,K%r\_P=vSjb:Pv

rMrC'Qw#

TVT 8>E":datasks.gif

zI4P\mD&\,|(ZyP10 Tivoli SecureWay Policy Director

r"G+MC'O^DtT"4(M>#ZBfwZPaTb)&\

xPj8bM#

/I\m → rPmgzTK Policy Director \m1TbDNN\m1`MG<,rz

MI9CC&\#0/IrPm1&\r\PvKyPVPD Policy

Director r(z;Vd*b)rD\m1)#?vyT>DrG;v4S,

< 50. /I\mNq


4./

I\

m

C4ST>KrD0/IrtT1&\r\#g;PrfZ,rT>

"4R=r#1rfZ+G^(I&Pvrlw1,2aT>msE

"#

TVT 8>E":*=KA;,zXk"z(ZK%r\P!q0"

z1),"TK Policy Director \m1TbDNN\m1`MG<X

4#domain.gif

/I\m → Pvs5rgzT Policy Director \m1G<,rzMI9CC&\#0/Is

5r1&\r\PvyPVPD Policy Director s5r#?vyT>D

s5rG;v4S,C4ST>KKs5rD0/IrtT1&\r

\#g;Ps5rfZ,rT>"4R=r#1s5rfZ+G^

(I&Pvrlw1,2aT>msE"#

TVT 8>E":*=KA;,zXk"z(ZK%r\P!q0"

z1),"T Policy Director \m1G<X4#SK&=axDyPA

;Ga)x Policy Director \m1D#daenterdomain.gif

< 51. rPm

76 f> 3.8

/IrtT

0/IrtT1&\r\T>KyPk!qDr`X*DtT#zIi

4rDtT#

TVT 8>E":daprops.gif

< 52. /Is5r


4./

I\

m

TBG/IrtT:

¶ 10r(;I^D)

¶ G<(;I^D)

¶ hv(I( sec_master ^D)

*^Dhv,kZD>VNPdkBDhv"!q^D#G<VNT>

z10G<D\m1`M#

zISK&\r\jId|8v&\:

¶ *T>rC'DPm,k!qPvC'TT>0rC'Pm1&\r

\#XZT>C'D|È",kNDZ813D:/IrtT → Pv

C';#

¶ *4(rC',k!q4(rC'TT>04(/IC'1&\r

\#XZ4(/IC'D|È",kNDZ853D:/IrtT →

4(rC';#

¶ *T>SrPm,k!qPvSrTT>0SrPm1&\r\#

XZT>SrD|È",kNDZ863D:/IrtT → PvS

r;#

< 53. /IrtT

78 f> 3.8

¶ *4(/ISr,k!q4(SrTT>04(/ISr1&\r

\#XZ4(SrD|È",kNDZ873D:/IrtT → 4(

Sr;#

¶ *T>Vd=rDyPG+,k!qG+VdTT>0VdxCr

DG+1&\r\#XZG+VdD|È",kNDZ883D

:/IrtT → G+Vd;#

¶ *T>"mSr%Vd=rDr\m1,k!qr\m1TT>

0r\m11&\r\#XZr\m1D|È",kNDZ923

D:/IrtT → r\m1;#

¶ *T>"mSr%Vd=rD_6\m1,k!q_6\m1T

T>0_6\m11&\r\#XZ_6\m1D|È",kN

DZ933D:/IrtT → _6\m1;#

¶ *T>"mSr%Vd=rD\m1,k!q\m1TT>0\

m11&\r\#XZ\m1D|È",kNDZ943D:/I

rtT → \m1;#

¶ *T>"mSr%Vd=rD'V\m1,k!q'V\m1T

T>0'V\m11&\r\#XZ'V\m1D|È",kN

DZ953D:/IrtT → 'V\m1;#

";GTOyPD&\PmT?;v\m1`M<GICD#m 1 E(

K?V`MD\m1ICJD&\#rPD X 8>K4STZZKP%

?8(D\m1`MGICJD#

m 1. ;,D\m1`MICJD4S

4S P o l i c yDirector

r _6 \m1 'V

PvC' X X X X X

4(rC' X X X

PvSr X X X X X

4(Sr X

G+Vd X X X X X

r\m1 X X X X X

_6\m1 X X X X X

\m1 X X X X X


4./

I\

m

m 1. ;,D\m1`MICJD4S (x)

4S P o l i c yDirector

r _6 \m1 'V

'V\m1 X X X X X

m 2 E(K?V`MD\m1_PDICJD&\#rPD X 8>K

&\TZZKP%?8(D\m1`MGICJD#

m 2. ;,D\m1`MICJD&\

&\ P o l i c yDirector

r _6 \m1 'V

i4hv X X X X X

^Dhv*(

"M)

X

PmC' X X X X X

m S / % C

'

X

4(rC' X X X

PvSr X X X X X

4(Sr X

4 ( / P v G

+

X

$ n / # C r

DG+

X

S r P m S /

%G+

X

i 4 V d = r

DG+

X X X X

+ G + V d =

Sr

X X

S G + m S /

%C'

X X X X

i 4 r P V d

=G+DC'

X

Pvr\m1 X X X X X

80 f> 3.8

m 2. ;,D\m1`MICJD&\ (x)

&\ P o l i c yDirector

r _6 \m1 'V

m S / % r

\m1*("

M)

X

P v _ 6 \ m

1

X X X X X

m S / % _

6\m1

X X

Pv\m1 X X X X X

m S / % \

m1

X X

P v ' V \ m

1

X X X X X

m S / % '

V\m1

X X

":\m1^(^DGT:rDhvMr\m1tT#;PrD,6

rDr\m1r Policy Director \m1I^Db)tT#zI(

dkBDhv"%w^D4^DhvtT#G+4(M$n;a)

x Tivoli SecureWay Policy Director \m1#

/IrtT → PvC'

0rC'Pm1&\r\IPv"mSr%y!qrPDyPVPD

C'#C&\r\;a)x Policy Director \m1#r\m1"_6\

m1"\m1M'V\m1+;4=VPDrC'DPm#

*+C'mS=r,kZC'j6D>VNPdkC'j6"%wm

S#r"BK0rC'Pm1&\r\"Z10C'irBPvKC

'#?vrC'w*;v4S4T>,C4ST>KKC'D0/IC

'tT1&\r\#

TVT 8>E":dalistuser.gif


4./

I\

m

Z10C'0qBPvKyP10rC'#*Sy!qDrP%C

',k!qC'T_D4!r"%w%#r"BK0rC'Pm1&

\r\,"R;YPvKC'#

/IrtT → PvC' → /IC'tT

0/IC'tT1&\r\T>KyPky!qDC'`X*DtT#

zIyZzD\m1`M^DC'tT">C'#I^DDNNtT

MI^DDVNr4!r;pT>#

TVT 8>E":dauserprop.gif

< 54. rC'Pm

82 f> 3.8

":BP(^;&CZ=DC' * b)C';_P\m(^#_6\

m1"\m1M'V\m1DtT(|(\k)!vZ4(K\m

1D==#gnuZ10rP+C'4(*\m1,r10rr

rD,6rDr\m1|DKC'DtT#gnuZ10rP4

4(C',+4+dw*\m1mS=rP,rKrDr\m1^

(|DKC'DtT#Policy Director \m1I|DNN\m1Dt

T,x;<GKC'GgN4(D#

TBG/IC'tT:

¶ C'j6(;I^D)

¶ \k(IIyP\m1`M^D)

¶ i$\k(IIyP\m1`M^D)

¶ hv(II Policy Director \m1"r\m1"_6\m1M\m1

^D)

¶ (;I^D)

¶ U(;I^D)

¶ JEGqP'(II Policy Director \m1"r\m1"_6\m1

M\m1^D)

< 55. /IC'tT


4./

I\

m

¶ \kGqP'(IIyP\m1`M^D)

¶ GqG GSO C'(II Policy Director \m1"r\m1"_6

\m1M\m1^D)

¶ C'GrI1Pmn(;I^D)

(!qr!!q4!rr^D?vtTT_DD>VN,zI|D

C'tT#*+VNV4I|GDu<5,k!q4;;gz9;P

a;zDksrg9;P!q^DC',rz;\9CK!q#Zw

vzD!q.s,k%w^DC'T|DtT#T>K0/IC't

T1&\r\M|BDtT#

gzh*HSC'GCrDI1DrPVS Tivoli SecureWay Policy

Director C'"amP%C',r%w>KC'#

*T>CC'ytDG+,k!qG+VdTT>0G+Vd1&\r

\#

/IrtT → PvC' → /IC'tT → G+Vd

":5C$H/fDG,g\m1DNN`M2w*rPDU(C'

fZ,rrDr\m1"_6\m1r\m1I+KC'mS=\

mG+rS\mG+P%KC'#

0G+Vd1&\r\Jmz+C'mS=G+rSG+P%C'#

Policy Director \m1"r\m1"_6\m1r10rD\m1I+C

'mS=G+rSG+P%KC'#'V\m1Ii4C'ytDG

+(TZ10r)#KNqGyZC'D,r*zZ+vKC'Vd

xwVG+#*iRvKG+"+wVC'Vd=|,kNDZ913D

:/IrtT → G+Vd → rG+VdC';#

TVT 8>E":dauserra.gif

84 f> 3.8

*+KC'mS=wVG+rSwVG+P%KC',k9CBP=

h:

1. *+C'mS=G+,kZICDG+PmP!qG+"!qOf

D7(<<<)#

2. *SG+P%C',kZ10G+PmP!qG+"!qBfD

7(>>>)#

3. *ezD!q,k!q4;#g9;P!q^D,rzIe

zD!q#

4. Zzwv!q.s,k%w^D#r"BKr\"|BKb)P

m#

/IrtT → 4(rC'

04(rC'1&\r\JmzZ10rZ4(BC'r\m1#K&

\r\a)x10rDr\m1r_6\m1ra)x Policy Director \

m1#I4(DC'r\m1D`M!vZ\m1`M#XZ4(C'

M\m1D|È",kNDZ803Dm2#

< 56. /IC'tTG+Vd


4./

I\

m

ZK&\r\OT>DD>VNM4!rkG)Z0/IC'tT1&

\r\PT>D;y,;G`K=v=SD!n#XZ/IC'tTD

|È",kNDZ823D:/IrtT → PvC' → /IC't

T;#

TVT 8>E":dausercreate.gif

*4(BC',k9CBP=h:

1. dkBC'DtT#C'`M"C'j6"\k"i$\k"M

UGyPXnVN#

2. *eyPDVN,k!q4;#gz9;P!q4(C',r

IeVN#

3. ZdkyPDE".s,k!q4(C'T4(BC'#g&m

'\,rT>ms""RXk|;7Ddk#g&mI

&,rT>yw&mI&jID"#

/IrtT → PvSr

0SrPm1&\r\PvKy!qDrPDyPVPDSr#?vS

rw*;v4S4T>,C4ST>KKrD0/IrtT1&\r

\#

< 57. 4(rC'

86 f> 3.8

TVT 8>E":dasublist.gif

/IrtT → 4(Sr

04(/ISr1&\r\9z\4(BDSr#;P Policy Director \

m1I9CC&\#

TVT 8>E":dasubcreate.gif

< 58. SrPm


4./

I\

m

*4(BDSr,k9CBP=h:

1. ZrD>rPdkr#bGXnVN#

2. ZhvD>rPdkrhv#

3. ZdkyPDE".s,k!q4(T4(BDSr#T>K0/

IrtT1&\r\,"RzI4Pr\mD&\#XZrtTD

|È",kNDZ773D:/IrtT;#

/IrtT → G+Vd

0VdxCrDG+1&\r\T>KyPVd=10rDG+,"J

mz+G+mS=10rrS10r%G+#10rD,6rDr\

m1r Policy Director \m1I+G+mS=10rP#Policy Director

\m1IS10rP%G+#10rDr\m1"_6\m1"\m

1r'V\m1Ii4Vd=10rDG+#

TVT 8>E":dara.gif

< 59. 4(Sr

88 f> 3.8

Kr\PT>KVd=10rDyPG+#?vG+w*;v4S4T

>,C4ST>K10rD0rG+VdC'1&\r\#XZ+C'

Vd=G+D|È",kNDZ913D:/IrtT → G+Vd → r

G+VdC';#

*S10r%G+,k9CBP=h:

