Java ES solutions that use Directory Server can use either of two versions of a standard LDAP schema, which are known as Schema 1 and Schema 2. The user management specification for a solution specifies whether the solution uses Schema 1 or Schema 2. The configuration values in the installation plan ensure that the installation process creates the correct schema.
Schema 2 supports the use of Access Manager, and Access Manager's single sign-on to feature. If a solution uses single sign-on, it must use Schema 2.
The installation process configures the directory for the specified schema as follows:
To establish a Schema 1 directory, simply install Directory Server. Schema 1 is the default schema version.
To establish a Schema 2 directory, install Directory Server and Access Manager. Installing Access Manager modifies the directory and converts it to a Schema 2 directory.
If Directory Server and Access Manager are installed on one computer in one installer session, the directory is configured for Schema 2.
If the solution is distributed, Directory Server is installed first, on one computer. Access Manager is installed next, on a separate computer. Installer input values for the Access Manager installation specify the existing directory, and the directory's schema is modified.
Depending on the solution, the following procedures for extending the schema might be necessary:
If the solution uses Messaging Server and or Calendar Server, the installation process must apply some additional schema extensions with the Directory Preparation Tool. These extensions are applied before Messaging Server or Calendar Server is installed. They can be applied to either Schema 1 or Schema 2 directories. For more information on adding instructions for running the Directory Preparation Tool to an installation plan, see Messaging Server. The installation plan includes instructions for running Directory Preparation Tool.
If the solution uses Schema 2, the installation process must apply some additional schema extensions with Delegated Administrator to support Access Manager authentication and authorization for the messaging and calendar services. For an example of the commands that apply these schema extensions, see Chapter 7, User Management for the Evaluation Solution, in Sun Java Enterprise System 2005Q1 Deployment Example Series: Evaluation Scenario. The installation plan includes instructions for these schema extensions. These extensions are applied after Delegated Administrator is installed and configured, but before Delegated Administrator adds any user data. For more information on adding instructions for extending the schema to an installation plan, see Adding Procedures for Delegated Administrator to Your Installation Plan.
The LDAP schema specification identifies the schema used in the solution and any schema extensions required by the solution. The installation plan includes procedures that establish the correct schema and perform any specified schema extensions.