Sun Java logo     Copyright      Index      Next     

Sun logo
Sun Java(TM) System Directory Proxy Server 5.2 2005Q1 Administration Guide 

Contents


List of Figures    

List of Tables    

List of Procedures    

Preface    
Conventions    
Related Books    
Directory Proxy Server Books    
Administration Server Books    
Directory Proxy Server Books    
Related Java Enterprise System Books    
Documentation, Support, and Training    
Related Third-Party Web Site References    
Sun Welcomes Your Comments    

Part I Introduction to Directory Proxy Server    

Chapter 1   Overview of Directory Proxy Server    
Introduction    
Directory Proxy Server Feature Set    
High Availability    
Load Balancing    
Failover    
Security    
Client-Server Compatibility    

Chapter 2   Directory Proxy Server Deployment Scenarios    
An Internal High Availability Configuration    
Distributed LDAP Directory Infrastructure    
Customer Scenario    
Customer Deployment    
LDAP Request Flow    
A Centralized LDAP Directory Infrastructure    
Customer Scenario    
Customer Deployment    
LDAP Request Flow    
Deploying Directory Proxy Server With a Single Firewall    
Deploying Directory Proxy Server With Two Firewalls    

Part II System Tuning    

Chapter 3   System Tuning    
Setting the Maximum Number of Concurrent Connections    
To Set the Maximum Number of Concurrent Connections to Directory Proxy Server    
Tuning TCP    

Part III Console Based Administration    

Chapter 4   Introducing Directory Proxy Server Console    
Getting Started With Sun Java System Server Console    
Servers and Applications Tab    
Users and Groups Tab    
Sun Java System Administration Server    
Starting the Administration Server    
Stopping Administration Server    
Accessing the Directory Proxy Server Consoles    
Logging In to the Sun Java System Server Console    
To Log In to the Sun Java System Server Console    
Opening the Appropriate Directory Proxy Server Console    
Opening the Directory Proxy Server Console    
Opening the Directory Proxy Server Configuration Editor Console    

Chapter 5   Starting, Restarting, and Stopping Directory Proxy Server    
Starting and Stopping Directory Proxy Server    
Starting and Stopping Directory Proxy Server From Sun Java System Server Console    
To Start or Stop Directory Proxy Server    
Starting and Stopping Directory Proxy Server From Command Line    
To Start or Stop Directory Proxy Server from the Command Line    
Restarting Directory Proxy Server    
Restarting Directory Proxy Server From Command Line    
To Restart Directory Proxy Server From the Command Line    
Reloading Directory Proxy Server From Sun Java System Server Console on UNIX Platforms    
To Reload Directory Proxy Server From the Directory Proxy Server Console    
Checking Directory Proxy Server System Status    
Checking Directory Proxy Server Status From Sun Java System Server Console    
To Check Directory Proxy Server Status From Sun Java System Server Console    
Checking Directory Proxy Server Status From Command Line    
To Determine Directory Proxy Server Status From The Command Line    
Starting and Stopping Directory Proxy Server From the Command Line    
Supported Flags    
Restarting Directory Proxy Server    

Chapter 6   Creating System Configuration Instances    
Creating System Configuration Instances    
To Create an Object for System Configuration    
Saving Configurations    

Chapter 7   Creating and Managing Groups    
Overview of Groups    
Creating Groups    
To Create a Network Group in Directory Proxy Server    
Modifying Groups    
To Modify a Group    
Deleting Groups    
To Delete a Group    

Chapter 8   Defining and Managing Property Objects    
Attribute Renaming Property    
Creating Attribute Renaming Property Objects    
To Identify Client and Server Attributes for Renaming    
Forbidden Entry Property    
Creating Forbidden Entry Property Objects    
To Identify Entries or Attributes to Hide From Clients    
LDAP Server Property    
Creating LDAP Server Property Objects    
To Identify Directory Servers for Communication With Directory Proxy Server    
Load Balancing Property    
Creating Load Balancing Property Objects    
To Define Load Balancing for a Set of Directory Servers    
Search Size Limit Property    
Creating Search Size Limit Property Objects    
To Define Limits for Search Sizes    
Modifying Property Objects    
To Modify a Property Object    
Deleting Property Objects    
To Delete a Property Object    