1. !qG+T_D4!r#

2. gzke4!r,k!q4;;;P1z9;Pa;ksr9

;P!q>1,E\9CK!q#

3. !q>TSrP%y!qDG+#rS10rM+G+Vd=

DyPSrP%Ky!qDG+#"B0VdxCrDG+1&

\,"SPmP%y!qDG+#

*+BG+Vd=10r,k!qrrVdICDG+TT>0rrV

dG+1&\r\#;IVdQVd=10rD,6rDG+#

/IrtT → G+Vd → rrVdG+

0rrVdG+1&\r\9z\+BDG+Vd=10r#10rD

,6rDr\m1r Policy Director \m1I+G+Vd=10r#

< 60. /IrG+Vd


4./

I\

m

TVT 8>E":daassignrole.gif

T>K10rDyP4VdDG+DPm#;PvKVdx10rD,

6rDG+#*+b)G+PD;vVd=Cr,k9CBP=h:

1. !q*VdDG+T_D4!r#

2. gzke4!r,r!q4;;;P1z9;Pa;ksr9

;P!qmS1,E\9CK!q#

3. !qmST+G+Vd=Kr#

T>K0VdxCrDG+1&\r\MQVdG+D|BPm#T>

BPE":

BPG+QVd=Kr#ZC'_PkG+`X*DX(.0,h*$

nb)G+#

b8>h*$nQVdDG+#XZ$nG+D|È",kNDZ

1003D:G+tT → $nrG+;#

< 61. rrVdG+

90 f> 3.8

/IrtT → G+Vd → rG+VdC'

":5C$H/fDG,g\m1DNN`M2w*rPDU(C'

fZ,rrDr\m1"_6\m1r\m1MI+KC'mS=

\mG+rS\mG+P%KC'#

1z!qG+1yT>D0rG+VdC'1&\r\9z\+C'V

dxG+rSG+P%C'#Policy Director \m1"r\m1"_6

\m1r10rD\m1\+C'Vd=3vG+rS3vG+%C

'#'V\m1Ii4Vd=10rDG+DC'#KNqGyZG+

D,r*zZ+wVC'Vd=KvKG+#*iRvKC'"+w

VG+Vd*GvC',kNDZ843D:/IrtT → PvC' → /

IC'tT → G+Vd;#

TVT 8>E":daassignusers.gif

*+wVC'Vd=KG+rSKG+%wVC',k9CBP=

h:

1. *T>0rG+VdC'1&\r\,k!qzkmSC'D?j

G+#

< 62. rG+VdC'


4./

I\

m

2. *+C'mS=G+,kZICDC'PmP!qC'"!qOf

D7(<<<)#

3. *SG+P%C',kZ10C'PmP!qC'"!qBfD

7(>>>)#

4. *ezD!q,k!q4;#g9;P!q^D,rzIe

zD!q#

5. Zzwv!q.s,k%w^D#r"BKr\"|BKb)P

m#

/IrtT → r\m1

0r\m11&\r\PvKy!qDrPDyPVPr\m1#10

rD,6rDr\m1r Policy Director \m1I9CC&\#;PV

PDC'ImS*BDr\m1#*+r\m1mS=r,kZC'j

6D>VNPdkC'j6"%wmS#r"BK0r\m11&\r

\"Z10r\m1irBPvKKC'#?vr\m1w*;v4S

4T>,C4ST>KKr\m1D0/IC'tT1&\r\#*S

y!qDrP%r\m1,k!qr\m1T_D4!r"%w

%#r"BK0r\m11&\r\,"R;YPvKr\m1#

TVT 8>E":dadomainadmin.gif

92 f> 3.8

/IrtT → _6\m1

0_6\m11&\r\PvKy!qDrPDyPVPD_6\m

1#10rDr\m1r Policy Director \m1I9CC&\#;PV

PDC'ImS*BD_6\m1#*+_6\m1mS=r,kZC

'j6D>VNPdkC'j6"%wmS#r"BK0_6\m11

&\r\"Z10_6\m10qBPvK_6\m1#?v_6\m

1w*;v4S4T>,C4ST>KK_6\m1D0/IC't

T1&\r\#*Sy!qDrP%_6\m1,k!q_6\m1

T_D4!r"%w%#r"BK0_6\m11&\r\,"R;

