Chapter 2 Installation Notes

This chapter tells you where to download Directory Server Enterprise Edition software, and lists primary installation requirements.

This chapter includes the following sections:

• Support Services and Licenses

• What's New in Directory Server Enterprise Edition 6.3

• Getting the Software

• Hardware Requirements

• Operating System Requirements

• Software Dependency Requirements

• Installation Privileges and Credentials

• Installation Notes for Identity Synchronization for Windows

Support Services and Licenses

Before you start with the product installation, make sure you read the support and licensing information thoroughly.

Support Services

Sun Software Service Standard, Premium and Premium Plus plan offerings are available for Sun Java System Directory Server Enterprise Edition and can be purchased either through a Sun sales representative, an authorized Sun reseller, or online at http://www.sun.com/sales/index.jsp. These service plans include telephone and online technical support, on-demand software updates, online system administration resources, support notification services and one-stop interoperability assistance (Premium and Premium Plus plans only). In addition, the Premium Plus plan features a customer advocate and a customer-focused support team.

For complete feature set information, visit: http://www.sun.com/service/serviceplans/software/overview.xml

You may access the service lists describing all Sun service program offerings at: http://www.sun.com/servicelist

Licenses for Directory Server Enterprise Edition Managed Entries

Licenses are provided based on the number of entries you plan to manage using Directory Server Enterprise Edition. After a license is provided, you can replicate the entries as many times as required to get maximum flexibility out of your directory implementation. The only condition is that you do not change any of the replicated entries and store all of the replicated entries on the same operating system. If the replicated entries are stored on any other operating system, you must purchase a license for those entries.

Previous Solaris licences provided 200,000 free entries for Directory Server. In this case, the licences covered only the core directory server component, not the other Directory Server Enterprise Edition components. You can still purchase an upgrade from core directory server component to full Directory Server Enterprise Edition. To get support for those 200,000 Directory Server entries, a Software Service Plan for Directory Server can be purchased. The Solaris Service Plan does not cover those entries.

You can review the latest license for a given version of a product before downloading it from http://www.sun.com/software/products/directory_srvr_ee/get.jsp.

What's New in Directory Server Enterprise Edition 6.3

Directory Server Enterprise Edition 6.3 is a patch release that adds the following new features to the Directory Server Enterprise Edition 6.2 release:

• Improved performance for some specific deployments. For example, deletion of a suborganization is now faster after a restart of the Directory Server, (RFE 6522419).

• Support for the SuSE 10 operating system. See Operating System Requirements for details.

• Support for HP-UX 11.23 (PA-RISC). See Operating System Requirements for details.

• Increased flexibility and security for deployments, with the Directory Service Control Center registry allowing port change and listening on addresses defined by an IP address.

• Reduced disk space used, by purging replication metadata using a new purge-csn option in the dsadm command.

• Improved interoperability with other products through the Directory Proxy Server, with improved LDAP control support.

• The Directory Proxy Server allows bind operations to multiple data sources including Active Directory and to Sun Java System Directory Server. Bad password attempts now block users from multiple data sources, increasing security.

• Install the zip distribution as any user on Windows.

Getting the Software

You can download Sun Java System Directory Server Enterprise Edition 6.3 software from the following location.

http://www.sun.com/software/products/directory_srvr_ee/get.jsp

The download page serves as a starting point to direct you to the proper downloads depending on the distribution type you need to download. Directory Server Enterprise Edition 6.3 is available in the following distributions.

• Native package distribution

• Zip distribution

Identity Synchronization for Windows is not delivered in the Directory Server Enterprise Edition native package distribution.

Directory Server Enterprise Edition 6.3 is available in the following forms.

• Native patch – patches to upgrade Directory Server Enterprise Edition 6.0, 6.1 and 6.2 native packages installed using the Java ES installer.

• Zip based distribution – standalone delivery to install Directory Server Enterprise Edition 6.3 or upgrade Directory Server Enterprise Edition 6.0 and 6.1 and 6.2 zip installations.

---

Note –

The patch release for native installations of Directory Server Enterprise Edition 6.3 on the Microsoft Windows platform is now available. You can download the Directory Server Enterprise Edition 6.3 patch for Windows and upgrade your Directory Server Enterprise Edition installation.

To apply the Directory Server Enterprise Edition 6.3 patch on the native installations on Windows, the minimum required Windows installer version is 3.1.

