Setting Up Roles and Passwords in Sybase Control Center

Set the initial user roles and passwords required for Sybase Control Center administrator login.

  1. Comment out this line if it exists: CSI.loginModule.7.options.roles=SUP Administrator

    Otherwise, anyone that authenticates with a valid user name and password (including those mapped to supUser) obtains the SUP Administrator role.

  2. Ensure that the roles defined in the LDAP repository match the roles defined in the <UAF_InstallDir>\conf\roles-map.xml file. By default, the role mapping file contains the following roles in the LDAP Login Module definition:
    <role-mapping modRole="SUP Administrator" uafRole="uaAgentAdmin" />
<role-mapping modRole="SUP Developer" uafRole="uaGuest" />
<role-mapping modRole="SUP User" uafRole="uaGuest" />
  3. To add role mapping for the Anonymous Login Module to the uaAnonymous role:
    1. Add the uaAnonymous role to the <uaf-roles> section of the roles-map.xml file: 
      <role name="uaAnonymous" description="Anonymous role" />
    2. Add the role mapping in the <security-modules> section of the roles-map.xml file: 
      <module name=''Anonymous Login Module''>
		 		 <role-mapping modRole=''uaAnonymous'' uafRole=''uaAnonymous'' />
	</module>
  4. Set the BindPassword and ProviderURL properties with values used in your deployment.
  5. To encrypt sensitive values inside this file, use the CSI tool utility. For example, you could use the following command to encode the password "ldapPwd". 
    java -jar <UnwiredPlatform_InstallDir>\Servers\
UnwiredServer\SQLAnywhere10\java\csi-tool.jar 
csi.encmessage @tomcat\conf\csibootstrap.properties 
--text %ldapPwd%

    The encrypted password displays on the screen.

  6. Cut and paste this into the CSI configuration file.

    For example, if you supply a real password as represented by "ldapPwd" in the example for step 4, the tool might display the following result:

    CSITool 3.1 ©) Copyright 2005-2007 Sybase, Inc. (3.1M5/2008/07/29 14:40:08PDT)
Running task: csi.encmessage
Successfully encrypted message.  The output was sent to stdout.
1-AAAAEgQQOLL+LpXJO8fO9T4SrQYRC9lRT1w5ePfdczQTDsP8iACk9mDAbm3F3p5a1wXWKK8+NdJukn
c7w2nw5aGJlyG3xQ==
    The string you copy is bolded in the output above.
Parent topic: Configuring an LDAP Provider for Sybase Control Center