This section highlights key aspects of the administration framework you must understand before installing server software in a production environment. This section does not address the developer and performance tuning tools provided with Directory Server Resource Kit. You can install such tools independently of the administration framework.
Before you read this section, read Directory Server Enterprise Edition Administration Model in Sun Java System Directory Server Enterprise Edition 6.0 Deployment Planning Guide. In particular, consider the figure in that section which shows the network traffic flows. The figure shows network traffic flows between the configuration management tools, Directory Service Control Center (DSCC), dsconf(1M), and dpconf(1M), the local administration agents, and servers. The figure also shows communication between the local agents, the local command line tools, dsadm(1M) and dpadm(1M), and the servers that you manage.
Notice the command line management and monitoring tools, dsconf(1M) and dpconf(1M), require only LDAP access to the servers that you manage. LDAP traffic typically flows through the default ports, 389 for LDAP and 636 for secure LDAP using SSL. When you create servers as a non-root user, the default ports are 1389 for LDAP, and 1636 for secure LDAP using SSL.
By convention, only root can install software using reserved port numbers less than 1024. Solaris systems allow the administrator to permit non-root users to use privileged ports, using role-based access control (RBAC).
DSCC is a web application. DSCC runs inside the framework known as Sun Java Web Console. You typically install DSCC on only one system in your deployment. You then manage all your servers from that installation of DSCC. You access DSCC through a browser by going to the secure Java Web Console URL, which by default is https://hostname:6789.
DSCC requires LDAP access to the servers for online management operations. DSCC also requires Java Management Extension (JMX) access to agents installed alongside the servers. The agents perform server process management operations on behalf of DSCC, operations that cannot be performed through LDAP on a running server. You can then work through a browser to DSCC to create and to start new servers.
As part of the normal installation process, you install the local DSCC agents alongside server software. DSCC contacts the agents over the network using a specific port number. You must therefore either accept the default port number, 11162, or specify a different port number.
The agents run inside a common agent container on the server system. This common agent container provides its agents with a single external port for management applications. The common agent container also consolidates resources to save resources on systems where multiple local agents share the container. The common agent container is in fact the agent that listens for DSCC on the default port number, 11162, routing management traffic to other agents. DSCC thus communicates with local agents through the common agent container. For troubleshooting purposes, a common agent container can be managed independently using the cacaoadm command.
Each time that you install Directory Server Enterprise Edition software from the zip distribution, you also install an instance of the common agent container. Therefore, when you install multiple versions in parallel on the same host system, only one version can use the default port. You can install from the zip distribution where a common agent container instance already uses the default port. You must then specify a different port number for the additional common agent container instance.
Server software installation is a three stage process.
Install configuration management software.
During this stage, configuration management tools are installed. DSCC is also initialized.
As DSCC stores its configuration data in its own, private Directory Server instance, Directory Server is installed from native packages alongside DSCC.
Install server software on the systems where you plan to run server instances.
During this stage, server software, required libraries, local administration tools, and local agents are installed where server instances run.
At the close of this stage, no servers are running. Yet, all the software is in place to allow you to set up directory services.
Create and configure server instances on the systems.
During this stage, Directory Server and Directory Proxy Server instances are created. Instances are created either through a web browser with DSCC, or with the local administration tools that are installed alongside the server software. Server instances are then configured either through Directory Service Control Center or through the configuration management command line tools.
The first two stages are combined when you install everything on a single host system. DSCC nevertheless uses the local agents to perform certain operations on the servers. Thus, the local agents must still be installed in a local common agent container.