Bookshelf Home | Contents | Index | PDF     

Security Guide for Siebel Business Applications > Security Adapter Authentication > Installing LDAP Client Software >

Installing the IBM LDAP Client and GSKit on AIX

This section describes different methods of installing the IBM LDAP Client and GSKit on AIX platforms.

The IBM LDAP Client and GSKit software are available from the Siebel network image. For instructions on how to create a Siebel network image, see Siebel Installation Guide for the operating system you are using.

NOTE:  After you install the content of ids510fp2refresh-aix-client-us.tar, examine the contents of the other tar files in AIXServer_AncillaryIBM_LDAP_5.1_Clientenu. These tar files contain patches that resolve various issues. The Readme file in each tar file describes the issue resolved and how to install the patch. Install a patch if required.

Installing with Console Mode (Interactive) on AIX

Use the procedures below to install the IBM LDAP Client and GSKit on AIX platforms using the interactive console mode. Separate procedures are provided for installing IBM LDAP Client and IBM GSKit.

To install IBM LDAP Client on AIX—console mode

  1. Log in as root.
  2. Navigate to the directory that contains the folder AIX/Server_Ancillary/IBM_LDAP_5.1_Client/enu.
  3. Copy the file ids510fp2refresh-aix-client-us.tar to an empty directory that has at least 50 MB of available space.
  4. Enter the following command:

    tar -xvf ids510fp2refresh-aix-client-us.tar

    The directory ids510fp2refresh-aix-client is created at the current location.

  5. Navigate to the directory ids510fp2refresh-aix-client.
  6. Enter the following command:

    installp -ld 'pwd' | grep ldap

    A list of installable software is displayed, such as:

    ldap.client.adt             5.1.0.0                    I  N usr

    ldap.client.rte             5.1.0.0                    I  N usr,root

    ldap.max_crypto_client.adt  5.1.0.0                    I  N usr

    ldap.max_crypto_client.rte  5.1.0.0                    I  N usr

  7. Install the required packages. Enter the following command:

    installp -acgXd 'pwd' ldap.*

    where:

    • -a stands for apply
    • -c stands for commit
    • -g installs prerequisites if necessary
    • -X increases the file system space if needed
    • -d stands for device

      When installation is complete, the system generates an installation summary.

  8. Verify that the Result column shows success for all loaded files. You can also verify that IBM Directory Server was installed successfully by typing the following at a command prompt:

    lslpp -L | grep ldap

    The output displayed lists all the filesets starting with ldap. This includes the client, html, and message filesets. For example:

    ldap.client.adt         5.1.0.0  C  F   IBM Directory SDK

    ldap.client.rte         5.1.0.0  C  F   IBM Directory Client Runtime

    ldap.max_crypto_client.adt

    ldap.max_crypto_client.rte

To install IBM GSKit on AIX—console mode

  1. Perform Step 1 through Step 5.
  2. Enter the following command:

    installp -ld 'pwd'/gskak.rte

    A list all of the installable IBM GSK packages is displayed.

    gskak.rte                   6.0.5.34                   I N usr

    #   AIX Certificate and SSL Base Runtime ACME Toolkit

  3. At the command prompt, install the required packages with the following command:

    installp -acgXd 'pwd'/gskak.rte gskak.rte

    where:

    -a stands for apply

    -c stands for commit

    -g installs prerequisites if necessary

    -X increases the file system space if needed

    -d stands for device

  4. When installation is complete, the system generates an installation summary. Verify that the Result column shows success for all loaded files. You can also verify that IBM LDAP Client was installed successfully by typing the following at a command prompt:

    lslpp -L | grep gsk

    The output lists all the filesets starting with gsk. For example:

    gskak.rte                 6.0.5.34    C     F    AIX Certificate and SSL Base

Installing with Unattended Mode (Noninteractive) on AIX

Use the procedure below to install the IBM LDAP Client and GSKit on AIX platforms using the unattended mode.

To install IBM LDAP Client and GSKit on AIX—unattended mode

  1. Log in as root.
  2. Navigate to the directory that contains the folder AIX/Server_Ancillary/IBM_LDAP_5.1_Client/enu.
  3. Copy the file ids510fp2refresh-aix-client-us.tar to an empty directory that has at least 50 MB of available space.
  4. Enter the following command:

    tar -xvf ids510fp2refresh-aix-client-us.tar

    The directory ids510fp2refresh-aix-client is created at the current location.

  5. Navigate to the directory ids510fp2refresh-aix-client.

  6. Enter the following command:

    installp -acgXd 'pwd' ldap.*

This will install both IBM LDAP Client and GSKit (because LDAP Client is a prerequisite of the GSKit).

Verifying Installation on AIX

Use the procedure below to verify that IBM LDAP Client and GSKit were successfully installed.

To verify installation on AIX

  1. Use lslpp to see if software is installed on the machine. Enter the following commands:

    lslpp -L|grep ldap

    lslpp -L|grep gsk

  2. Verify that /usr/ldap and /usr/opt/ibm/gskak exist.
  3. Verify that libibmldap.a exists under /usr/ldap/lib.
  4. Verify that libgsk6ssl.so exists under /usr/opt/ibm/gskak/lib.
  5. Verify that symbolic links to libibmldap.a and libgsk6ssl.so exist under /usr/lib.

Uninstalling on AIX

If you have installed IBM LDAP Client and GSKit, use the procedure below to uninstall these components.

To uninstall the IBM LDAP Client and GSKit on AIX

  1. Login as root.
  2. Enter the following commands:

    installp -u ldap.*

    installp -u gskak.rte

Troubleshooting IBM LDAP Client Installation on AIX

When installing the IBM LDAP Client on AIX, the following error messages may appear:

mkdir: 0653-358 Cannot create /home/ldap.

/home/ldap: The file system has read permission only.

chgrp: /home/ldap: A file or directory in the path name does not exist.

chown: /home/ldap: A file or directory in the path name does not exist.

cp: /home/ldap/.profile: A file or directory in the path name does not exist.

chmod: /home/ldap/.profile: A file or directory in the path name does not exist.

chgrp: /home/ldap/.profile: A file or directory in the path name does not exist.

chown: /home/ldap/.profile: A file or directory in the path name does not exist.

3004-721 Could not create user.

3004-703 Check "/usr/lib/security/mkuser.sys" file.

instal: Failed while executing the ldap.client.rte.pre_i script.

Solution: A user named ldap is created automatically during installation if this user does not already exist. Sometimes installation may fail because the ldap user cannot be created successfully. In such case, manually create the ldap user before installing the IBM LDAP Client.

    
Security Guide for Siebel Business Applications