Index Documentation Resources Next |
Managing Servers With iPlanet Console |
Contents
About This GuideWhat's in This Guide
Conventions Used in This Guide
Viewing This Guide OnlineTo View This Manual From iPlanet Console or Administration Server
Getting Additional Help
To View This Manual From Another Product
To Get Context-Sensitive Help
To Search this Guide's Index
To Open the Product Homepage
Part 1 Overview of iPlanet Console
Chapter 1 iPlanet Console and Administration Server
Chapter 2 Installing iPlanet Servers and ConsoleThe Setup Program
Installing a New Server
Upgrading to Version 5.0
Directory Server Must Be Installed First
Installation Modes
Administration Server Is Required in Each Server Root
Express
Installing iPlanet Console as a Stand-Alone Application
Typical
Custom
To Install iPlanet Console as a Stand-Alone Application on UNIX System
To Install iPlanet Console as a Stand-Alone Application on Windows NT Systems
Upgrading Administration Server and Console
Silent Installation
To Upgrade on UNIX Systems
Upgrading a Stand-Alone Version of iPlanet Console
To Upgrade on Windows NT Systems
To Upgrade a Stand-Alone Version of iPlanet Console on UNIX Systems
To Upgrade a Stand-Alone Version of iPlanet Console on Windows NT Systems
Performing a Silent Installation
Uninstallation
To Save Your Installation Answers
To Perform a Silent Installation
Uninstalling an iPlanet Server
To Uninstall an iPlanet Server on UNIX Systems
Silent Uninstallation
To Uninstall an iPlanet Server on Windows NT Systems
To Perform a Silent Uninstallation on UNIX Systems
To Perform a Silent Uninstallation on Windows NT Systems
Part 2 iPlanet Console Basics
Chapter 3 Using iPlanet ConsoleStarting iPlanet Console and Logging In
Starting iPlanet Console
A Tour of iPlanet Console
To Start iPlanet Console on UNIX Systems
Logging In to iPlanet Console With a User Name and Password
To Start iPlanet Console on Windows NT Systems
To Log in to iPlanet Console With a User Name and Password
Logging In to iPlanet Console Using Client Authentication
To Request and Install a New Client Certificate
To Make Your Client Certificate Available to iPlanet Console on UNIX Systems
To Make Your Client Certificate Available to iPlanet Console on Windows NT
To Establish a Secure Connection With an Instance of Administration Server
iPlanet Console Menus
Customizing iPlanet Console
iPlanet Console Tabs
The Servers and Applications Tab
The Administration Domain
To Create an Administration Domain
To Modify an Administration Domain
To Remove an Administration Domain
Storing Display Settings
Administration Express
To Change Where Display Settings Are Stored
Setting Display Fonts
To Reset Display Settings to Their Default Values
To Create a Font Profile
Customizing the Main Window
To Edit an Existing Font Profile
To Rename a Font Profile
To Use a Font Profile
To Remove a Font Profile
To Customize the Main Window
Customizing Tables
To Change Column Position in a Table
Creating Custom Views of the Navigation Tree
To Change the Width of Columns in a Table
To Create a Custom View of the Navigation Tree
Working With Custom Views
To Switch to a Custom View
To Edit a Custom View
To Rename a Custom View
To Set Access Permissions for a Public View
To Delete a Custom View
Accessing Administration Express
To Open Administration Express
Using Administration Express
To Start or Stop a Server Instance From Administration Express
Setting the Refresh Rate for Administration Express
To View Basic Server Information From Administration Express
To View Access and Error Logs From Administration Express
To Set the Refresh Rate for Administration Express
Chapter 4 Servers in iPlanet ConsoleWorking With Earlier Netscape Servers
Adding a Pre-4.0 Server to the Tree
Working With iPlanet Servers
To Add a Pre-4.0 Server to the Navigation Tree
Migrating from a Pre-4.0 Server to a Newer Server
To Migrate From a Pre-4.0 Server to a Newer Version
Opening a Server Management Window
To Open an iPlanet Server Management Window
Creating a New Server Instance
To Create a New Server Instance
Modifying Host, Server Group, and Instance Information
To Modify Host, Server Group, and Instance Information
Cloning a Server
To Clone Server Settings to Another Server
Removing a Server Instance
To Remove a Server Instance
Uninstalling an iPlanet Server
Merging Configuration Data From Two Directory Servers
To Merge Configuration Data From Two Directory Servers
Chapter 5 User and Group AdministrationInteracting with Directory Server
Using Distinguished Names
Creating New Directory Entries
Distinguished Names, Attributes, and Syntax
Distinguished Names
Locating a User or Group in the Directory
Attributes
DN and Attribute Guidelines and Syntax
To Locate Users or Groups in the Directory
Choosing a Different Directory to Search
To Change the Directory to Search
Users
Modifying Existing Directory Entries
To Create a New User Entry in the Directory
Administrators
The User's Preferred Language
To Create an Administrator
Specifying Windows NT and UNIX Systems Options
To Enable Windows NT and UNIX Systems Panels for an Individual User
Groups
To Enable Windows NT and UNIX Systems Panels for All New Users
To Set Windows NT and UNIX Systems Options and Attributes for a New User
To Create a Static Group in the Directory
Organizational Units
To Add Users to the Configuration Administrators Group
To Create a Dynamic Group
To Create a Certificate Group
To Create a New Organizational Unit
Updating User and Group Entries
To Edit a User or Group Entry in the Directory
To Change a User Password
To Change the Configuration Administrator's User Name or Password
To Change the Administration Server Administrator's User Name or Password
To Remove a User, Group, or Organizational Unit From the Directory
Part 3 Using iPlanet Administration Server
Chapter 6 Administration Server BasicsRestarting Administration Server
To Restart the Server From iPlanet Console
Stopping Administration Server
To Restart the Server From the Command Line
UNIX Systems
To Restart the Server From the NT Control Panel
Windows NT Systems
To Stop the Server From iPlanet Console
Logging Options
To Stop the Server From the Command Line
UNIX Systems
To Stop the Server From the NT Control Panel
Windows NT Systems
To View the Access Log
The iPlanet Administration Page
To View the Error Log
To Change Where Logs Are Stored
To Access the Administration Page
Chapter 7 Administration Server ConfigurationNetwork Settings
To Configure Network Settings
Access Settings
To Set Administration Server Access Settings
Encryption Settings
To Request and Install a Certificate for Administration Server
Directory Settings
To Activate SSL on Administration Server
The Configuration Directory
Changing the Host or Port Number
To Change the Host or Port Number
The User Directory
User Directory Settings
User Authentication and Directory Failover Support
Changing User Directory Settings for a Domain
To Change the User Directory Settings for a Domain
To Change User Directory Settings for a Server Group
Chapter 8 Administration Server Command-Line Toolsadmconfi
Syntax
admin_ip.p
Options
Tasks and Their Arguments
Examples
Usage
ldapsearch, ldapmodify, and ldapdelet
sec-activatSyntax
sec-migrat
Example
Syntax
moduti
Syntax
Tasks and Options
Usage
JAR Information File
JAR Information File Syntax
Examples of Using modutil
Part 4 Advanced Server ManagementOverview of Access Control
Examples of Access Control
Setting Access Permissions For Servers
To Set Access Permissions for a Server in the Navigation Tree
Working With Access Control Instructions
What's in an ACI
Target
Using the ACI Manager and ACI Editor
Permissions
Bind Rules
To Specify What You Want an ACI to Apply To
To Create a New ACI With the Visual ACI Editor
To Create a New ACI With the Manual ACI Editor
To Edit an Existing ACI With the ACI Editor
To Remove an ACI
Chapter 10 Using SSL and TLS with iPlanet ServersThe SSL and TLS Protocols
SSL and TLS Ciphers
Preparing to Use SSL and TLS Encryption
Choosing SSL and TLS Ciphers
Using External Security Devices
Obtaining and Installing a Server Certificate
Slots and Security Devices
To Install an External Security Device
To Remove an External PKCS #11 Module
SSL Certificates
Activating SSL
Preparing to Set Up SSL and TLS
Setting up SSL or TLS With an Internal Security Device
Generating a Server Certificate Request
Setting up SSL or TLS With an External Security Device
Setting Up SSL With Internal and External Security Devices
To Generate a Certificate Request
Sending a Server Certificate Request
To Send a Server Certificate Request as Email
Installing the Certificate
To Back Up a Certificate
Backing Up and Restoring Your Certificate Database
To Install a Server Certificate
To Install a CA Certificate or Server Certificate Chain
To Back Up Your Certificate Database
To Restore Your Certificate Database From a Backup
To Activate SSL on an iPlanet Server or a Netscape 4.x Server
Managing Server Certificates
Renewing a Certificate
Using Client Authentication
To Check a Certificate Expiration Date
Changing the CA Trust Options
To Generate a Certificate Renewal Request
To Change the CA Trust Options
Changing Security Device Passwords
To Change a Security Device Password
Managing Certificate Lists
To Obtain a CRL or CKL From a CA
To View, Add, or Delete a CRL or CKL
How Client Authentication Works
Preparing to Use Client Authentication
The certmap.conf File
DNComps
Editing the certmap.conf File
FilterComps
VerifyCert
CmapLdapAttr
Library
InitFn
Custom Properties
To Edit the certmap.conf File
Example certmap.conf Mappings
Example of a Default Mapping
Using Client Authentication Between Servers
Example of an Additional Mapping
Example of a Mapping With an Attribute Search
To Set Up Client Authentication Between Servers
Client Authentication for Users
To Set Up Client Authentication for Users
Chapter 11 Using SNMP to Monitor ServersSNMP Basics
How SNMP Works
Setting Up SNMP on UNIX Systems
iPlanet MIBs
The Administration Server MIB
Types of SNMP Messages
Network Management Station-Initiated Communication
Server-Initiated Communication
Using a Proxy SNMP Agent on UNIX SystemsInstalling and Starting the Proxy SNMP Agent
Reconfiguring a Native Agent on UNIX Systems
To Install the SNMP Proxy Agent
To Start the SNMP Proxy Agent
To Restart the Native Agent
Configuring the Master Agent on UNIX SystemsCommunity Strings
Starting the Master Agent on UNIX Systems
Trap Destinations
Configuring the Master Agent using iPlanet Console
To Add, Edit, or Remove a Community String using iPlanet Console
Manually Configuring the Master Agent
To Add, Edit, or Remove a Trap Destination
To Configure the Master SNMP Agent Manually
Editing the Master Agent Config File
Defining sysContact and sysLocation Variables
Starting the Agent Using iPlanet Console
Enabling the Subagent on UNIX Systems
To Start the Master Agent Using iPlanet Console
Starting the Agent From the Command Line
To Start the Agent on the Standard Port
To Start the Agent on a Non-Standard Port Using the Config File
To Start the Agent on a Non-Standard Port Using System Services
Using the Windows NT SNMP ServiceTo Set Up SNMP on Windows NT Systems
Part 5 AppendixesHow It Works
How Fortezza Crypto Cards Are Certified
Fortezza Keys, Certificates, and EncryptionCRLs and CKLs
Enabling Fortezza
Encryption Algorithms
SKIPJACK
SSL Protocol
RC4 Encryption
NULL Encryption
To Enable Fortezza on Administration Server
Appendix B Introduction to Public-Key CryptographyInternet Security Issues
Encryption and DecryptionSymmetric-Key Encryption
Digital Signatures
Public-Key Encryption
Key Length and Encryption Strength
Certificates and AuthenticationA Certificate Identifies Someone or Something
Managing Certificates
Authentication Confirms an Identity
Password-Based Authentication
How Certificates Are Used
Certificate-Based Authentication
Types of Certificates
Contents of a Certificate
SSL Protocol
Signed and Encrypted Email
Form Signing
Single Sign-On
Object Signing
Distinguished Names
How CA Certificates Are Used to Establish Trust
A Typical Certificate
CA Hierarchies
Certificate Chains
Verifying a Certificate Chain
Issuing Certificates
Certificates and the LDAP Directory
Key Management
Renewing and Revoking Certificates
Registration Authorities
Appendix C Introduction to SSLThe SSL Protocol
Glossary
Ciphers Used With SSLCipher Suites With RSA Key Exchange
The SSL Handshake
Fortezza Cipher Suites
Server Authentication
Man-in-the-Middle Attack
Client Authentication
Index
Index Documentation Resources Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.