When you change the OpenAM host name, you must make manual changes to the configuration. This chapter describes what to do. If you also must move an embedded configuration directory from one host to another, see the OpenDJ documentation on Moving Servers.
Changing OpenAM host names involves the following high level steps.
-
Adding the new host name to the Realm/DNS Aliases list
-
Exporting, editing, then importing the configuration
This step relies on the ssoadm command, which you install separately from OpenAM as described in To Set Up Administration Tools.
-
Stopping OpenAM and editing configuration files
-
Removing the old host name from the Realm/DNS Aliases list
Before you start, make sure you have a current backup of your current installation. See Backing Up and Restoring OpenAM Configurations for instructions.
Procedure 19.1. To Add the New Host Name As an Alias
-
Login to OpenAM console as administrator,
amadmin. -
Under Access Control > / (Top Level Realm), add the new host name to the Realm/DNS Aliases list, and then save your work.
Procedure 19.2. To Export, Edit, & Import the Service Configuration
-
Export the service configuration.
$ ssoadm export-svc-cfg -u amadmin -e fZatIu68OiqccJMXosSRyVjMsWJIx+SA -f /tmp/pwd.txt -o config.xml Service Configuration was exported.
In this example, the secret key for encrypting the password in
-e fZatIu68OiqccJMXosSRyVjMsWJIx+SAwas taken from the Password Encryption Key field in the OpenAM console under Configuration > Servers and Sites >Server Name> Security. -
Edit the service configuration file.
-
Change the fully qualified domain name, such as
openam.example.com, throughout the file. -
If you are changing the deployment descriptor, such as
/openam, then change the value ofcom.iplanet.am.services.deploymentDescriptor.Also change the deployment descriptor in the
propertiesViewBeanURL="attribute.deployment-descriptor/auth/ACServiceInstanceList"Also change the deployment descriptor in the
propertiesViewBeanURL="attribute.deployment-descriptor/auth/ACModuleList"Also change the deployment descriptor in a <Value> element that is a child of an <AttributeValuePair> element.
Also change the deployment descriptor where it occurs throughout the file in the full URL to OpenAM, such as
http://openam.example.com:8080/.deployment-descriptor -
If you are changing the port number, then change the value of
com.iplanet.am.server.port.Also change the port number in
host:port -
If you are changing the domain name, then change the cookie domain such as
<Value>.example.com</Value>throughout the file.
-
-
Import the updated service configuration.
$ ssoadm import-svc-cfg -u amadmin -e fZatIu68OiqccJMXosSRyVjMsWJIx+SA -f /tmp/pwd.txt -X config.xml Directory Service contains existing data. Do you want to delete it? [y|N] y Please wait while we import the service configuration... Service Configuration was imported.
Procedure 19.3. To Edit OpenAM Configuration Files For the New Host Name
-
Stop the web container where OpenAM runs.
-
Edit the bootstrap file, such as
/home/user/openam/bootstrap, changing the FQDN, port, and deployment descriptor for OpenAM as necessary. -
If you are changing the deployment descriptor, then move the folder containing OpenAM configuration, such as
/home/user/openam/, to match the new deployment descriptor, such as/home/user/openam2/. -
If you are changing the location or deployment descriptor, change the name of the file in the
/home/user/.openamcfgfolder, such asAMConfig_path_to_tomcat_webapps_openam_to match the new location and deployment descriptor.Also edit the path name in the file to match the change you made when moving the folder.
-
Restart the web container where OpenAM runs.