---

For information on patch numbers, see Software Installation in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide.

For the detailed information on what you need to install based on your current installation, refer to the Installation Procedure Quick Reference in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide.

Hardware Requirements

This section covers hardware requirements for Directory Server Enterprise Edition component products.

• Directory Server Hardware Requirements

• Directory Proxy Server Hardware Requirements

• Identity Synchronization for Windows Hardware Requirements

• Directory Editor Hardware Requirements

Directory Server Hardware Requirements

Directory Server software requires the following hardware.

Component	Platform Requirement
RAM	1-2 GB for evaluation purposes  Minimum 2 GB for production servers
Local disk space	400 MB disk space for binaries. By default, binaries installed from native packages are placed in /opt on UNIX® systems. For evaluation purposes, an additional 2 GB local disk space for server software might be sufficient. If you are using Directory Server, consider that entries stored in Directory Server use local disk space. Directory Server does not support logs and databases installed on NFS-mounted file systems. Sufficient space should be provided for the database on a local file system in, for example, /var/opt or /local. For a typical production deployment with a maximum of 250,000 entries and no binary attributes such as photos, 4 GB might be sufficient. Directory Server may use more than 1.2 GB of disk space for its log files. This should be taken into account that 4 GB storage space is only for the databases, not the logs.  Directory Server supports SAN disk storage. Before using SAN disk, you need to understand the layout and the design of the disk because the write performance of the system is affected if many applications simultaneously access data from the same disk.

Directory Proxy Server Hardware Requirements

Directory Proxy Server software requires the following hardware.

Component	Platform Requirement
RAM	1-2 GB for evaluation purposes  Minimum 2GB for production servers
Local disk space	400 MB disk space for binaries. By default, binaries installed from native packages are placed in /opt on UNIX systems. For evaluation purposes, an additional 2 GB local disk space per server instance is sufficient to hold server logs when the default configuration is used.  Directory Proxy Server does not support installation on NFS-mounted file systems. Sufficient space should be provided for the instance, and for all files used by the instance on a local file system in, for example, /var/opt or /local.

Identity Synchronization for Windows Hardware Requirements

Identity Synchronization for Windows software requires the following hardware.

Component	Platform Requirement
RAM	512 MB for evaluation purposes wherever components are installed. More memory is preferred.
Local disk space	400 MB disk space for minimal installation alongside Directory Server.

Directory Editor Hardware Requirements

Make sure you read Chapter 6, Directory Editor Bugs Fixed and Known Problems in these release notes before you install Directory Editor.

Also, see the Directory Editor documentation at http://docs.sun.com/coll/DirEdit_05q1 for details.

Operating System Requirements

This section covers operating systems, patches and service packs required to support Directory Server Enterprise Edition component products.

Directory Server, Directory Proxy Server, and Directory Server Resource Kit Operating System Requirements

Directory Server, Directory Proxy Server, and Directory Server Resource Kit share the same operating system requirements. The Directory Server Enterprise Edition software has been validated with full installations of the operating systems listed here, not with reduced “base”, “End User”, or “core” installations. Certain operating systems require additional service packs or patches as shown in the following table.

Supported OS Versions for Directory Server, Directory Proxy Server, and Directory Server Resource Kit	Additional Required Software and Comments
Solaris 10 Operating System for SPARC®, 32-bit x86, Intel x64, and AMD x64 architectures	Patches: (SPARC) 118833, 119689, 119963, 122032, and 119254 or substitute patches, in addition to 127111 (x86/x64) 118855, 119964, 121208, 122033, and 119255 or substitute patches, in addition to 127954
Solaris 9 Operating System for SPARC and x86 architectures	Patches: (SPARC) 111711, 111712, 111722, 112874, 112963, 113225, 114344, 114370, 114371, 114372, and 114373 or substitute patches, in addition to 112960–56 or later. (x86) 111713, 111728, 113986, 114345, 114427, 114428, 114429, 114430, 114432, 116545, and 117172 or substitute patches, in addition to 114242–41 or later.
Red Hat Enterprise Linux Advanced Server AS and ES 3.0 Update 4 for x86 and AMD x64	No additional software is required. On 64–bit Red Hat systems, Directory Server runs in 32–bit mode but Directory Proxy Server runs in 64–bit mode.
Red Hat Enterprise Linux Advanced Server AS and ES 4.0 Update 2 for x86 and AMD x64	The following compatibility libraries are recommended:  compat-gcc-32-3.2.3-47.3.i386.rpm compat-gcc-32-c++-3.2.3-47.3.i386.rpm The following compatibility library is required:  compat-libstdc++-33-3.2.3-47.3.rpm Even when running Red Hat on a 64-bit system, 32-bit system libraries are installed.  These compatibility libraries are available from Red Hat media or https://www.redhat.com/rhn/rhndetails/update/. On 64–bit Red Hat systems, Directory Server runs in 32–bit mode but Directory Proxy Server runs in 64–bit mode.
SuSE Linux Enterprise Server 10 for x86 and AMD x64	Service Pack 1  Supported only for the zip distribution of Directory Server Enterprise Edition.  On 64–bit SuSE systems, Directory Server runs in 32–bit mode but Directory Proxy Server runs in 64–bit mode.
SuSE Linux Enterprise Server 9 for x86 and AMD x64	Service Pack 4  Supported only for the zip distribution of Directory Server Enterprise Edition.  On 64–bit SuSE systems, Directory Server runs in 32–bit mode but Directory Proxy Server runs in 64–bit mode.
Microsoft Windows 2000 Server	Service Pack 4
Microsoft Windows 2000 Advanced Server	Service Pack 4
Microsoft Windows 2003 Server Standard Edition	Service Pack 1
Microsoft Windows 2003 Server Enterprise Edition	Service Pack 1
Hewlett Packard HP-UX 11iV2	(11.23) PA-RISC 64–bit  Supported only for the zip distribution of Directory Server Enterprise Edition.

For all supported versions of Microsoft Windows, Directory Server and Directory Proxy Server run only in 32–bit mode, and the filesystem type must be NTFS.

To avoid downloading most individual patches, obtain Solaris patch clusters . To obtain Solaris patch clusters, follow these steps:

1. Go to the SunSolve patch page at http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage.

2. Click the Recommended Patch Clusters link.

3. Download the patch cluster for your Solaris OS and Java ES versions.

Note that installations on SuSE Linux Enterprise Server require you to reset several Java environment variables. See Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide for more details.

Identity Synchronization for Windows Operating System Requirements

Identity Synchronization for Windows components run on the operating system versions listed here. Certain operating systems require additional service packs or patches as shown in the following tables.

Supported OS Versions for Identity Synchronization for Windows	Additional Required Software and Comments
Solaris 10 Operating System for SPARC, x86, and AMD x64 architectures	Patches: (SPARC) 118833, 119689, 119963, 122032, and 119254 or substitute patches (x86/x64) 118855, 119964, 121208, 122033, and 119255 or substitute patches
Solaris 9 Operating System for SPARC and x86 architectures	Patches: (SPARC) 111711, 111712, 111722, 112874, 112963, 113225, 114344, 114370, 114371, 114372, and 114373 or substitute patches (x86) 111713, 111728, 113986, 114345, 114427, 114428, 114429, 114430, 114432, 116545, and 117172 or substitute patches
Red Hat Enterprise Linux Advanced Server 3.0 Update 4 for x86 and AMD x64	No additional software is required.
Red Hat Enterprise Linux Advanced Server 4.0 Update 2 for x86 and AMD x64	The following compatibility libraries are recommended:  compat-gcc-32-3.2.3-47.3.i386.rpm compat-gcc-32-c++-3.2.3-47.3.i386.rpm The following compatibility library is required:  compat-libstdc++-33-3.2.3-47.3.rpm Even when running Red Hat on a 64-bit system, 32-bit system libraries are installed.  These compatibility libraries are available from Red Hat media or https://www.redhat.com/rhn/rhndetails/update/.
Microsoft Windows 2000 Server	Service Pack 4
Microsoft Windows 2000 Advanced Server	Service Pack 4
Microsoft Windows 2003 Server Standard Edition	Service Pack 1
Microsoft Windows 2003 Server Enterprise Edition	Service Pack 1
Microsoft Windows NT 4.0 Server Primary Domain Controller, x86 architectures	Service Pack 6A

---

Note –

Identity Synchronization for Windows is not supported on SuSE or HP-UX systems.

---

Directory Editor Operating System Requirements

Make sure you read Chapter 6, Directory Editor Bugs Fixed and Known Problems in these release notes before you install Directory Editor.

