Chapter 3 Directory Server Tuning
You can run the tuning scripts to tune the Directory Server that supports Sun JavaTM System Access Manager for your deployment. Access Manager should use an existing Directory Server (local or remote) in non-exclusive mode.
Caution – If you are working with a production Directory Server or a Directory Server that has not been backed up (both the data and the configuration), it is recommended that you do not run the amtune-directory script in CHANGE mode to apply tuning changes.
After you run the amtune-directory script in REVIEW mode, review the tuning recommendations and apply them manually, if they meet your deployment needs.
Also, make sure you back up both your Directory Server data and configuration before you make any changes.
This chapter includes the following topics:
Directory Server Tuning Parameters
The following table describes the Directory Server tuning parameters in the amtune-env configuration file.
Table 3–1 Directory Server Tuning Parameters|
Parameter |
Description |
|---|---|
|
Generates a script to tune the Directory Server that supports Access Manager. Default: true |
|
|
Specifies the user ID of the Directory Manager. If your deployment uses a user ID other than the default value (cn=Directory Manager), you must set this parameter with that value. Default: cn=Directory Manager |
|
|
Specifies the location of the RAM disk. Default: /tmp |
|
|
Specifies the people container name for the default organization. This parameter is used to tune the LDAP authentication module's search base. It can be useful when there are no sub-organizations in the default organization. If this value is empty (""), tuning is skipped. Note: Along with appending the people container to the search base, the search scope will be modified to "OBJECT" level. The default search scope is "SUBTREE". Default: ""(empty) |
Directory Server Tuning Scripts
Running in REVIEW Mode
The amtune script and amtune-prepareDSTuner scripts do not actually tune Directory Server. However, you must run one of these scripts to generate the amtune-directory script, which you can then use to tune Directory Server.
-
Make sure that the following parameter is set in the amtune-env file:
AMTUNE_TUNE_DS=true
-
Run the amtune script or amtune-prepareDSTuner script. The script generates the following tar file:
/tmp/amtune-directory.tar
-
Copy the amtune-directory.tar file to a temporary location on the server that is running Directory Server.
-
Untar the amtune-directory.tar file in the temporary location.
-
In the amtune-directory script, make sure REVIEW mode is set:
AMTUNE_MODE="REVIEW"
-
Set these parameters, if you prefer a value other than the default (amtune):
-
DEBUG_FILE_PREFIX is a prefix that will be included with the timestamp to specify the filename of the log file where the script writes the recommended tuning changes.
-
DB_BACKUP_DIR_PREFIX is a prefix that will be included with the timestamp to specify the name of the Directory Server backup directory.
-
-
Run the amtune-directory script in REVIEW mode. For example:
# ./amtune-directory dirmanager_password
The dirmanager_password is the Directory Manager password.
-
Review the recommended tuning settings for Directory Server in the debug log file.
The script creates the log file in the debug directory specified by the com.iplanet.services.debug.directory parameter in the AMConfig.properties file. The default debug log file directory depends on your platform:
-
Solaris systems: /var/opt/SUNWam/debug
-
Linux systems: /var/opt/sun/identity/debug
-
Applying the Tuning Changes
Caution – If you are working with a production Directory Server or a Directory Server that has not been backed up (both the data and the configuration), it is recommended that you do not run the amtune-directory script in CHANGE mode to apply to the tuning changes. Review the tuning recommendations from REVIEW mode and apply the changes manually, if they meet your deployment needs.
Before making the tuning changes, the amtune-directory script stops and backs up Directory Server.
If you are working with a pilot or prototype Directory Server and you are sure you want to apply the tuning changes, follow these steps:
-
Back up both your Directory Server data and configuration.
-
Set the following parameter in the amtune-directory script:
AMTUNE_MODE="CHANGE"
-
Run the amtune-directory script in CHANGE mode. For example:
# ./amtune-directory dirmanager_password
The dirmanager_password is the Directory Manager password.
- © 2010, Oracle Corporation and/or its affiliates