Chapter 9   Creating and Managing Event Objects    
Overview of Events    
Creating Event Objects    
Creating OnBindSuccess Event Objects    
To Create an Event Object Based on the OnBindSuccess Event    
Creating OnSSLEstablished Event Objects    
To Create an Event Object Based on the OnSSLEstablished Event    
Modifying Event Objects    
To Modify an Event Object    
Deleting Event Objects    
To Delete an Event Object    

Chapter 10   Creating and Managing Action Objects    
Overview of Actions    
Creating Action Objects    
To Create an Action Object to Change a Client From One Group To Another    
Modifying Action Objects    
To Modify an Action Object    
Deleting Action Objects    
To Delete an Action Object    

Chapter 11   Configuring and Monitoring Logs    
Overview of Logging    
System Log    
Audit Log    
Configuring Logs    
To Define the Log Settings    
To Specify a Logging Property    
Monitoring Logs    
To View Log Records in a File    

Chapter 12   Configuring Security    
Preparing to Set Up SSL and TLS    
Setting up SSL or TLS with an Internal Security Device    
Setting up SSL or TLS with an External Security Device    
Setting Up SSL with Internal and External Security Devices    
Setting Up SSL Communication    
Installing a Server Certificate for Directory Proxy Server    
SSL Certificates    
To Generate a Server Certificate Request    
To Send a Server Certificate Request    
To Install the Certificate    
To Install a CA Certificate or Server Certificate Chain    
Backing Up and Restoring Your Certificate Database    
To Back Up Your Certificate Database    
To Restore Your Certificate Database From a Backup    
Setting Up SSL Connections Between Directory Proxy Server and Clients    
To Add Directory Proxy Server CA Certificate to a Client Trust Databases    
To Make Changes to the Directory Proxy Server System Configuration    
To Make Changes to the Directory Proxy Server Network Groups    
Setting Up SSL Connections Between Directory Proxy Server and LDAP Servers    
To Install a CA Certificate or Server Certificate Chain    
To Add Directory Proxy Server CA Certificate to the LDAP Server Trust Databases    
To Make Changes to the LDAP Server Properties    

Part IV Appendixes    

Appendix A   Directory Proxy Server Decision Functions    
Establishing Group on Connection    
Change Group on Bind    
Configuring Change Group On Bind    
To Configure Change Group On Bind    
Change Group on Establishment of TLS    
High Availability Setup    
Following Referrals    

Appendix B   Directory Proxy Server FAQ, Features, and Troubleshooting    
Directory Proxy Server FAQ    
What is Directory Proxy Server?    
Why do I need Directory Proxy Server?    
What version of the LDAP protocol does Directory Proxy Server support?    
Does Directory Proxy Server support secure authentication and encryption?    
Does Directory Proxy Server work with any LDAP-enabled Directory Server?    
Is there a configuration utility available to configure Directory Proxy Server?    
Features    
Can Directory Proxy Server prevent denial-of-service attacks?    
Does Directory Proxy Server support "reverse" proxying?    
Can Directory Proxy Server prevent "trawling" of an LDAP directory?    
Does Directory Proxy Server automatically load balance queries?    
How many Directory Servers can one Directory Proxy Server load balance?    
Can search requests be filtered?    
Can search results be filtered?    
How are access groups defined?    
Does Directory Proxy Server support protected password authentication?    
Does Directory Proxy Server automatically follow referrals?    
Does Directory Proxy Server cache search result information?    
Can Directory Proxy Server rename attributes?    
Troubleshooting    
How can I analyze logs of connection attempts?    
I have configured Directory Proxy Server to follow referrals. However, when I perform a search with a LDAPv2 client I get error 32 (No such object) or some other error.    
I notice in the log files that some idle client connections are routinely failed over even though all my back-end servers are up.    
Is there a way to restrict search requests containing the presence filter?    
When I try to execute a task or perform some console function, I get an error message saying I need to make sure the Administration Server is running properly and that this host is permitted to connect to the Administration Server.    

Appendix C   Directory Proxy Server Startup Configuration File    
Configuration File Overview    
Startup Configuration Keywords    
configuration_url    
configuration_bind_dn    
configuration_bind_pw    
configuration_username    
sasl_bind_mechanism    

Appendix D   Command Reference    
dpsconfig2ldif    
dpsldif2config    
Pre-conditions    
Post-conditions    

Glossary    

Index    217


Copyright      Index      Next     

Part No: 817-7615-10.   Copyright 2005 Sun Microsystems, Inc. All rights reserved.