Also, see the Directory Editor documentation at http://docs.sun.com/coll/DirEdit_05q1 for details.

Software Dependency Requirements

Directory Server relies on the Network Security Services, NSS, layer for cryptographic algorithms. NSS has been validated to work with the Sun cryptographic framework provided on Solaris 10 systems, which supports cryptographic acceleration devices.

On Microsoft Windows systems, Directory Server requires ActivePerl software to use account activation and manual schema replication commands. Directory Server Enterprise Edition does not provide ActivePerl. The dependency concerns the following commands.

• ns-accountstatus(1M)

• ns-activate(1M)

• ns-inactivate(1M)

• schema_push(1M)

On Microsoft Windows systems, you must disable the pop-up blocker to make Directory Service Control Center work properly.

The Directory Service Control Center supports the following application servers:

• Sun Java System Application Server 8.2.

• Tomcat 5.5.

For more information, see Installing Directory Service Control Center From Zip Distribution in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide.

Directory Proxy Server requires a Java runtime environment, JRE, version of at least 1.5.0_09 on Solaris, Red Hat and Windows systems. The zip distribution installs JRE. When you install from the zip distribution with the JAVA_HOME environment variable set, the Java runtime environment specified by JAVA_HOME is used. Ensure that the JAVA_HOME environment variable is set to use the Java 5 runtime environment, (Java 1.5). The Directory Proxy Server may hang on some systems when running in a Java 6 runtime environment, (Java 1.6).

Directory Proxy Server will work with any LDAPv3 compliant directory servers, but it is tested only with Sun Java System Directory Server.

For virtualization, Directory Proxy Server has been validated with the following JDBC data sources, using the drivers mentioned below. Though Directory Proxy Server works with all the JDBC 3 compliant drivers.

JDBC Data Source	JDBC Driver
DB2 v9	IBM DB2 JDBC Universal Driver Architecture   2.10.27
JavaDB 10.2.2.0	Apache Derby Network Client JDBC Driver   10.2.2.0
MySQL 5.0	MySQL-AB JDBC Driver   mysql-connector-java-5.0.4
Oracle 9i Database  Oracle 10g Database	Oracle JDBC driver   10.2.0.2.0

On Microsoft Windows systems, the dsee_deploy command cannot properly register software with the Common Agent Container, cacao, when you run the command from an MKS shell. This can occur when your MKS PATH does not include the system-drive:\system32 folder. Alternatively, run the command on the Microsoft Windows native command line.

On Solaris 10, rc.scripts are deprecated so commands like dsadm autostart are not supported. Instead use Solaris 10 Service Management Facility (SMF) to handle these types of requests. For example, dsadm enable-service. For more information on SMF, see the Solaris operating system documentation.

Before you can install Identity Synchronization for Windows, you must install the prerequisite Sun Java System software components, including JRE and Message Queue.

• No JRE is provided with Identity Synchronization for Windows.

  Identity Synchronization for Windows installer requires J2SE or JRE 1.5.0_09.

  Identity Synchronization for Windows requires JRE 1.5.0_09 on Windows NT.

• The Identity Synchronization for Windows bundle for this release includes Message Queue 3.6 with a license restricted in the context of Directory Server Enterprise Edition.

  When installing Identity Synchronization for Windows, you must specify the path to the version of Message Queue to use. The Identity Synchronization for Windows installation program then installs a required broker into Message Queue, so that Identity Synchronization for Windows can use Message Queue for synchronization.

  On Windows systems, Identity Synchronization for Windows supports only Message Queue 3.6. You therefore install Message Queue 3.6 provided with the Identity Synchronization for Windows bundle.

  Message Queue 3.7 is, however, installed as a Java Enterprise System shared component. On Windows systems by default you can therefore end up with both Message Queue 3.6 and Message Queue 3.7 installed. If you install Java Enterprise System components alongside Identity Synchronization for Windows on a Windows system, be sure Message Queue 3.7 is not selected.

On Windows systems, the JRE installed with Console and Administration Server does not include fixes for daylight savings time changes. You must apply fixes for daylight savings time changes after installation. To fix the JRE, use the tzupdater tool, described at http://java.sun.com/javase/tzupdater_README.html. The JRE to fix is found after installation under ServerRoot/bin/base/jre/ where you installed the Console and Administration Server.

Identity Synchronization for Windows Requirements in a Firewall Environment

You can run Identity Synchronization for Windows in a firewall environment. The following sections list the server ports that you must expose through the firewall.

