Configuring the Directory Server
Managing Administration Traffic to the Server
Accessing Administrative Suffixes
To Configure the Administration Connector
Configuring the Directory Server With dsconfig
Overview of the dsconfig Command
Using dsconfig in Interactive Mode
Configuring a Directory Server Instance
To Display the Properties of a Component
To Modify the Properties of a Component
To Modify the Values of a Multi-Valued Property
Configuring the Connection Handlers
To Display All Connection Handlers
Configuring the LDAP Connection Handler
To Control Which Clients Have LDAP Access to the Directory Server
Configuring the LDIF Connection Handler
To Enable the JMX Alert Handler Through the LDIF Connection Handler
Configuring the JMX Connection Handler
To Change the Port on Which the Server Listens for JMX Connections
Configuring Plug-Ins With dsconfig
Modifying the Plug-In Configuration
To Display the List of Plug-Ins
To Enable or Disable a Plug-In
To Display and Configure Plug-In Properties
To Configure Plug-In Invocation Order
Utilities That Can Schedule Tasks
Controlling Which Tasks Can Be Run
Scheduling and Configuring Tasks
To Configure Task Notification
To Configure Task Dependencies
Managing and Monitoring Scheduled Tasks
To Obtain Information About Scheduled Tasks
Managing the Directory Server With the Control Panel
To Specify the Trust Manager Provider and Trust Store Algorithm Used by the Control Panel
Configuring and Testing the DSML Gateway
Deploying the DSML Gateway in Apache Tomcat
Deploying the DSML Gateway in Glassfish
Deploying the DSML Gateway in Sun Java System Web Server 7
Confirming the DSML Gateway Deployment
Confirming the DSML Gateway Deployment with JXplorer
Confirming the DSML Gateway Deployment with the Directory Server Resource Kit
The administration connector is based on the LDAP protocol and uses LDAP over SSL by default. All command-line utilities that access the administrative suffixes use the administration connector. This includes the following commands:
backup
dsconfig
dsreplication
export-ldif
import-ldif
manage-account
manage-tasks
restore
status
stop-ds
uninstall
The administration connector is always present and enabled. You cannot disable or delete the connector using dsconfig, however, you can use dsconfig to manipulate the following properties of the connector:
listen-address. The address on which the directory server listens for administration traffic.
listen-port. The default port of the administration connector is 4444. You can change this port during setup if required. If you use the default port, you do not need to specify a port when running the administration commands (the default port is assumed). If you change the port, you must specify the new port when running the administration commands.
Security-related properties. Traffic using the administration connector is always secured. As with the LDAPS connection handler, the administration connector is configured with a self-signed certificate during server setup. This self-signed certificate is generated the first time the server is started. You can manage the administration connector certificate using external tools, such as keytool.
The security-related properties include the following:
ssl-cert-nickname
key-manager-provider
trust-manager-provider
When you run the administration commands, you are prompted as to how you want to trust the certificate. If you run the administration commands in non-interactive mode, you must specify the -X or --trustAll option to trust the certificate, otherwise the command will fail.