|
| Sun ONE Meta-Directory 5.1 Configuration and Administration Guide |
ContentsWhat You are Expected to Know
The Sun ONE Meta-Directory Documentation Set
Organization of This Guide
Documentation Conventions
Typographic Conventions
Where to Find Additional Information
Terminology
Chapter 1What is Meta-Directory?
Meta-Directory Components
Connectors
Meta-Directory Views
Direct Connectors
Join Engine
Indirect Connectors
Join Process
Meta View
How Meta-Directory Works
Connector Views
Chapter 2
Chapter 3Meta-Directory Principles at Work
The LDIF Data File
The CSV Data File
The Oracle Database
Background Information
Configuration of Connectors and Join Process Rules
Flowing LDIF Data to the Connector View
Integration of the Data With Join Rules
Flowing LDAP Data to the Meta View
Constructing an Attribute
Mapping CSV Data to LDAP Using the UTP
Mapping Attribute Flow Rules
Creating the Entry's Distinguished Name
Mapping CSV Data to LDAP Attributes
Flowing LDAP-configured CSV Data to the Meta View
Mapping LDAP Attributes to the Connector View
Mapping LDAP-configured CSV Data to the Meta View
Flowing Oracle Data to the Meta View
Configuring the Oracle Database as a Recognizable Data Server
Constructing an Attribute for the Oracle Database
Creating Attribute Flow Rules for the Oracle Database
Creating DN Mapping Rules for the Oracle Database
Applying Rules to the Participating View
Chapter 4Sun ONE Console application
To Access A Console page
iPlanet Console application
Console Pages
iPlanet Administration Server Console page
Menus
Sun ONE Administration Server Console page
iPlanet Directory Server Console page
Sun ONE Meta-Directory Console page
Console
Edit
View
Object
Tools
Help
Chapter 5What is the Join Engine?
Creating the Join Engine Instance
To Create a Join Engine Instance
What is the Join Process?
To Remove a Join Engine Instance
Join Process Rules and Rule Sets
Rule Sets
Configuring the Join Process
Join Process Rules
Optional Token Assignments (Format Operator)
Selection Criteria (Requirements Operator)
To Compose Entry Conditions
To Compose Attribute Conditions
To Compose Language Tagged Attribute Conditions
Combining Conditions
Distinguished Name Construction/Join Filter/Attribute Construction (Substitution Operator)
Join Rules
Operational Configuration for the Join Engine
Working With Join Rules
Constructed Attributes
To Create New Rules
To Edit Rules
To Delete Rules
To Create A New Rule Set Name
To Assign Members to a Rule Set
To Delete Members from a Rule Set
To Delete a Rule Set
To Test a Rule
Working With Constructed Attributes
Attribute Flow Rules
To Name a New Constructed Attribute
To Create a Rule for a New Constructed Attribute
To Edit a Rule
To Delete a Rule
To Delete an Attribute
Working With Attribute Flow
Filters
To Add a New Rule
To Add Attribute Mappings
To Edit a Rule
To Delete a Rule
To Create a New Rule Set
To Assign a Rule to the New Rule Set
To Delete a Rule From a Rule Set
To Delete a Rule Set
Attribute Flow Summary
Language Subtype Tagged Attributes
Working With Filters
Distinguished Name Mapping Rules
To Create a New Filter
To Add a Subtree Filter
To Add an Entry Filter to the Subtree
To Remove a Subtree Filter
To Remove an Entry Filter
To Delete a Filter
Working With DN Mapping Rules
Data Servers
To Add a New Rule
To Edit a Rule
To Delete a Rule
To Create a New Rule Set
To Assign a Rule to a Rule Set
To Edit a Rule Set
To Delete a Rule Set
Enabling UTF8 Character Flow Support
Enabling UTF8 in the Oracle database Connector
Enabling UTF8 in Indirect Connectors
Enabling UTF8 for Direct Connectors
Chapter 6Connector Views
To Add a Connector View Instance
Meta View
To Remove a Connector View Instance
Providing a Connector View Description
Providing a Meta View Description
Participating Views
To Provide Descriptive Information for a Meta View
Creating New Data in the Meta View
To Create an Entry in the Meta View
To Create a Group in the Meta View
To Create an Organization in the Meta View
To Modify an Entry in the Meta View
To Add a Participating View
Refreshing the Views
To Remove a Participating View
Configuring a Participating View
To Configure a Participating View
Enabling a Participating View
To Enable a Participating View
Checking Entry Links
Refreshing Meta Views
To Refresh the Meta View
Refreshing the External Data or Connector View
To Refresh External Data or the Connector View
Part 3 Meta-Directory Connectors
Chapter 7Connectors and Connector Rules
Direct Connectors
Indirect Connectors
The Universal Connector and Universal Text Parser
Indirect Connector Rules
The Windows NT Domain Connector
Active Directory Connector
Exchange Connector
Novell Directory Connector
Lotus Notes Connector
Attribute Flow Rules
Attribute Flow Rules
Default Attribute Value Rules
Filter Rules
Granularity and Ownership
Default Attribute Value Rules
To Configure an Attribute Flow Rule
To Change a Configuration
To Configure Default Attribute Values
Filter Rules
To Add a New Filter
To Remove an RDN for an Entry
To Remove a Subtree DN
To Delete a Filter
Chapter 8Configuring The Universal Connector
Function of the Universal Connector
Creating a Universal Connector Instance
To remove a connector instance
Configuring a Universal Connector Instance
To specify how updates are handled
Restarting a Connector Instance
To configure the schedule from and to connector views
To configure attributes for log files
To add external attributes for connectors
To include scripts for the Universal Text Connector
Implementing the Configuration
Starting the Join Engine
To start the join engine
Enabling the Connector View
Refreshing the View
Chapter 9Configuring the Universal Text Parser
An Overview of the Universal Text Parser
Universal Text Parser Modules
The task.cfg Configuration File
Pre-configured Configuration Files
Setting Up the Universal Text Parser
Non-Conforming Formats
Creating a task.cfg File for Comma-Separated Value Data Files
Before You Begin
Creating a task.cfg File for Name-Value Pair Data Files
Creating the File
Before You Begin
Creating a task.cfg File for LDIF Data Files
Creating the File
Before You Begin
Creating the File
Chapter 10Configuring the NT Domain Connector
Installing the Connector
To create an NT Domain Connector instance
Configuring a Participating connector view
To set connector parameters during instance creation
To add the instance as a participating view
To set connector parameters from the configuration file
To provide authorization
Creating Users
Configuring Connector Rules
To create an NT Domain user in the meta view
To modify an NT Domain user in the meta view
Configuring a Connector Instance
Activating the Configuration
Implementing the Configuration
Starting the Join Engine
Monitoring the Connector
To start the join engine
Enabling the Connector View
Refreshing the View
Data Flow for User and Group Entries
User Entries
Running the Connector from a Non-PDC Host
Group Entries
Configuration Example
Install the Connector
Configure Connector Rules
Configure a Connector Instance
Restart the Connector Instance
Chapter 11Configuring the Active Directory Connector
Installing the Connector
To install the Active Directory Server Interface (ADSI) package (For NT 4 only)
Configuring a Participating Connector View
To add a connector view instance
To set configuration parameters during instance creation
To add the instance as a participating view
To set configuration parameters from the configuration file
To provide authorization
Creating Users
Configuring Connector Rules
To create an Active Directory user in the meta view
To modify an Active Directory user in the meta view
Configuring a Connector Instance
Restarting the Connector Instance
Implementing the Configuration
Starting the Join Engine
Monitoring the Connector
To start the join engine
Enabling the Connector View
Refreshing the View
Data Flow for User and Group Entries
User Entries
Configuration Example
Group Entries
Install the Connector
Configure Connector Rules
Configure a Connector Instance
Restart the Connector Instance
Chapter 12Configuring the Database Connector
Before You Begin
Creating the Data Server
Configuring the Data Server
Configuring a Connector View
To invoke the Data Servers window
Running the Configuration Script
To add a new database server
To provide data server information
To delete a data server
Adding a Connector View Instance
To add the instance
Adding the Instance as a Participating View
To delete the instance
To add a participating connector view
To remove a participating connector view
Creating Constructed Attribute Rules
Configuration Example
Creating Attribute Flow Rules
Creating DN Mapping Rules
Creating join filters
Configuring a Participating Connector View
Starting the Join Engine
To start the join engine
Enabling the Connector View
Monitoring the Connector View
Create the Data Server
Changing Instrumentation
Configure the Participating Connector View
To add instrumentation
Issuing Privileges
To remove instrumentation
Script Generation
Script Execution
Synchronization of Instrumented Tables
Chapter 13Configuring the Microsoft Exchange Connector
Installing the Connector
To install the Active Directory Server Interface (ADSI) package
Configuring a Participating Connector View
To Add an Exchange Connector Instance
To set configuration parameters during instance creation
To add the instance as a participating view
To set configuration parameters from the configuration file
To provide authorization
Creating Users
To create a Microsoft Exchange User in the Meta View
Configuring Connector Rules
To modify a Microsoft Exchange user in the meta view
Configuring a Connector Instance
Restarting the Connector Instance
Implementing the Configuration
Starting the Join Engine
Monitoring the Connector
To start the join engine
Enabling the Connector View
Refreshing the View
Data Flow for User and Group Entries
User Entries
Configuration Example
Group Entries
Install the Connector
Configure Connector Rules
Configure a Connector Instance
Restart the Connector Instance
Start the Join Engine
Enable the Connector View
Chapter 14Configuring the Novell Directory Connector
Installing the Connector
To add a Novell Directory Connector Instance
Configuring a Participating Connector View
To provide authorization
To add the instance as a participating view
Creating Users
To create a Novell Directory User in the Meta View
Configuring Connector Rules
To modify a Novell user in the meta view
Attribute Flow
Granularity and Ownership
Object Class Flow
To add External Attributes for Novell Directory Connector
To Configure an Attribute Flow Rule
To add object classes for Novell Directory Connectors
Configuring a Novell Directory Connector Instance
To Configure an Object Class Flow Rule
Using the "General" tab
Monitoring the Connector
Using the "Schedule" tab
Using the "Log" tab
Using the "Attributes" tab
Using the "Object Classes" tab
Tuning Novell Directory Server for Search Performance
Restarting the Connector Instance
Enabling and Refreshing the Connector View
Data Flow for User and Group entries
Synchronizing Users using Novell Directory Specific Schema
Connector Configuration Data
Configuration Example
Limitations
Chapter 15Configuring the Lotus Notes Connector
Installing the Connector
To add a Lotus Notes Connector Instance
Configuring a Participating Connector View
To provide authorization
To add the instance as a participating view
Creating Users
To create a Lotus Notes User in the Meta View
Configuring Connector Rules
To modify a Lotus Notes user in the meta view
Attribute Flow
Granularity and Ownership
Object Class Flow
To add External Attributes for Lotus Notes connectors
To Configure an Attribute Flow Rule
To add object classes for Lotus Notes Connectors
Configuring a Lotus Notes Connector Instance
To Configure an Object Class Flow Rule
Using the "General" tab -
Monitoring the Connector
Using the "Schedule" tab
Using the "Log" tab
Using the "Attributes" tab
Using the "Object Classes" tab
Restarting the Connector Instance
Enabling and Refreshing the Connector View
Data Flow for User and Group entries.