Message Queue Requirements

By default, Message Queue uses dynamic ports for all services except for its port mapper. To access the Message Queue broker through a firewall, the broker should use fixed ports for all services.

After installing the core, you must set the imq.<service_name>.<protocol_type>.port broker configuration properties. Specifically, you must set the imq.ssljms.tls.port option. Refer to the Message Queue documentation for more information.

Installer Requirements

The Identity Synchronization for Windows installer must be able to communicate with the Directory Server acting as the configuration directory.

• If you are installing an Active Directory connector, the installer must be able to contact Active Directory’s LDAP port, 389.

• If you are installing a Directory Server connector or a Directory Server plug-in (subcomponent), the installer must be able to contact the Directory Server LDAP port, default 389.

Core Component Requirements

The Message Queue, system manager, and command line interface must be able to reach the Directory Server where the Identity Synchronization for Windows configuration is stored.

Console Requirements

The Identity Synchronization for Windows console must be able to reach the following:

• Active Directory over LDAP, port 389, or LDAPS, port 636

• Active Directory Global Catalog over LDAP, port 3268, or LDAPS, port 3269

• Each Directory Server over LDAP or LDAPS

• Administration Server

• Message Queue

Connector Requirements

All connectors must be able to communicate with Message Queue.

In addition, the following connector requirements must be met.

• The Active Directory connector must be able to access the Active Directory Domain Controller over LDAP, port 389, or LDAPS, port 636.

• The Directory Server connector must be able to access Directory Server instances over LDAP, default port 389, or LDAPS, default port 636.

Directory Server Plug-in Requirements in a Firewall Environment

Each Directory Server plug-in must be able to reach the Directory Server connector’s server port, which was chosen when the connector was installed. Plug-ins that run in Directory Server Master replicas must be able to connect to Active Directory’s LDAP, port 389, or LDAPS, port 636. The plug-ins that run in other Directory Server replicas must be able to reach the master Directory Server LDAP and LDAPS ports.

Supported Browsers for Directory Service Control Center

The following table displays the browsers for each operating system that supports Directory Service Control Center.

Operating System	Supported Browser
Solaris 10 and Solaris 9 (SPARC and x86)	NetscapeTM Communicator 7.1, MozillaTM 1.7.12, and Firefox 1.0.7, 1.5, and 2.0
Red Hat Linux 4, Red Hat Linux 3 and SuSE Linux	Mozilla 1.7.12 and Firefox 1.0.7, 1.5, and 2.0
Windows XP	Netscape Communicator 8.0.4, Microsoft Internet Explorer 6.0SP2, Mozilla 1.7.12, and Firefox 1.0.7, 1.5, and 2.0
Windows 2000/2003	Netscape Communicator 8.0.4, Microsoft Internet Explorer 6.0 SP1, Mozilla 1.7.12, and Firefox 1.0.7, 1.5, and 2.0

Installation Privileges and Credentials

This section covers privileges or credentials required for installation of Directory Server Enterprise Edition component products.

• Directory Server, Directory Proxy Server, Directory Service Control Center, and Directory Server Resource Kit Privileges

• Identity Synchronization for Windows Installation Privileges and Credentials

Directory Server, Directory Proxy Server, Directory Service Control Center, and Directory Server Resource Kit Privileges

You must have the following privileges when installing Directory Server, Directory Proxy Server, or Directory Service Control Center from the Java Enterprise System native package based distribution.

• On Solaris and Red Hat systems, you must install as root.

• On Windows systems, you must install as Administrator.

You can install Directory Server, Directory Proxy Server, and Directory Server Resource Kit from the zip distribution without special privileges. See the Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide for details.

Before You Upgrade

You must consider the following points before applying the Directory Server Enterprise Edition 6.3 patch.

• Native package based distribution. All Directory Server and Directory Proxy Server instances, including the DSCC registry, must be stopped before the Directory Server Enterprise Edition 6.3 patch is applied.

  If you apply the patch without stopping the server instances, the instances might crash the next time you restart them.

  ---

  Note –

  On Windows, the following dsadm command fails to stop the DSCC registry.

  dsadm.exe stop C:\Program Files\Sun\JavaES5\DSEE\var\dscc6\dcc\ads

  As a workaround, kill the bin_slapd.exe process using Task Manager and login as Administrator. You can now start and stop the DSCC registry successfully. The owner of the DSCC registry remains the same, that is, SYSTEM.

