Chapter 5 Understanding Calendar Server Schema and Provisioning Options

Previous Contents Index Next
Sun Java System Calendar Server 6 2004Q2 Deployment Planning Guide

Chapter 5
Understanding Calendar Server Schema and Provisioning Options

This chapter describes the schema and provisioning options for Calendar Server. Because of the complexity in provisioning Calendar Server, you need to understand your options before installing the product.

This chapter contains the following sections:

Understanding Calendar Schema Choices

Understanding Calendar Server Provisioning Tools

Understanding Calendar Schema Choices

This section describes the two schema options that are available and supported with Calendar Server, and how to decide which to use.

Note

Refer to the Sun Java System Communications Services Schema Migration Guide for information on how to migrate from Sun Java System LDAP Schema version 1 to Sun Java System LDAP Schema version 2.

Support for installation and provisioning of Schema 1 will be deprecated and removed from future releases. However, customers with their own provisioning tools may continue to use LDAP Schema 1.

Deciding Which Schema to Use

Choosing the schema that’s right for your installation depends on your provisioning needs:

Are you integrating Calendar Server with other Java Enterprise System component products, such as Sun Java System Portal Server or Sun Java System Identity Server, which provides single sign-on capabilities?

If you answer Yes, then you must use Schema 2 Native Mode

Are you installing Calendar Server for the first time or are you upgrading from an older version?

If you are installing Calendar Server for the first time, use Schema 2 Native Mode

Do you plan to use either Sun Java System Identity Server CLI utilities for provisioning or single sign-on?

If you answer Yes, use Schema 2 Native or Compatibility Mode.

If you are upgrading from an older version of Calendar Server, you can either use Schema 1 or Schema 2 Native or Compatibility Mode

Do you want to use the Calendar Server csdomain utility for provisioning domains?

If you answer Yes, use Schema 2 Native or Compatibility Mode. If you don’t plan to use Identity Server 6.1 features or integrate Calendar Server with other Java Enterprise System products, use Schema 1.

If you don’t want to use either Sun Java System Identity Server or Calendar Server CLI utilities for provisioning, use can use either Schema 2 Native Mode for new installations, or Schema 1 or Schema 2 Compatibility Mode for existing Calendar Server installations.

LDAP Schema 1

LDAP Schema 1 is a provisioning schema that consists of both an Organization Tree and a DC Tree. This set of schema (at the time, it was simply called “schema”) was supported in previous Calendar Server 5.x versions.

When Calendar Server searches for user or group entries, it looks at the user‘s or group’s domain node in the DC Tree and extracts the value of the inetDomainBaseDN attribute. This attribute holds a DN reference to the organization subtree containing the actual user or group entry.

Only sites that have installed previous versions of Calendar Server should use Schema 1.

Note

Migrating to Schema 2 is imperative if you plan to install Calendar Server with other Sun Java System products in the future.

Supported Provisioning Tools

Schema 1 supports LDAP provisioning tools. For more information, see Understanding Calendar Server Provisioning Tools.

Schema 2 (Native Mode)

Schema 2 is a newly defined set of provisioning definitions that describes the types of information that can be stored as entries by using the Directory Server LDAP.

The native mode uses search templates to search the LDAP directory server. Once the domain is found by using the domain search template, the user or group search templates are used to find a specific user or group.

You should use native mode if you are installing Calendar Server for the first time and you do not have other applications on your machine that are dependent on a two-tree provisioning model. You should also use this mode if you want to install other products in the Java Enterprise System product suite.

If you have an existing Calendar Server 5.x installation that uses Schema 1, and you want to integrate Calendar Server with other Java Enterprise Server products, you should migrate your directory to Schema 2 after you upgrade to Calendar Server 6. Refer to the Sun Java System Communications Services Schema Migration Guide for information on how to migrate from LDAP Schema version 1 to LDAP Schema version 2.

Note

Schema 2 Native Mode is the recommended provisioning model for all Sun Java System products in the Java Enterprise System product suite.

Supported Provisioning Tools

Schema 2 supports Sun Java System Communications Services User Management Utility. For more information, see Understanding Calendar Server Provisioning Tools.

Schema 2 Compatibility Mode

Schema 2 compatibility mode is an interim mode between Schema 1 and Schema 2 native mode. Schema 2 compatibility mode supports both schemas and enables you to retain the existing two-tree design you already have. Schema 2 compatibility mode also assumes that you have installed Identity Server prior to installing Messaging Server.

Use Schema 2 Compatibility if you have existing applications that require Schema 1, but you also need functionality that requires Schema 2, for example, Identity Server, single sign-on, and so forth.

Note

Schema 2 compatibility mode is provided as a convenience in migrating to the Schema 2 Native mode. Do not use Schema 2 compatibility mode as your final schema choice. The migration process from Schema 1 to Schema 2 compatibility mode and then finally to Schema 2 native mode is more complex that simply migrating from Schema 1 to Schema 2 native mode. See the Sun Java System Communications Services Schema Migration Guide for more information.

Understanding Calendar Server Provisioning Tools

Through supported Calendar Server provisioning tools, you can query, modify, add, or delete user, group, and domain entry information in your LDAP directory. This section examines these Calendar Server provisioning tools.

In addition to the questions asked in Deciding Which Schema to Use, you should use Table 5-1 to evaluate your schema and provisioning tool options.

Note

Prior to installing and configuring Calendar Server, you need to decide upon a schema model and tool or tools for provisioning your Calendar Server entries.

The following sections provide high-level information about the supported provisioning tools:

LDAP Provisioning Tools

User Management Utility

Comparing Your Provisioning Tool Options

LDAP Provisioning Tools

Schema 1 users and groups can be provisioned using the LDAP Directory tools (Schema 2 is not supported). Unlike the Delegated Administrator graphical and command-line interfaces, you can directly provision users and groups by adding, removing, and modifying the LDIF records through LDAP without having to use a user interface.

User Management Utility

Sun Java System Identity Server uses Schema 2. Because the Sun Java System component products in the Java Enterprise System product suite use Schema 2, use the Communications Services 6 User Management Utility. This should particularly be the case if you are using more than one Java Enterprise System product, or if you are performing a brand new installation of Calendar Server.

Note

Even though you install Identity Server, there is no graphical user interface compatibility with Calendar Server. Therefore, to provision users and groups with an interface, you can only use the user management utility.

See the Sun Java System Communications Services User Management Utility Administration Guide for installation details.

Comparing Your Provisioning Tool Options

Table 5-1 shows the various supported schema, provisioning tools, provisioning limitations, and recommended documentation for additional information.

Table 5-1 Calendar Server Provisioning Mechanisms

Supported Provisioning Tool

Provisioning Tool Functionality

Provisioning Tool Limitations

For Further Information

LDAP Provisioning Tools

Uses: Schema 1

Provides tools to directly modify LDAP entries or for creating custom provisioning tools.

Incompatible with Sun Schema 2 and with other Java Enterprise System products.

Read the Sun ONE Calendar Server 5.2 Provisioning Guide and Sun ONE Messaging and Collaboration Schema Reference Manual.

Describes the Sun LDAP Schema 1 provisioning model.

In addition, these guides explain how to use LDAP provisioning tools and the usage of specific attributes and object classes.

User Management Utility

Uses: Schema 2

Provides a command-line interface for administrators to manage users, groups, domains, and mailing lists.

Compatible with other Java Enterprise System products.

Not backwardly compatible with Sun Schema 1.

No GUI provisioning tool to use with Sun Java System Identity Server

Sun Java System Identity Server must be installed to enable this command-line interface.

Read the Sun Java System Communications Services User Management Utility Administration Guide.

Provides syntax and usage for the command-line utility.

Previous Contents Index Next

Copyright 2004 Sun Microsystems, Inc. All rights reserved.


Note	Refer to the Sun Java System Communications Services Schema Migration Guide for information on how to migrate from Sun Java System LDAP Schema version 1 to Sun Java System LDAP Schema version 2. Support for installation and provisioning of Schema 1 will be deprecated and removed from future releases. However, customers with their own provisioning tools may continue to use LDAP Schema 1.


Note	Migrating to Schema 2 is imperative if you plan to install Calendar Server with other Sun Java System products in the future.


Note	Schema 2 Native Mode is the recommended provisioning model for all Sun Java System products in the Java Enterprise System product suite.


Note	Schema 2 compatibility mode is provided as a convenience in migrating to the Schema 2 Native mode. Do not use Schema 2 compatibility mode as your final schema choice. The migration process from Schema 1 to Schema 2 compatibility mode and then finally to Schema 2 native mode is more complex that simply migrating from Schema 1 to Schema 2 native mode. See the Sun Java System Communications Services Schema Migration Guide for more information.


Note	Prior to installing and configuring Calendar Server, you need to decide upon a schema model and tool or tools for provisioning your Calendar Server entries.


Note	Even though you install Identity Server, there is no graphical user interface compatibility with Calendar Server. Therefore, to provision users and groups with an interface, you can only use the user management utility.

Supported Provisioning Tool	Provisioning Tool Functionality	Provisioning Tool Limitations	For Further Information
LDAP Provisioning Tools Uses: Schema 1	Provides tools to directly modify LDAP entries or for creating custom provisioning tools.	Incompatible with Sun Schema 2 and with other Java Enterprise System products.	Read the Sun ONE Calendar Server 5.2 Provisioning Guide and Sun ONE Messaging and Collaboration Schema Reference Manual. Describes the Sun LDAP Schema 1 provisioning model. In addition, these guides explain how to use LDAP provisioning tools and the usage of specific attributes and object classes.
User Management Utility Uses: Schema 2	Provides a command-line interface for administrators to manage users, groups, domains, and mailing lists. Compatible with other Java Enterprise System products.	Not backwardly compatible with Sun Schema 1. No GUI provisioning tool to use with Sun Java System Identity Server Sun Java System Identity Server must be installed to enable this command-line interface.	Read the Sun Java System Communications Services User Management Utility Administration Guide. Provides syntax and usage for the command-line utility.