Chapter 2. Planning 67
Tivoli Directory Server, then you can use the ldapsearch command to verify
whether the server is responsive.
2. Verifying the Policy Server
The pdadmin command can be used to verify the proper operation of the
Policy Server. Use the pdadmin command to log in as a Tivoli Access
Manager administrator:
pdadmin –a sec_master –p password
This is the first step of your validation. After that you can execute a few
commands to validate your environment. For example, you could list users
with the user list command.
pdadmin> user list * 100
3. Verifying the runtime environment
Every machine with the Access Manager runtime installed can be tested with
the pdadmin tool just as the Policy Server is. The pdadmin utility is installed
along with the Access Manager runtime.
4. Verifying WebSEAL
You can use a browser to verify that WebSEAL is operating properly. To verify,
enter the following URL into your browser:
https://webseal-machinename
Because a port number is not specified, it is assumed that WebSEAL is
listening on port 443 (HTTPS). Your browser might give you the following
warnings:
a. The certificate received from this Web server was issued by a company
that you have not yet chosen to trust
b. The name within the certificate received from WebSEAL does not match
the name of the system from which it was received
If these warnings occur, they simply indicate that you have not yet purchased
your own server certificate for your WebSEAL server. Your browser is
complaining that it has received a default server certificate from WebSEAL
that contains default names for the issuing certificate authority and the name
of the Web server. Next, the browser prompts you to specify a Tivoli Access
Manager user name and password. Enter sec_master for the user name and
the password that you configured for sec_master during installation. If
authentication is successful, an image labeled Tivoli Access Manager for
WebSEAL appears.
If you are using Tivoli Access Manager Web Server plug-in the verification
process is the same, but as a result screen the default Web server page
appears.