Red Hat NETSCAPE DIRECTORY SERVER 6.0 Installationsanleitung

Stöbern Sie online oder laden Sie Installationsanleitung nach Server Red Hat NETSCAPE DIRECTORY SERVER 6.0 herunter. Red Hat NETSCAPE DIRECTORY SERVER 6.0 Installation guide Benutzerhandbuch

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 118
  • Inhaltsverzeichnis
  • FEHLERBEHEBUNG
  • LESEZEICHEN
  • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 0
Landmann
Red Hat Directory Server 8.2
Installation Guide
Installing Red Hat Directory Server 8.2
Edition 8.2.2
Seitenansicht 0
1 2 3 4 5 6 ... 117 118

Inhaltsverzeichnis

Seite 1 - Installation Guide

LandmannRed Hat Directory Server 8.2Installation GuideInstalling Red Hat Directory Server 8.2Edition 8.2.2

Seite 2 - Edition 8.2.2

NOTEA note provides additional information that can help illustrate the behavior of the system orprovide more detail for a specific issue.IMPORTANTImp

Seite 3

GSS- APIGeneric Security Services. T he generic access protocol that is the native way for UNIX-basedsystems to access and authenticate Kerberos servi

Seite 4 - Table of Contents

indirect CoSAn indirect CoS identifies the template entry using the value of one of the target entry'sattributes.int ernational indexSpeeds up se

Seite 5

LDAPv3Version 3 of the LDAP protocol, upon which Directory Server bases its schema format.LDBM databaseA high-performance, disk-based database consist

Seite 6

master agentSee SNMP master agent.matching ruleProvides guidelines for how the server compares strings during a search operation. In aninternational s

Seite 7

The problem of managing multiple instances of the same information in different directories,resulting in increased hardware and personnel costs.name c

Seite 8 - 1. Examples and Formatting

OIDSee object identifier.operational attribut eContains information used internally by the directory to keep track of modifications and subtreepropert

Seite 9 - 1.3. LDAP Locations

presence indexAllows searches for entries that contain a specific indexed attribute.prot ocolA set of rules that describes how devices on a network ex

Seite 10 - 2. Additional Reading

string to form the full distinguished name. Also relative distinguished name.read- only replicaA replica that refers all update operations to read-wri

Seite 11 - 4. Documentation History

RFCRequest for Comments. Procedures or standards documents submitted to the Internetcommunity. People can send comments on the technologies before the

Seite 12 - # DNS information

Server ConsoleJava-based application that allows you to perform administrative management of your DirectoryServer from a GUI.server daemonThe server d

Seite 13 - 1.2.2. Port Numbers

Red Hat Directory Server Schema Reference provides reference information about the DirectoryServer schema.Red Hat Directory Server Plug-in Programmer&

Seite 14 - IMPORTANT

SNMPUsed to monitor and manage application processes running on the servers by exchanging dataabout network activity. Also Simple Network Management P

Seite 15 - 1.2.8. Directory Suffix

supplier serverIn the context of replication, a server that holds a replica that is copied to a different server iscalled a supplier for that replica.

Seite 16 - 1.2.10. Administration Domain

Transport Layer SecuritySee TLS.UuidA unique number associated with each user on a Unix system.URLUniform Resource Locater. The addressing system used

Seite 17

Administration domain, Administration DomainCClients cannot locat e the server, Problem: Clients cannot locate the serverCommand- line arguments, Sen

Seite 18

- starting, Starting the Directory Server ConsoleDirect ory suffix, Directory Suffixdskt une, Using dsktuneEExpress setup- Red Hat Enterprise Linux, E

Seite 19

- setup-ds-admin.pl, Overview of Setup- silent, Overview of SetupMMigrat ing, Migrat ing from Previous Versions- overview, Migration and Upgrade Overv

Seite 20 - 1.4. Overview of Setup

Perl- Red Hat Enterprise Linux, Perl PrerequisitesPort number- finding Admin Server, Getting the Admin Server Port NumberRRed Hat Ent erprise Linux, S

Seite 21

- modes compared, Overview of Setup- Red Hat Enterprise Linux- custom, Custom Setup- express, Express Setup- typical, T ypical Setup- silent setup, Si

Seite 22

Typical setup- Red Hat Enterprise Linux, T ypical SetupUUninstalling Directory Server- Red Hat Enterprise Linux, Uninstalling Directory Serverupgrade-

Seite 23

Chapter 1. Preparing for a Directory Server InstallationBefore you install Red Hat Directory Server 8.2, there are required settings and information t

Seite 24

lab.eng.exam ple.com , so the domain name used by the setup script is lab.eng.exam ple.com .Any information in the /etc/resolv.conf file must match th

Seite 25

NOTEWhen determining the port numbers you will use, verify that the specified port numbers are notalready in use by running a command like netstat.If

Seite 26 - 2.1.1. Required JDK

Section 1.2.2, “Port Numbers” has more information on port numbers in Directory Server.1.2.5. Directory ManagerThe Directory Server setup creates a sp

Seite 27 - 2.2. Using dsktune

The directory suffix is the first entry within the directory tree. At least one directory suffix must beprovided when the Directory Server is set up.

Seite 28

configuration settings for the Directory Server and Admin Server instances. For example:setup-ds-admin.plThe setup-ds-adm in.pl script can also accept

Seite 29

NOTEThe section names and parameter names used in the .inf files and on the command line arecase sensitive. Refer to T able 1.1, “setup-ds-admin Optio

Seite 30

Table 1.1. set up- ds-admin Opt ionsOption Alternate Options Description Example--silent -s This sets that thesetup script will run insilent mode, dra

Seite 31 - Enterprise Linux

Red Hat Directory Server 8.2 Installation GuideInstalling Red Hat Directory Server 8.2Edition [email protected] m

Seite 32 - 3.1. Installing OpenJDK

inf.WARNINGThe cache filecontains thecleartextpasswordssupplied duringsetup. Useappropriatecaution andprotection withthis file.--logfile name -l This

Seite 33 - 3.3. Express Setup

information about the directory service, like suffix and configuration directory information, while stillproceeding quickly through the setup process.

Seite 34 - # /usr/sbin/setup-ds-admin.pl

Table 1.2. Comparison of Setup TypesSetupScreenParameterInputExpress Typical Custom Silent SetupFileParameterContinue withsetupYes or no N/AAccept lic

Seite 35

Give theConfigurationDirectoryServer user ID[a]admin[General]ConfigDirectoryAdminID=adminGive theConfigurationDirectoryServer userpassword [a]password

Seite 36 - 3.4. Typical Setup

DirectoryManager IDManager[slapd]RootDN=cn=DirectoryManagerSet theDirectoryManagerpasswordpassword[slapd]RootDNPwd=passwordInstall sampleentriesYes or

Seite 37 - System Group [nobody]:

runsnobodyAre you readyto configureyour servers?Yes or no N/A[a] This o p tio n is o nly availab le if yo u c ho o se to reg ister the Direc to ry Se

Seite 38 - Administration port [9830]:

Chapter 2. System RequirementsBefore configuring the default Red Hat Directory Server 8.2 instances, it is important to verify that thehost server has

Seite 39 - 3.5. Custom Setup

2.1.2. Directory Server Supported PlatformsDirectory Server 8.2 is supported on the following platforms:Red Hat Enterprise Linux 4 x86 (32-bit)Red Hat

Seite 40

Along with meeting the required operating system patches and platforms, system settings, like thenumber of file descriptors and T CP information, shou

Seite 41

NOTERed Hat Directory Server is also supported running on a virtual guest on a Red Hat EnterpriseLinux virtual server.Both Red Hat Enterprise Linux ve

Seite 42

Legal NoticeCopyright © 2010 Red Hat, Inc..This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 UnportedLicense

Seite 43

2.3.2. Red Hat Enterprise Linux System ConfigurationAfter verifying the system's kernel and glibc configuration and installing any required modul

Seite 44 - /usr/bin/redhat-idm -console

Chapter 3. Setting up Red Hat Directory Server on Red HatEnterprise LinuxInstalling and configuring Red Hat Directory Server on Red Hat Enterprise Lin

Seite 45

3.1. Installing OpenJDKNecessary Java libraries are not bundled with Directory Server. T hey must be downloaded andextracted separately before install

Seite 46

channel on Red Hat Network, http://rhn.redhat.com.It is also possible to install the Directory Server packages from media:a. Download the packages fr

Seite 47 - 4.5. Silent Setup

NOTEThe Directory Server requires the fully-qualified domain name to set up the servers, as describedin Section 1.2.1, “Resolving the Fully-qualified

Seite 48

NOTETo register the Directory Server instance with an existing Configuration Directory Server,select yes. This continues with the registration process

Seite 49

1. Get the Admin Server port number from the Listen parameter in the console.confconfiguration file.grep \^Listen /etc/dirsrv/adm in-serv/console.con

Seite 50

defaults to the fully-qualified domain name (FQDN) for the host. For example:Computer name [ldap.example.com]:NOTEThe Directory Server requires the fu

Seite 51

NOTETo register the Directory Server instance with an existing Configuration Directory Server,select yes. This continues with the registration process

Seite 52

Are you ready to set up your servers? [yes]:Creating directory server . . .Your new DS instance 'example2' was successfully created.Creating

Seite 53

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Seite 54

WARNINGIf Directory Server is already installed on your machine, it is extremely important that you performa migration, not a fresh installation. Migr

Seite 55

instance, called the Configuration Directory Server. T his registers the new instance so it can bemanaged by the Console. If this is the first Directo

Seite 56 - Specifies the password

the Directory Server database. T his option is helpful for evaluation or testing Directory Serverfeatures.This is not required.17. Select whether to

Seite 57

/usr/bin/redhat-idm -console -a http://localhost:9830NOTEIf you do not pass the Admin Server port number with the redhat-idm-console command,then you

Seite 58

Chapter 4. Advanced Setup and ConfigurationAfter the default Directory Server and Admin Server have been configured, there are tools available tomanag

Seite 59

If there are proxies for the HT T P connections on the client machine running the Directory ServerConsole, the configuration must be changed in one of

Seite 60

NOTENew Directory Server instances can be created through the Directory Server Console; this isdescribed in the Directory Server Administrator's

Seite 61

4.3.2. Registering an Existing Directory Server Instance with the ConfigurationDirectory ServerThe Configuration Directory Server uses the o=NetscapeR

Seite 62

1. Install the Directory Server packages.2. Make the setup .inf file. It must specify the following directives:[General] FullMachineName= dir.exampl

Seite 63

NOTEWhen creating a single instance of Directory Server, the Directory Server packages must alreadybe installed, and the Admin Server must already be

Seite 64

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Seite 65

/usr/sbin/setup-ds-admin.pl General.FullMachineName=ldap.exam ple.com “slapd.Suffix=dc=example,dc=com” slapd.ServerPort=389NOTEPassing argumen

Seite 66

Table 4 .2. setup- ds-admin OptionsOption Alternate Options Description Example--silent -s This sets that thesetup script will run insilent mode, draw

Seite 67 - 5.2. Migrating 7.1 Servers

WARNINGThe cache filecontains thecleartextpasswordssupplied duringsetup. Useappropriatecaution andprotection withthis file.--logfile name -l This para

Seite 68 - /usr/sbin directory

dn: cn=replica,cn=dc=example\,dc=com,cn=mapping tree,cn=configchangetype: addobjectclass: topobjectclass: nsds5replicaobjectclass: extensibleObjectcn:

Seite 69

[General] directive=value directive=value directive=value ...[slapd] directive=valuedirective=value directive=value ...[admin]directive=value directiv

Seite 70

Table 4 .3. [General] DirectivesDirect ive Description Required ExampleFullMachineName Specifies the fullyqualified domain nameof the machine onwhich

