Presentation of the vdp-setup Window

The vdp-setup has a GUI that guides you through the installation and configuration of your Sun OpenDS Standard Edition proxy deployment.

The vdp-setup installation window is organized as follows:

• The left hand pane lists the steps of the setup process. When you choose the deployment type, the deployment sub-steps will change dynamically.

• The arrow on the left hand indicates the current step.

• The main area on the right is the action pane, where you define your deployment.

• At the bottom of the window you have the option to go back and forth (or quit) to modify and complete your installation.

Note - Your Sun OpenDS Standard Edition proxy is only complete when you reach the Finish step.

Figure 1

The Proxy Setup Window

To Configure Simple Load Balancing

1. To launch the GUI install, type:

   (Unix, Linux) $ vdp-setup
   (Windows) C:\> vdp-setup.bat

   The installation wizard is launched.

   ---

   Note - If you are installing Sun OpenDS Standard Edition proxy on Windows, you may have to update the java path.

   ---

2. On the Welcome panel, click Next.
3. On the License panel, select the checkbox to accept the license and click Next.
4. Enter the proxy server settings (name and port) and click Next.

   By default, the local hostname will be entered as the hostname, but this is an editable field. The ports are also predefined with an available port number. Make sure that you have the privileges on the port.

5. (Optional) If you want to configure a secure LDAP port (LDAPS), click on the Configure button.

   Use the Configure Secure Access window to configure LDAPS access to Sun OpenDS Standard Edition proxy. Figure 2 illustrates the Configure Secure Access panel of the vdp-setup GUI.

   ---

   Note - The PCKS #11 format is not supported in this release of Sun OpenDS Standard Edition proxy.

   ---

   If you do not already have an existing certificate, for testing purposes you can automatically generate a self-signed certificate by selecting the Generate Self-Signed Certificate button.

   If you have an existing certificate, select the Use an existing Certificate button and select the appropriate keystore type. Provide the location of the keystore and provide the keystore password, also known as the keystore PIN.

   Figure 2

   Configure Secure Access Panel of the vdp-setup GUI

   
6. Select the load balancing configuration from the Configuration Option drop-down menu.

   For a general presentation of different deployment scenarios possible using the Sun OpenDS Standard Edition proxy, see Chapter 6, Example Deployments Using the Proxy Server, in Sun OpenDS Standard Edition 2.2 Deployment Planning Guide.

   ---

   Note - If you select Configure later, only the server settings configured in the previous step will be setup. You will then have to use the CLI to configure your deployment.

   ---

7. Select the remote LDAP servers which holds the corresponding partitioned data.

   ---

   Note - For a load balancing configuration, your back-end LDAP servers should be replicated.

   ---

   • If you have Sun OpenDS Standard Edition directory servers or Sun Directory Server Enterprise Edition 7.0 servers installed:
     1. Click on Add Sun Servers.
     2. Select if you want to connect to Sun OpenDS Standard Edition servers or DSCC registry.
     3. Enter the LDAP hostname and port number.
        • If you choose Sun OpenDS, then enter the administrative credentials of one of the Sun OpenDS Standard Edition servers.

          The vdp-setup will discover and display all the replicated Sun OpenDS Standard Edition servers.

        • If you choose Sun DSEE, then enter the Directory Service Manager credentials of your DSCC registry.

          The vdp-setup will discover and display all the Sun Directory Server Enterprise Edition 7.0 server instances registered in the DSCC registry.

     4. Select if you want to use an LDAP connection or a secure connection (LDAPs).
     5. Enter the password of the server.
     6. Click Connect.
     7. Leave all Sun servers you want to use for your deployment selected.
     8. Click OK.
   • To enter the back-end LDAP server information manually:
     1. Click Add server.
     2. Enter the server name, port and security settings.

        ---

        Note - The security settings you set here will determine the security between the Sun OpenDS Standard Edition proxy and back-end LDAP servers. For more information on setting security options, see Configuring Security Between the Proxy and the Data Source in Sun OpenDS Standard Edition 2.2 Administration Guide.

        ---

     3. Click Add.
     4. Click Close once you have added all the remote LDAP servers required.
8. Choose the load balancing algorithm.
9. Set the load balancing algorithm properties:
   • For proportional, set the weight. Requests are distributed between the remote LDAP servers based on the weight indicated.

     For example, if you leave the default value of 1, then all servers will receive the same amount of requests.

     Once you have completed the vdp-setup installation, the weight can be set to a different value for each operation type. For more information, see Modifying Load Balancing Properties in Sun OpenDS Standard Edition 2.2 Administration Guide.

   • For failover, indicate the order in which the servers are used.

     The server will a value of 1 will be the main server. The other servers will only be used if there is a failure on the server with a priority of 1.

   • For saturation, set the order in which the servers are used as well as the saturation threshold of each server.

     Requests are sent to the server with the highest priority (1) until it reaches the threshold indicated. The saturation threshold is the rate at which the server is considered saturated, or full. Typically this limit should be set lower than 100%.

10. Enter the naming context.
    • If the remote LDAP servers are online, vdp-setup connects to them and displays the naming contexts available on the servers.
    • If no list of naming context is proposed, you will need to manually enter the DN of the naming context you want to use.

      For example, dc=example,dc=com

11. Check the summary page to ensure that the deployment corresponds to what you want.

    If you need to make any modifications, use the Previous button.

12. To view the commands that will be launched for your installation, select Show Commands.

    These commands are saved in a log file, in the logs folder. You can use these commands to run additional installations with similar deployment options later.

13. Click Finish to launch your deployment.

    ---

    Note - Once your installation is complete, you can use dsconfig in the command line if you want to modify the current installation. For more information, see Configuring the Server With dsconfig in Sun OpenDS Standard Edition 2.2 Administration Guide.

    ---

To Configure Simple Distribution

1. To launch the GUI install, type:

   (Unix, Linux) $ vdp-setup
   (Windows) C:\> vdp-setup.bat

   The installation wizard is launched.

   ---

   Note - If you are installing Sun OpenDS Standard Edition proxy on Windows, you may have to update the java path.

   ---

2. On the Welcome panel, click Next.
3. On the License panel, select the checkbox to accept the license and click Next.
4. Enter the proxy server settings (name and port) and click Next.

   By default, the local hostname will be entered as the hostname, but this is an editable field. The ports are also predefined with an available port number. Make sure that you have the privileges on the port.

5. (Optional) If you want to configure a secure LDAP port (LDAPS), click on the Configure button.

   Use the Configure Secure Access window to configure LDAPS access to Sun OpenDS Standard Edition proxy. Figure 2 illustrates the Configure Secure Access panel of the vdp-setup GUI.

   ---

   Note - The PCKS #11 format is not supported in this release of Sun OpenDS Standard Edition proxy.

   ---

   If you do not already have an existing certificate, for testing purposes you can automatically generate a self-signed certificate by selecting the Generate Self-Signed Certificate button.

   If you have an existing certificate, select the Use an existing Certificate button and select the appropriate keystore type. Provide the location of the keystore and provide the keystore password, also known as the keystore PIN.

   Figure 3

   Configure Secure Access Panel of the vdp-setup GUI

   
6. Select the distribution configuration from the Configuration Option drop-down menu.

   For a general presentation of different deployment scenarios possible using the Sun OpenDS Standard Edition proxy, see Deciding Your Proxy Deployment Type in Sun OpenDS Standard Edition 2.2 Deployment Planning Guide.

   ---

   Note - If you select Configure later, only the server settings configured in the previous step will be setup. You will then have to use the CLI to configure your deployment.

   ---

7. Select the number of partitions on which the data is separated.

   For the example distribution scenario, select two partitions.

8. Define how the data distribution will be done.
   1. Enter the naming context.

      For example,dc=example,dc=com.

   2. Enter the distribution base DN.

      For example, ou=people. The distribution base DN is the level after which the distribution requests apply.

   3. Enter the distribution attribute.

      For example,uid.

9. Select the type of distribution algorithm and define the boundaries of each partition:

   If you use the Set Default Boundaries button, the vdp-setup will set default boundaries, which may not correspond to your deployment. However, this may be useful for test purposes.

   ---

   Note - You cannot set a distribution using DN pattern with the vdp-setup GUI. For more information on creating a distribution using DN pattern match, see Creating a dnpattern Distribution Partition in Sun OpenDS Standard Edition 2.2 Administration Guide.

   ---

   • For numeric, set numeric boundaries for each partition.

     For example, for partition 1, From=0, To=1000. This means that uids between 0 and 1000 will be sent to partition 1.

   • For lexico, set the alphabetic boundaries for each partition.

     For example, for partition 1, From=A, To=K. This means that uids with values between A and K will be sent to partition 1.

   ---

   Note - The upper boundary is exclusive. That is, if you set the upper boundary to 1000, only entries up to 999 will be distributed to that partition.

   If you leave one of the boundaries blank, this will be considered as unlimited. In other words, if you set the lower boundary to 1000 and the upper boundary to blank, the partition will include everything after 1000.

   ---

10. For each partition, select the remote LDAP server which holds the corresponding partitioned data.

    ---

    Note - If you add two servers for one partition, you must then set load balancing between these servers. This use case is explained in the example To Configure Distribution with Load Balancing.

    ---

    • If you have Sun OpenDS Standard Edition directory servers or Sun Directory Server Enterprise Edition 7.0 servers installed:
      1. Click on Add Sun Servers.
      2. Select if you want to connect to Sun OpenDS servers or DSCC registry.
      3. Enter the LDAP hostname and port number.
         • If you choose Sun OpenDS, then enter the administrative credentials of one of the Sun OpenDS Standard Edition servers.

           The vdp-setup will discover and display all the replicated Sun OpenDS Standard Edition directory servers.

         • If you choose Sun DSEE, then enter the Directory Service Manager credentials of your DSCC registry.

           The vdp-setup will discover and display all the Sun Directory Server Enterprise Edition 7.0 server instances registered in the DSCC registry.

      4. Select if you want to use an LDAP connection or a secure connection (LDAPs).
      5. Enter the password of the server.
      6. Click Connect.
      7. Leave all Sun servers you want to use for your deployment selected.
      8. Click OK.
    • To enter the back-end LDAP server information manually:
      1. Click Add server.
      2. Enter the server name, port and security settings.

         ---

         Note - The security settings you set here will determine the security between the Sun OpenDS Standard Edition proxy and remote servers. For more information on setting security options, see Configuring Security Between the Proxy and the Data Source in Sun OpenDS Standard Edition 2.2 Administration Guide.

         ---

      3. Click Add.
      4. Click Close once you have added all the LDAP servers required.
11. To configure a global index, see Creating Global Index Catalogs Using vdp-setup.

    Global indexes are optional. For more information on configuring and using global indexes, see Configuring the Global Index in Sun OpenDS Standard Edition 2.2 Administration Guide.

12. