Configure the Core so that the Policy service can connect to the external directory service that is used for policy. See "To use Directory Service Accounts" on page 1 for instructions on how to do this.
Enable and configure full-service Satellites to connect to the external directory service.
Use the LDIF file that was generated at the Policy page of the Core Console (and which contains the schema changes) to modify your directory schema so that the HPCA policy settings are used.
The command to backup an existing LDAP is:
LDIFDE -f OutputFileName
The command to update the external directory service is:
LDIFDE -i -f HPCAExtensions.ldif –v
Note: The LDIFDE command is applicable to Windows server platforms only. For additional information, see the Microsoft Knowledge Base article, Using LDIFDE to import and export directory objects to Active Directory.
For more information, see the HP Client Automation Enterprise Policy Server Reference Guide.
If necessary, modify the LDAP_RESOLVE method in the PRIMARY.SYSTEM.ZMETHOD Class of the Core Configuration Server Database.
By default, the CSDB is pre configured to use the LDAP_RESOLVE method and manage policies by the fully qualified domain name of the machine. The ZMTHPRMS attribute defines this:
ZMTHPRMS = ldap:\\\<ADINFO.COMPDN>>
This requires that the machine be a member of the domain that corresponds to the directory in which policy has been defined. If the machine is not a member of the domain, ADINFO.COMPDN will be blank.
Adjust the ZMTHPRMS value to manage policy using a different value. To do this, see Configuring the LDAP Method in the HP Client Automation Enterprise Policy Server Reference Guide.
IMPORTANT: If you adjust the ZMTHPRMS value in the Core CSDB, always perform a synchronization with the Satellite to bring down the new value to each Satellite that is enabled for Configuration and Policy.
Following Policy Server configuration, use the Management tab to add, administer, and query the policy entitlements in your LDAP policy store.