Seite 71 - 5.2.2. Before Migration

ConfigDirectoryAdminPwdSpecifies the passwordfor the admin user.YesChapter 4. Advanced Setup and Configuration 53

Seite 72

Table 4 .4 . [slapd] DirectivesDirect ive Description Required ExampleServerPort Specifies the port theserver will use for LDAPconnections. Forinforma

Seite 73

structure and accesscontrol. If this directiveis used and InstallLdifFile isalso used, then thisdirective has no effect.The default is no.AddSampleEnt

Seite 74

is not used, then thedefault is yes, meaningthe configuration dataare stored in the newinstance.UseExistingMC Sets whether to storethe configuration d

Seite 75

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Seite 76

Table 4 .5. [admin] DirectivesDirect ive Description Required ExampleSysUser Specifies the user aswhich the Admin Serverwill run. The default isuser n

Seite 77

Example 4 .1. .inf File for a Custom Installat ion[General]FullMachineName= ldap.exam ple.comSuiteSpotUserID= nobodySuiteSpotGroup=

Seite 78 - 5.3. Upgrading 8.1 Servers

Example 4 .2. .inf File for Registering the Instance with a Configuration Directory Server(Typical Setup)[General] FullMachineName= dir.example.com Su

Seite 79

NOTEThere are two PassSync packages available, one for 32-bit Windows servers and one for64-bit. Make sure to select the appropriate packages for your

Seite 80

certutil.exe -d . -L -n "DS CA cert"13. Reboot the Windows machine. The Password Sync service is not available until after a systemreboot.N

Seite 81

4.7.1. Removing a Single Directory Server InstanceIt is possible to remove a single instance of Directory Server without uninstalling the system./usr/

Seite 82

Chapter 5. Migrating from Previous VersionsRed Hat Directory Server 8.2 supports both a migration path and an in-place upgrade, depending on theversio

Seite 83

5.2. Migrating 7.1 ServersRed Hat Directory Server 7.1 servers are migrated to a new Directory Server 8.2 instance. This uses aspecial script which ca

Seite 84

old Directory Server. There is also one required argument, General.ConfigDirectoryAdminPwd,which gives the password of the directory administrator for

Seite 85

Table 5.1. migrate-ds-admin Opt ionsOption Alternate Options DescriptionGeneral.ConfigDirectoryAdminPwd=passwordRequired. This is the passwordfor the

Seite 86 - 5.4. Upgrading Password Sync

Red Hat Directory Server 8.2 Installation Guide4

Seite 87

another with a differentarchitecture. For cross-platformmigrations, only certain data aremigrated. This migration actiontakes database informationexpo

Seite 88 - 6.2. LDAP Tool Locations

5.2.2. Before MigrationFor the safety of the Directory Server data, do these things before beginning to migrate the DirectoryServer instances:Shut dow

Seite 89 - Listen 0.0.0.0:port

10presence.ldif05rfc2247.ldif5.2.3. Migrating a Server or Single InstanceTo migrate a Directory Server installation to a new one on the same machine,

Seite 90

resynchronized.a. Reboot the Windows machine.b. In the Directory Server Console, open the Configuration tab.c. Expand the Replication folder, and s

Seite 91 - 6.7. Troubleshooting

packages.Make the first migrated master the configuration instance since it is not replicated. T hen,register other master and hub servers with the fi

Seite 92

NOTEIf the new machine has a different architecture than the old machine, such as moving from x86 tox86_64, you must perform a cross platform migratio

Seite 93

1. Stop all Directory Server instances and the Admin Server.2. Back up all the Directory Server user and configuration data.3. Install the Director

Seite 94

NOTEOn Red Hat Enterprise Linux 5 (64-bit) machines, the m igrate-ds-adm in tool is in the /usr/sbin directory.The command format to move from one pla

Seite 95

/usr/sbin/migrate-ds-admin.pl --cross --oldsroot server2:/migration/opt/redhat-ds --actualsroot /opt/redhat-ds General.ConfigDirectoryAdminPwd=passwor

Seite 96

IMPORTANTIf there are any duplicate entries (based on duplicate DNs), then the upgrade process makes acopy of the database. It is possible, in an extr

Seite 97

PrefaceThis installation guide describes the Red Hat Directory Server 8.2 installation process and the migrationprocess. T his manual provides detaile

Seite 98

rpm -qf /usr/sbin/setup-ds-admin.pl redhat-ds-admin-8.2.0-0.el5dsrv6. Verify that the directory databases have been successfully migrated. Directory

Seite 99

ls -R /var/lib/dirsrv/slapd-instance_name/dbdb:abcRoot abcRoot.orig DBVERSION guardian log.0000000001 userRootdb/abcRoot:aci.db4 DBVERSIO

Seite 100 - Glossary

NOTEManually restarting the server should only be required for Red Hat Enterprise Linux 4systems. Other systems should restart automatically.NOTEThe s

Seite 101

[..] - upgradedn userRoot: Duplicated entrydn detected: "cn=uid\3djsmith1\2cou\3ddev0\2co\3dengineering0,ou=people,dc=example,dc=com ": Entr

Seite 102

To upgrade Directory Server and move the instance from one machine to another, the 8.1 informationmust be imported into the new instance manually. T h

Seite 103

4. Copy the LDIF files from the old machine to the new machine.5. Import the LDIF files into the new Directory Server 8.2 databases.ldif2db -n userR

Seite 104

8. Run setup-ds.pl with the -u option. This updates the DN formats in any migrated databases tobe compliant with RFC 4514.setup-ds.pl -u9. Restart t

Seite 105

Chapter 6. General Usage InformationThis chapter contains common information that you will use after installing Red Hat Directory Server 8.2,such as w

Seite 106

Table 6.2. Red Hat Enterprise Linux 4 and 5 (x86_64 )File or Directory LocationLog files /var/log/dirsrv/slapd-instanceConfiguration files /etc/dirsr

Seite 107

redhat-idm-console -a http://localhost:9830 -u "cn=Directory Manager" -w secretTable 6.3. redhat- idm-console OptionsOption Description-a ad

Seite 108

1.1. Command and File ExamplesAll of the examples for Red Hat Directory Server commands, file locations, and other usage are given forRed Hat Enterpri

Seite 109

Passing the instance name stops or starts only that instance; not giving any name starts or stops allinstances.NOTEThe service name for the Directory

Seite 110

cd /etc/dirsrv/slapd-instance/vi dse.ldif4. Locate the nsslapd-rootpw parameter.nsslapd-rootpw: {SS HA}x03lZLMyOPaGH5VB8fcys1IV+TVNbBIOwZEYoQ==Delete

Seite 111

Example 6.1. dskt une OutputRed Hat Directory Server system tuning analysis version 10-AUGUST-2007.NOTICE : System is i686-unknown-linux2.6.9-34.EL (1

Seite 112

/etc/dirsrv/slapd-instance_name directory.GlossaryAaccess cont rol instructionSee ACI.access cont rol listSee ACL.access right sIn the context of acce

Seite 113

regardless of the conditions of the bind.approximate indexAllows for efficient approximate or "sounds-like" searches.at tributeHolds descrip

Seite 114

bind DNDistinguished name used to authenticate to Directory Server when performing an operation.bind ruleIn the context of access control, the bind ru

Seite 115

server. Programs written to use CGI are called CGI programs or CGI scripts and can be writtenin many of the common programming languages. CGI programs

Seite 116

alphabet or how to compare letters with accents to letters without accents.consumerServer containing replicated directory trees or subtrees from a sup

Seite 117

definition entrySee CoS definition entry.Direct ory Access ProtocolSee DAP.Direct ory ManagerThe privileged database administrator, comparable to the

Seite 118

called realthing.yourdomain.domain where the server currently exists.EentryA group of lines in the LDIF file that contains information about an object

Kommentare zu diesen Handbüchern

Keine Kommentare