  For native package based distribution: after applying patches to upgrade Directory Server Enterprise Edition, you must restart Sun Web Console using the following command:

  # smcwebserver restart

  ---

  To use the localized console, apply the Directory Server Enterprise Edition 6.3 patch before the Directory Server Enterprise Edition 6.3 localized patch. Then run the following commands in the specified order.

  # dsccsetup console-unreg

  # dsccsetup console-reg

  For more information, see bug 6583131 in Known Directory Server Issues in 6.3.

• Zip based distribution. All Directory Server and Directory Proxy Server instances must be stopped before the Directory Server Enterprise Edition 6.3 zip distribution is applied on top of one of the applicable zip installations:

  • Directory Server Enterprise Edition 6.0

  • Directory Server Enterprise Edition 6.1

  • Directory Server Enterprise Edition 6.2

  This check is done by the dsee_deploy command itself, but is not performed on the Microsoft Windows 2000 platform. For more information, see 6660462 in Known Directory Server Issues in 6.3.

  If you apply the patch without stopping the server instances, the instances might crash the next time you restart them.

  Note that the patchzip is not applied to the Directory Service Control Center until you undeploy and then redeploy the WAR file. This requirement is related to bug 6583131 in Known Directory Server Issues in 6.3.

Upgrading Directory Server Enterprise Edition Native Distribution to version 6.3 on Windows

This section contains the procedure to upgrade the Directory Server Enterprise Edition native distribution to version 6.3 on Windows and to downgrade to the previous version.

To Upgrade Directory Server Enterprise Edition Native Distribution to version 6.3 on Windows

1. Upgrade Common Agent Container patch to the latest version using the following steps.

   1. Download the patch 126183–07 and check instructions in the patch README.

   2. Run the following commands in the same order as listed below:

      cacaoadm prepare-uninstall 126183–07.exe cacao-install-path\share\cacao_2\configure.bat cacao-install-path\share\cacao_2\bin\cacaoadm rebuild-dependencies

2. Upgrade the Directory Server Enterprise Edition installation to version 6.3.

   1. Stop all the running Directory Server and Directory Proxy Server instances.

   2. Stop the DSCC registry.

   3. Add patch 125311–07.

   4. Run the following commands:

      dsccsetup console-unreg dsccsetup console-reg

   5. Start Web console and Common Agent Container.

   6. Start the DSCC registry.

See Also

For more information, see Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide

Downgrading the Directory Server Enterprise Edition 6.3 Native Distribution on Windows

General information about the downgrade process can be found at Chapter 2, Uninstalling Directory Server Enterprise Edition 6.3, in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide. More precisely, to downgrade the Directory Server Enterprise Edition 6.3 native distribution on Windows, apply the following steps:

1. Downgrade the Directory Server Enterprise Edition 6.3 installation.

   1. Stop all the running Directory Server and Directory Proxy Server instances.

   2. Dismantle DSCC with the dsccsetup dismantle command.

   3. Double-click Uninstall_125311-07.bat to remove the patch. The Uninstall_125311-07.bat file is stored in the folder where the patch is saved.

2. Downgrade Common Agent Container. See the uninstallation steps in the 126183-07 patch README.

   1. Run the cacaoadm prepare-uninstall command.

   2. Double-click Uninstall_126183-07.bat to remove the patch.

Identity Synchronization for Windows Installation Privileges and Credentials

To install Identity Synchronization for Windows, you must provide credentials for the following.

• Configuration Directory Server.

• Directory Server being synchronized.

• Active Directory.

  See Installing Core in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide for details.

In addition, you must have the following privileges to install Identity Synchronization for Windows.

• On Solaris and Red Hat systems, you must install as root.

• On Windows systems, you must install as Administrator.

---

Note –

When you enter passwords by using the text-based installer, the program automatically masks the passwords so passwords are not echoed in the clear. The text-based installer is supported on Solaris and Red Hat systems only.

---

Installation Notes for Identity Synchronization for Windows

Before installing fresh bits of Identity Synchronization for Windows, be sure to read Chapter 4, Preparing for Installation, in Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide.

Using Windows 2003 Server and Identity Synchronization for Windows

On Windows 2003 Server, the default password policy enforces strict passwords, which is not the default password policy on Windows 2000.