Sun ONE logo     Previous      Contents      Index      Next     
Sun ONE Directory Proxy server Installation Guide



Chapter 1   Preparing for Installation

Before you begin installing Directory Proxy Server we recommend that you have an understanding of the various Directory Proxy Server components and the design and configuration decisions you need to make.

To help you prepare for your Directory Proxy Server installation, you should be familiar with the concepts contained in the following sections:

The Sun ONE Directory Server Deployment Guide contains basic directory concepts as well as guidelines to help you design and successfully deploy your directory service. Be sure you understand the concepts presented in this manual before proceeding with the installation process.


Note

Both the Administration Server and Directory Proxy Server requires that an instance of Sun ONE Directory Server 5.2 or higher is already installed and accessible on the network. The Directory Server serves as the Directory Proxy Server configuration repository.

Installation Components

Directory Proxy Server contains the following software components:

  • Sun ONE Console—Sun ONE Console provides the common user interface for all Sun ONE directory-related server products. From it you can perform common server administration functions such as stopping and starting servers and managing user and group information. Sun ONE Console can be installed as a standalone application on any machine. You can also install it on your network and use it to manage remote servers.

  • Sun ONE Administration Server—Sun ONE Administration Server is a common front-end to many Sun ONE servers. It receives communications from Sun ONE Console and passes those communications on to the appropriate Sun ONE server. Your site will have at least one Administration Server for each server root in which you have installed an Sun ONE server.

  • Sun ONE Directory Proxy Server—An LDAP gateway that routes requests from the client to Directory Server(s). Directory Proxy Server runs as a daemon process (UNIX system) or as a service (Windows system).

Configuration Decisions

During Directory Proxy Server installation, you are prompted for basic configuration information. Decide how you are going to configure these basic parameters before you begin the installation process. You are prompted for some or all of following information, depending on the type of installation that you decide to perform:

Choosing Unique Port Numbers

Port numbers can be any number from 1 to 65535. Keep the following in mind when choosing a port number for your Directory Proxy Server:

  • The standard Directory Proxy Server (LDAP) port number is 389.

  • Port 636 is reserved for LDAP over SSL. Therefore, do not use port number 636 for your standard LDAP installation, even if 636 is not already in use. You can also use LDAP over TLS on the standard LDAP port.

  • Port numbers between 1 and 1024 have been assigned to various services by the Internet Assigned Numbers Authority. Do not use port numbers below 1024 other than 389 or 636 for directory services as they will conflict with other services.

  • On UNIX platforms, Directory Proxy Server must be run as root if it will listen on ports less than 1024.

  • Make sure the ports you choose are not already in use. Additionally, if you are using both LDAP and LDAPS communications, make sure the port numbers chosen for these two types of access are not identical.

  • When migrating from an earlier version, and the installation to be migrated is on the same host, make sure you do not have port conflicts. Upon migration your port number becomes the one you set in the previous version of Directory Access Router.

For information on how to set up LDAP over SSL (LDAPS) for Directory Proxy Server, check the Directory Proxy Server Administrator's Guide.

Selecting a New Server Root

Your server root is the directory where you install your Sun ONE servers. The server root must meet the following requirements:

  • The server root must be a directory on a local disk drive; you cannot use a networked drive for installation purposes. The file sharing protocols such as AFS, NFS, and SMB do not provide suitable performance for use by Directory Proxy Server's logging.

  • The server root must not be the server root of an old instance of Directory Access Router.

  • The server root directory must not be the same as the directory from which you are running the installer program.

By default, the server root directory is one of the following:

  • /var/Sun/mps (on UNIX systems)

  • C:\Program Files\Sun\MPS (on Windows systems)

Defining Authentication Entities

As you install Directory Proxy Server, you are asked for a Configuration Directory Administrator ID and password.

The configuration directory administrator is the person responsible for managing all the Sun ONE servers accessible through Sun ONE Console. If you log in with this user ID, then you can administer any Sun ONE server that you can see in the server topology area of Sun ONE Console.

For security, the configuration directory administrator should not be the same as the directory manager. The default configuration directory administrator ID is admin.

Determining the Location of the Configuration Directory

Many Sun ONE servers, including Directory Proxy Server, use an instance of Sun ONE Directory Server to store configuration information. This information is stored in the o=NetscapeRoot directory tree. Your configuration directory is the Directory Server that contains the o=NetscapeRoot tree used by your Sun ONE servers.

For ease of upgrades, you should use a Directory Server instance that is dedicated to supporting the o=NetscapeRoot tree; this instance should perform no other function with regard to managing your enterprise's directory data.

Because the configuration directory normally experiences very little traffic, you can allow its server instance to coexist on a machine with an Directory Proxy Server instance. However, for very large sites that are installing a large number of Sun ONE servers, you may want to dedicate a low-end machine to the configuration directory so as to not hurt the performance of your other production servers.

Also, as with any directory installation, consider replicating the configuration directory to increase availability and reliability. See the Sun ONE Directory Server Deployment Guide for information on using replication and DNS round robins to increase directory availability.


Caution

Corrupting the configuration directory tree can result in the necessity of reinstalling all other Sun ONE servers that are registered in that configuration directory. Remember the following guidelines when dealing with the configuration directory:

Always back up your configuration directory after you install a new Sun ONE server.

Never change the host name or port number used by the configuration directory.

Never directly modify the configuration directory tree. Only the installer program for the various Sun ONE servers should ever modify the configuration.

Installation Process Overview

You can use one of several installation processes to install Directory Proxy Server. Each one guides you through the installation process and ensures that you install the various components in the correct order.

The following sections outline the installation processes available, how to upgrade from an earlier release of Directory Proxy Server, and how to unpack the software to prepare for installation.

Selecting an Installation Process

You can install Directory Proxy Server software using one of the two installation methods provided in the installer program:

  • Typical Installation. Use this if you are performing a normal install of Directory Proxy Server. Typical installation is described in Chapter 3 "Installation."

  • Silent Installation. Use this if you want to script your installation process. This is especially useful for installing multiple consumer servers around your enterprise. Silent install is described in Chapter 4 "Silent Installation."

Unpacking the Software

If you have obtained Directory Proxy Server software from the Sun ONE web site, you will need to unpack it before beginning installation.

  1. Create a new directory for the installation:

    2. # mkdir dps

    # cd dps

  2. Download the product binaries file to the installation directory.

  3. On a UNIX system, unpack the product binaries file using the following command:

    4. # gzip -dc file_name.tar.gz | tar -xvf -

    where file_name corresponds to the product binaries that you want to unpack.

    On a Windows system, unzip the product binaries.

Installation Privileges

On Linux and Solaris systems, you may install using root or any valid login. However, if you install as root and choose to run the server on a port below 1024, then non-root users will not be able to start the server.

On Windows systems, you must run the installation as administrator.

Previous      Contents      Index      Next     
Copyright 2003 Sun Microsystems, Inc. All rights reserved.