YPvK_6\m1#

TVT 8>E":dasenioradmin.gif

< 63. r\m1


4./

I\

m

/IrtT → \m1

0\m11&\r\PvKy!qDrPDyPVPD\m1#10r

Dr\m1r Policy Director \m1I9CC&\#;PVPDC'I

mS*BD\m1#*+\m1mS=r,kZC'j6D>VNPd

kC'j6"%wmS#r"BK0\m11&\r\"Z10\m1

0qBPvKK\m1#?v\m1w*;v4S4T>,C4ST>

KK\m1D0/IC'tT1&\r\#*Sy!qDrP%\m

1,k!q\m1T_D4!r"%w%#r"BK0\m11&\

r\,"R;YPvK\m1#

TVT 8>E":daadmin.gif

< 64. _6\m1

94 f> 3.8

/IrtT → 'V\m1

0'V\m11&\r\PvKy!qDrPDyPVPD'V\m

1#10rDr\m1r Policy Director \m1I9CC&\#;PV

PDC'ImS*BD'V\m1#*+'V\m1mS=r,kZC

'j6D>VNPdkC'j6"%wmS#r"BK0'V\m11

&\r\"Z10'V\m10qBPvKK'V\m1#?v'V\

m1w*;v4S4T>,C4ST>KK'V\m1D0/IC't

T1&\r\#*Sy!qDrP%\m1,k!q'V\m1T_

D4!r"%w%#r"BK0'V\m11&\r\,"R;YP

vC'V\m1#

TVT 8>E":dasupadmin.gif

< 65. \m1


4./

I\

m

/I\m → 4(s5r04(s5r1&\r\9z\4(BDs5r#;P Tivoli SecureWay

Policy Director \m1I9CC&\#

TVT 8>E":dacreate.gif

< 66. 'V\m1

96 f> 3.8

*4(BDs5r,k9CBP=h:

1. ZrD>rPdkr#bGXnVN#

2. ZhvD>rPdkrhv#

3. Z LDAP s:D>VNPdks5rDa?6?<CJ-i

(LDAP)s:#bGXnVN#

4. ZdkyPDE".s,k!q4(T4(BDs5r#T>K

0/IrtT1&\r\,"RzI4Pr\mD&\#XZrt

TD|È",kNDZ773D:/IrtT;#

/I\m → 4(G+04(G+1&\r\9z\4(BDG+#;P Tivoli SecureWay

Policy Director \m1I9CC&\#

TVT 8>E":darolecreate.gif

< 67. 4(s5r


4./

I\

m

*4(BDG+,k9CBP=h:

1. ZG+FD>rPdkG+F#bGXnVN#

2. ZhvD>rPdkG+hv#

3. Z LDAP s:D>VNPdkKG+D LDAP s:#bGXnV

N#

4. dkG+DTsMCJmI(T:

a. ZTsMmI(D>VNPdkG+DTsMCJmI(T:

b. !qmST+TsMCJmI(TmS=G+#G+DTsMC

JmI(TF=KTs/mI(Pm#zIX4=h a M b +=

SDTmS=Pm#

":b)TTBPq=T>:Ts * mI(#

c. SG+P%T,kZTs/mI(PmP!q|,"R!q

%y!qD#rSPmP%KKT#zIX4=h c SPmP

%mbDT#

< 68. 4(G+

98 f> 3.8

5. ZdkyPDE".s,k!q4(T4(BDG+#T>K0G

+tT1&\r\,"RzI4PG+\mD&\#XZG+tT

D|È",kND:G+tT;#

/I\m → PvG+gzGT Tivoli SecureWay Policy Director \m1G<,rzMI9

CK&\#0G+Pm1&\r\PvKyPVPDG+#?vyT>

DG+G;v4S,C4ST>KrD0G+tT1&\r\#g;

PG+fZ,rT>"4R=G+#1G+fZ+G^(I&Pvr

lw1,2aT>ms"#

TVT 8>E":dalistroles.gif

G+tT

0G+tT1&\r\T>KyPky!qDG+`X*DtT#zI

i4r^DG+DtT#

TVT 8>E":daroleprops.gif

< 69. G+Pm


4./

I\

m

TBGG+tT:

¶ G+F(;I^D)

¶ hv

¶ Ts/mI(

*^DG+tT,k|DtT"!q^D#XZ|DG+tTD|È

",kNDZ973D:/I\m → 4(G+;#g&m'\,aZr

\PT>ms"#g&mI&,r"BKr\"|BKtT#*$

nX(rDG+,k!q$nrG+TT>0$nG+r1&\r\#

*#CX(rDG+,k!q#9rG+TT>0#CG+r1&\r

\#

G+tT → $nrG+

0$nrG+1&\r\9zI$nX(rD10G+#;P Tivoli

SecureWay Policy Director \m1I9CC&\#Zr\OT>KG+

#

TVT 8>E":daactivaterole.gif

< 70. G+tT

100 f> 3.8

*$nX(rDKG+,k9CBP=h:

1. ZrD>VNPdkrDj76#

2. !q&C#r"BKKr\"eKrVN#

G+tT → #9rG+

0#9rG+1&\r\9z\#CX(rD10G+#;P Tivoli

SecureWay Policy Director \m1I9CC&\#Zr\OT>KG+

#

TVT 8>E":dadeactivaterole.gif

< 71. $nrG+


4./

I\

m

*#CX(rDKG+,k9CBP=h:

1. ZrD>VNPdkrDj76#

2. !q&C#r"BKKr\"eKrVN#

/Ir → rC'Qw0rC'Qw1&\r\a)rWDC'j6Qw&\T(; Tivoli

SecureWay Policy Director C'#KQw&\r\TyPD\m1`M<

GICD#

TVT 8>E":dausersearch.gif

< 72. #9rG+

102 f> 3.8

*iRC',k9CBP=h:


V%d#

":gzk*T>(EDC'j6,kdkjj6,;sT>

KC'DtTTzfaPm#

2. *Z10rDSrPQwC',k!qQwSr#


sDns0kI\a<B:Dl&1d#

4. !qQw#Qw*<"RaT>ZBPjb.B:BPC'kQ

wu~%d:#

T>ZaPmPD?vC'j6G;v4S,C4ST>KKC

'D0/IC'tT1&\r\#XZ/IC'tTD|È",

kNDZ823D:/IrtT → PvC' → /IC'tT;#

< 73. rC'Qw


4./

I\

m

104 f> 3.8

w

[A]2+WSVc 3

'V 13

2+T

2+,S 24

_T 73

*s 13

2+T*s

WebSphere 12

20

2+T*s 13

20=h 13

X8m~ 6

% 19

dM20 12, 13

(F20 12, 13

~qw=( 5

F. 5, 6

E> 6

y'VD/@w 6

6X 19

hs 5

oT!q 18

T/ 6

IBM WebSphere Application Server 6

j<f 5, 12

^)| 4 5, 16

Tivoli Secure Way Policy Director 6

KP173 5

Tivoli SecureWay Policy Director KP17

3M\m~qw 12

Tivolli Secure Way Policy Director

\m~qw 5

20 (x)

Web Portal Manager 5, 17

[B]|0w

Java API 2

d?,E xi

j6

C' 26

ACL 45, 46

[C]K%r\ 21

Yw4% 23

cNa9 23

,6r 71

^D\m1 81

vfo

): viii

4! viii

Z_ viii

%

_6\m1 93

\m1 94

r\m1 92

rPDC' 81

'V\m1 95

i 29

Web Portal Manager 19


w

4(

G+ 74, 97

s5r 96

C' 25

rC' 85

Sr 87

i 38

ACL u? 47

GSO >$ 31

GSO i>$ 31

[D]G< 24

\m1`M 78

\k 3

gSJ~*5 x

):vfo x

KZE

1! 12

LDAP 12

Tsj6 41

TsUd

/@ 40

\#$Tsj6 41

tT 39

`vr 72

> 72

<> 72

[F]CJXFm,kND ACL 43

Vd

G+=r 89

E

73d? xi

76 xi

Ve xi

~qw

dCD~,httpd.conf

dC 13

1! 20

y'VD=( 5

IBM HTTP 2

IBM HTTP Server 1.3.12 17

IBM WebSphere 17

Web 2

=S

ACL 41

POP 41

4;

C'tT 30

[G]Ev

Web Portal Manager

gf 21

_6

\m1 93

&\r\ 22

JOoO 19

20 20

~qw4, 20

M''V 20

/@w 6

IBM HTTP Server 20

WebSphere 20

WebSphere \mXF( 20

XZvfoD4! x

106 f> 3.8

\m

,6r 71

`vr 72

G+ 1, 73

Pvs5r 76

s5r 71

/IG+ 73

/IC' 71

rPm 75

API 2


\m~qw

20 6

\mXF( 1

\m1

,6r 71

G<`M 78

`vr 72

CJ&\ 80

CJ4S 79

_6 73

&\ 80

\m1 73

`M 72

s5r 71

Nq 74

X( 79

^DzDr 81

r 73

$(e 72

'V 73

Policy Director 72

sec_master 71, 78

Kw

F 103

[H]73d?,E xi

n/U> 17

[J]$n

G+ 74

<u 1

E>

ezinstall_pdwpm.bat 6

G+

4( 97

T 98

TsMmI( 98

Ts/mI( 98

Vd 84, 88

Vd=r 89

$n 100, 101

+C'Vd=G+ 91

G+4( 74

G+Vd 74

Vd 74

G+$n 74

PvG+ 99

tT 99, 100, 101

/I 73

^D 100

mI( 73

Q(e 73

G+\m 1

gf



w

[K]M''V x

K!

ACL tT 48

XF(

Java 1

WebSphere \m 20

r\

K% 21

&\ 22

[L]/@w

Web 2

76"E xi

[M]\k

G< 3

JOoO 73

FKw 26, 103

?<"E xi

[P]dC

5CLr 18

IBM WebSphere Application Server

j<f 5, 12

^)| 4 5, 16

pdwpm.log 19

Tivoli Secure Way Policy Director

\m~qw 5

dC (x)

Web Portal Manager 5, 17

dCD~

IBM HTTP Server 12

dC Tivoli Secure Way Policy Director

KP173 5

dC Tivoli Secure Way Policy Director KP

173M\m~qw 12

[Q]t/


s5r 71

4( 96

+V"a,ND GSO 31

1!

~qw 20

!~qLrf 20

1!5

4;C'tT 84

[R]Nq

4(G+ 75

4(s5r 75

G+ 73

G+4( 74

G+Vd 74

G+\m 74

G+$n 74

`M 74

PvG+ 75

Pvs5r 75

Pvr 75

108 f> 3.8

Nq (x)

\#$TsUd 39

/I\m 75

C' 25

rC'Qw 75

iNq

i 34

O$ 3

O$PDD~ 13

U>

n/ 17

pdwpm.log D~ 19

m~Hvu~ 6

[S]>

C' 30

GSO >$ 30

LDAP C' 30

6

IBM JDK 1.2.2 17

5CLr

dC 18

Va

): viii

4! viii

Z_ viii

i

): viii

4! viii

Z_ viii

dkVN 23

tT

4(Sr 87

10r 78

G<r 78

tT (x)

TsUd 39

4;5 84

_6\m1 93

\m1 94

G+ 99, 100, 101

G+Vd 84, 88, 89

K! ACL tT 48

)9 46

)9tT 46

PvC' 81

PvSr 86

\k 83

\kGqP' 83

hv 83

83

GqG GSO C' 83

/IC' 82

/Ir 77

U 83

^D 84

mI( 47

i$\k 83

*|DD(^ 83

C' 23, 27

C'j6 83

C'Vd 91

C'GqGI1 83

r\m1 92

rhv 78

rC' 85

r sec_master 78

J'GqP' 83

'V\m1 95

i 35

hv 36

ij6 36

LDAP CN 36

LDAP DN 36


w

tT (x)

ACL 44

ACL j6 45, 46

ACL hv 45

ACL u? 45, 47

Qw

C' 25, 26

C'j6 27

i 34

ns0k 26, 103

[T]e5a9 1

mS

_6\m1 93

\m1 94

C'=r 81

r\m1 92

'V\m1 95

i 29

[W]/I

\m 96, 97

\mNq 75

\m,PvG+ 99

rPm 75

rtT 77

/I\m

\m 71

Pvs5r 76

/I\m1,<> 72

/IG+

\m 73

/IC' 1

\m 71

D~

Java Server Pages 2

pdwpm.log 19

[X]Hvu~

m~ 6

!~qLrf

1! 20

pdadmin 20

6X


^D

\m1 81

tT 100

C' 30

C'tT 30

i 29

GSO >$ 31

GSO i>$ 31

IBM HTTP Server 12

hs 5

~qwZf 5

m~ 5

20 5

2~ 5

WebSphere 5

mI(

G+ 73

tT 47

ACL 43

mI$-i 18

110 f> 3.8

[Y]f

Java Server Pages 2

C' 26, 86

4( 25

4(rC' 85

_6\m1 93

\m1 94

\m1,_6 73

\m1,\m1 73

\m1,r 73

\m1,'V 73

\m1,Policy Director 72

\m1,sec_master 71, 78

G+Vd 84

Pv/Ir 81

FKw 26

Nq 25

O$ 3

tT 23, 27

GSO j6 32

Qw 25, 26

QwtT 27

/I 1, 73

/ItT 82

^DtT 84

r\m1 92

'V\m1 95

C'j6 26

C'tT

\k 28

\kGqP' 29

hv 28

28

Gq* GSO C' 29

U 28

i$\k 28

C'j6 28

JEGqP' 28

C'tT (x)

i1m] 29

GSO >$ 30

LDAP DN 28

oT

!q 18

r

,6r 71

4(C' 85

`v 72

\m1 73, 92

$nG+ 100, 101

Pm,/I\m 75

Pvs5 76

s5 71

tT 77, 78

tT,4(Sr 87

tT,\m1 94

tT,G+Vd 88, 89

tT,C'Vd 91

tT,Sr 86

/IC' 82

/I,G+ 84

/I,PvC' 81

'V\m1 95

Sr,yhv 71

KP173

20 6

[Z]Z_vfo ix

wz 20

"z 24, 25

Sr 71, 86

T/E>

20 6


w

i

4( 38

tT 35

Qw 34

ns0k 26, 103

AACL 43

j6 45, 46

=S 41

K!tT 48

)9tT 46

Pm ACL 44

hv 45

tT 44

u? 45

u?tT 47

mI(hv 43

ACL u?mI( 47

API

\m 2

Java |0w 2

Eezinstall_pdwpm.bat 6

GGSO

j6 32

>$ 27

Q(e 31

GSO >$ 30

GSO i>$ 31

Hhttpd.conf 13

IIBM Developer Toolkit 17

IBM HTTP Server 2

|DdCD~ 12

JOoO 20

dCD~ 13

IBM HTTP Server 1.3.12 17

IBM JDK 1.2.2 17

IBM WebSphere

Application Server

j<f 12

IBM WebSphere Application Server 17

20 6

j<f 5, 12

2+T*s 12

dM20 12

(F20 12

^)| 4 6, 16, 17

install.bat 17

LDAP ~qw 12

PTF4 16

SSL 'V 13

IBM WebSphere Application Server j<f

setup.exe 13

install.bat 17

112 f> 3.8

JJava

XF( 1

Java Server Pages 1

D~ 2

f 2

JSP,ND Java Server Pages 1

LLDAP

KZE 12

LDAP s:

G+

LDAP s: 98

Ppdadmin

!~qLrf 20

pdwpm U>D~ 19

pdwpm.arm 13

Policy Director

\m1 72

POP

=S 41

PTF4 ?< 16

Ssec_master 71, 78

setup.exe 13

SSL,ND2+WSVc 3

TTivoli M''V x

Tivoli Secure Way Policy Director

\m~qw 5

KP173 5

Tivoli SecureWay Policy Director

20

\m~qw 6

KP173 6

Tivoli SecureWay Policy Director KP173

M\m~qw 12

WWeb

~qw 2

/@w 2

O$PDD~ 13


2+,S 24

2+T_T 73

20 5

cNa9 23

G< 24

Ev 21

\m 21

\m1 21

<u 1

i\ 1

dC 5

t/ 24

e5a9 1

C'Nq 25

"z 24, 25

i~ 2

WebSphere

KZE 12


w

WebSphere (x)

2~hs 5

IBM HTTP Server 2

WebSphere \m

XF( 20

WebSphere \mXF(

JOoO9C 20

9C 20

WebSphere \mr 20

Windows

y'VD=( 5

114 f> 3.8


Pz!"

G152-0084-00

Documents

Tivoli Policy Director - IBMpublib.boulder.ibm.com/tividd/td/SW_30/GC32-0737-00/zh... · 2007-09-29 · ¶ 6Tivoli® SecureWay Policy Director Base \m8O7,GB84-0404-01 ... %"MX/@w#Tivoli