Synchronizing Users using Lotus Notes Specific Schema
Connector Configuration Data
Configuration Example
Limitations
Chapter 16Starting and Stopping Components
The start.conf File
Starting Meta-Directory Components
Starting Components Via the Consoles
Stopping Meta-Directory Components
To Start From the Sun ONE Console Navigation Tree
Starting Components Via the Meta-Admin Command-Line Tool
To Start From the Meta-Directory Console Navigation Tree
Stopping Components Via the Console
Checking a Component's Operational Status
To Stop From the Sun ONE Console Navigation Tree
Stopping Components Via the Meta-Admin Command-Line Tool
To Stop From the Meta-Directory Console Navigation Tree
Stopping Components via Windows NT Services
Automated Restarts
Automating a Restart on Windows NT Systems
Automating a Restart on Solaris Systems
Automating a Restart With High Security on Windows NT Systems
Chapter 17Monitoring Meta-Directory Components
Operations
Join Engine Operations
Logs
Status
Connector Operations
View
Operation
Traverse
Last Change Notification
Status
View
Operation
Updates to the
Log Files
Statistics and Status Messages
Log Window Options
Refresh
Modules
Continuous
Lines to Show
Show Only Lines Containing
Starting at
Period
Specifying Log File Preferences
Working within the Log Window
Chapter 18The Query Tool
To Access the Query Tool
The Fix-It Tool
Searches
To Do a Search
Customizing the Query Tool
Extensive Searches
Constructing a Search With an LDAP Filter
Viewing a Selected Entry
Customizing Linkage Selection Filters
Customizing Column Headers
Sorting the Display of Entries
To Specify Language Preferences
Customizing Content Selection Filters
To Create a New Content Selection Filter
Accessing the Linkage Selection Filters Window
Query Tool Keyboard Shortcuts
To Create a New Linkage Selection Filter
To Edit a Linkage Selection Filter
Accessing the Fix-It Tool
Command Line Access of the Query/Fix-It Tool
To Link an Existing Entry to a New Entry
To Join, Unlink, or Exclude Entries
To Refresh a Current Entry
To view and modify an entry
Customizing the Fix-It Tool
Fix-It Tool Shortcuts
The Property Editor
To Invoke the Query/Fix-It Tool
To Alter the Properties for Members
Chapter 19The Meta-Admin Tool
The Meta-Admin Tool Syntax
Meta-Admin Tool Command-Line Options
Meta-Admin Tool Input
Meta-Admin Tool Responses
Chapter 20Managing Servers and Permissions
Configuring Data Servers
Accessing the Data Servers Window
Setting Access Permissions
To Add a New Data Server
To Test a Data Server Connection
To Delete a Data Server
To Set Access Permissions
Appendix AFormat Operators
Requirements Operators
Combining Requirements Operators
Substitution Operators
Generic Operators
Quoting
Appendix BThe Protocol Requests
Session Attributes
The Server URL Attribute
The Configuration and Authentication Attributes
Error Responses
Appendix CTroubleshooting Meta-Directory
Verifying End-to-End Flow
Viewing Link Information
mdsEntityOwner
Checking Operational Status
mdsLinkToCV
mdsLinkToMV
Status Window
Examining Log Files
Statistics Window
Data Server Test Connect Button
Turning Off UID Uniqueness
Fixing Join Problems
Fixing Data Flow Problems
Fixing Large Synchronization Failures
Common Problems
Instances
Configuration
Views
Connectors
Meta-Directory
Directory Server
Appendix DJoin Engine Messages
Universal Connector Messages
Novell and Notes Connector Error Mesages
Appendix ENeed for the tool
Setting the Environment Variables
Windows machines:
usage
Solaris machines
Known Issues & Limitations
Converting LDIF data to UDEF data:
Converting UDEF data to LDIF data:
Appendix F