Bookshelf Home | Contents | Index | PDF     

Siebel Installation Guide for UNIX > Requirements for Installing and Configuring Siebel Business Applications > Requirements for Installing and Configuring Siebel Enterprise Server Components >

Requirements for Siebel Gateway Name Server Authentication

This topic is part of Requirements for Installing and Configuring Siebel Enterprise Server Components.

Before you configure any Siebel Enterprise Server software, review the requirements associated with authentication for access to the Siebel Gateway Name Server. Authentication applies to access using Siebel Configuration Wizards or Siebel Server Manager.

Note the following requirements:

  • When you initially configure the Siebel Enterprise (after installing and configuring the Siebel Gateway Name Server), you propagate settings to the Siebel Gateway Name Server that specify authentication settings. Siebel Gateway Name Server authentication uses Siebel security adapters, which are discussed in detail in Siebel Security Guide.
  • Database authentication is the default Siebel Gateway Name Server authentication method. LDAP, ADSI, or custom methods are also supported, but additional configuration is required. You must use database authentication for your initial Siebel Server configuration.
  • The user account that you use for Siebel Gateway Name Server authentication must have the same privileges as the Siebel administrator account created during the Siebel installation process; these privileges are required to connect to the Siebel Gateway Name Server. You can choose to use the Siebel administrator account for Siebel Gateway Name Server authentication, or you can create a new database user account, ensuring that you assign it the same level of rights and privileges as the Siebel administrator account. For more information about requirements for this account, see Siebel Security Guide.
  • If you do not have an existing Siebel database, then you must install an instance of Siebel Server and Siebel Database Configuration Utilities on the same computer where you install the Siebel Gateway Name Server. You can select all three options to install together. In this scenario, you must configure the installed modules in the sequence shown in Figure 2. Note in particular that you must install the Siebel database before you can configure the Siebel Server.

    NOTE:  After you install the Siebel database, you can optionally configure and deploy the Siebel Server that you installed with Siebel database Configuration Utilities. Or, you can skip configuring this Siebel Server and instead install and configure a Siebel Server on one or more other computers.

  • If you already have a Siebel database, such as in an upgrade scenario, then you do not install the Siebel database before you configure the Siebel Server. In this scenario, you do not have to install Siebel Server and Database Configuration Utilities on the same computer with the Siebel Gateway Name Server. For a general illustration of this scenario, see Figure 3.
  • After you configure the Siebel Gateway Name Server and the Siebel Enterprise, users doing subsequent Configuration Wizard tasks that require Siebel Gateway Name Server authentication, or using Server Manager, must enter Siebel administrator user credentials that are valid for the authentication method in use.

    Configuration Wizard tasks subject to Siebel Gateway Name Server authentication include configuring the Siebel Server, configuring a Siebel Enterprise (after initial configuration), modifying a Siebel Enterprise, and removing an existing Siebel Enterprise or Siebel Server.

    For more information about using Server Manager, see Siebel System Administration Guide.

  • When you propagate authentication settings to the Siebel Gateway Name Server, these settings are written to the gateway.cfg file, which is located in the bin subdirectory in the Siebel Gateway Name Server installation. Security adapter configuration data stored in this file corresponds to the configuration settings that apply to the Siebel Enterprise, which are stored on the Siebel Gateway Name Server itself (in the siebns.dat file).
  • If you want to use LDAP, ADSI, or a custom authentication method for the Siebel Gateway Name Server, then you can configure this method as part of the Configuration Wizard tasks for creating or modifying the Siebel Enterprise. However, although the wizard configures the security adapter, it does not enable it (for the Siebel Enterprise or for the Siebel Gateway Name Server).

    To enable an authentication method, edit the gateway.cfg file on the Siebel Gateway Name Server and specify appropriate values for the SecAdptMode and SecAdptName parameters in the section [InfraSecMgr]. Use similar values to those described in Siebel Security Guide. After editing this file, you restart the Siebel Gateway Name Server. For this scenario, make these configuration changes after your initial configuration of the first Siebel Server.

  • Additional parameters in the gateway.cfg file include:
    • NSAdminRole, which is set to Siebel Administrator by default. This parameter defines the role that is required to access the Siebel Gateway Name Server.
    • EnableAuditTrail, which is set to False by default. When this is set to True, most accesses to the Siebel Gateway Name Server are logged, including login operations, writes, modifications, and deletions (simple reads are not logged). When this parameter is False, only failed login attempts are logged. The audit trail is in the file nameserver_audit.log, which is located in the bin subdirectory of the Siebel Gateway Name Server installation directory.
  • If you want to configure a second Siebel Enterprise on the same Siebel Gateway Name Server, then do not check the option to propagate authentication settings to the Siebel Gateway Name Server when prompted. Otherwise, your settings will overwrite the existing settings.
    
Siebel Installation Guide for UNIX Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices.