Sun Java(TM) System Directory Server 5 2004Q2 Administration Guide |
Preface
The Directory Server Administration Guide describes the procedures you need to configure and maintain a directory service based on Directory Server. It includes the procedures for configuring all Directory Server features from the console and from the command line when appropriate.
This preface contains the following sections:
Before performing any of the tasks described in this guide, read the Directory Server Release Notes.
Who Should Read This GuideThis guide is intended for directory administrators.
The author of this guide assumes you are familiar with the following:
How This Guide Is OrganizedThis guide is divided into the following chapters:
Provides overview information about Directory Server, and the most basic tasks you need to start administering a directory service using the console.
Discusses how to use Directory Server Console and the LDAP command-line utilities to manage the contents of your directory. It also describes how attributes are stored with the optional attribute encryption feature, and how to access your directory using DSML.
Describes the directory tree, and its administration in terms of suffixes, subsuffixes, and chained suffixes. This chapter also outlines creating and administering directory tree elements using Directory Server Console and the command-line tools.
Outlines the tools provided for importing directory data in bulk, importing and exporting entire suffixes, making backups of all suffixes at once and restoring data from a backup.
Explains the advanced entry management functionality provided by groups, roles and class of service (CoS.)
Describes access control instructions (ACIs) that determine what permissions are granted to users who access the directory.
Outlines the tasks for user account management, including configuring password and account lockout policies, inactivating accounts or groups of users, and limiting system resources available to users.
Describes the tasks to be performed to set up various replication scenarios, including steps for configuring replication, replication over WAN and SSL, monitoring replication status, and solving replication conflicts.
Discusses how to extend the schema when the default directory schema is insufficient for your requirements.
Provides an overview of indexing functionality and describes how the various kinds of indexes are managed.
Provides an overview of the security mechanims available with Directory Server, and describes how each of these methods can be implemented and configured.
Describes how you can use pass-through authentication to administer user and configuration directories on separate instances of Directory Server.
Describes how to monitor Directory Server by configuring a logging policy and analyzing the status information maintained by the server.
Describes the Directory Server subagent that enables the server to be monitored by an SNMP manager application.
Describes the use of the UID uniqueness plug-in to ensure that the value of a given attribute is unique among all entries of the directory or of a subtree.
Provides basic troubleshooting information on installing Directory Server.
Provides instructions on using a Sun Crypto Accelerator board with Directory Server to enhance performance for connections using the Secure Sockets Layer (SSL) protocol with certificate-based authentication.
Provides the copyright notices of all third party elements of the software.
Using the DocumentationThe Directory Server manuals are available as online files in Portable Document Format (PDF) and Hypertext Markup Language (HTML) formats. Both formats are readable by assistive technologies for users with disabilities. The Sun documentation web site can be accessed here:
The Directory Server documentation set can be accessed here:
http://docs.sun.com/coll/DirectoryServer_04q2
Table 1 briefly describes each document in the set. The left column provides the name and Web location of each document. The right column describes the general contents of the document.
ConventionsTable 2 describes the typeface conventions used in this guide.
Table 3 describes placeholder conventions used in this guide.
Table 4 describes the symbol conventions used in this book.
Table 5 describes the shell prompt conventions used in this book.
Table 5 Shell Prompts
Shell
Prompt
C shell
machine-name%
C shell superuser
machine-name#
Bourne shell and Korn shell
$
Bourne shell and Korn shell superuser
#
Input and output of Directory Server commands are usually expressed using the LDAP Data Interchange Format (LDIF) [RFC 2849] . Lines are wrapped for readability.
Resources and Tools on the WebThe following location contains information about Java Enterprise System and its component products such as Directory Server:
http://wwws.sun.com/software/learnabout/enterprisesystem/index.html
Some supported platforms provide native tools for accessing Directory Server. For more tools useful when testing and maintaining LDAP directory servers, download the Sun Java System Directory Server Resource Kit (DSRK). This software is available at the following location:
http://wwws.sun.com/software/download/
Installation instructions and reference documentation for the DSRK tools is available in the Directory Server Resource Kit Tools Reference.
For developing directory client applications, you may also download the Sun Java System Directory SDK for C and the Sun Java System Directory SDK for Java from the same location.
Additionally, Java Naming and Directory Interface (JNDI) technology supports accessing Directory Server using LDAP and DSML v2 from Java applications. Information about JNDI is available from:
http://java.sun.com/products/jndi/
The JNDI Tutorial contains detailed descriptions and examples of how to use JNDI. It is available at:
http://java.sun.com/products/jndi/tutorial/
Third-party URLs are included in this document to provide additional, related information.
How to Report ProblemsIf you have problems with Directory Server, contact Sun customer support using one of the following mechanisms:
So that we can best assist you in resolving problems, please have the following information available when you contact support:
- Description of the problem, including the situation where the problem occurs and its impact on your operation
- Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
- Detailed steps on the methods you have used to reproduce the problem
- Any error logs or core dumps
Sun Welcomes Your CommentsSun is interested in improving its documentation and welcomes your comments and suggestions. Use the web-based form to provide feedback to Sun:
Please provide the full document title and part number in the appropriate fields. The part number is a seven-digit or nine-digit number that can be found on the title page of the book or at the top of the document. For example, the part number of this Administration Guide is 817-5221-05.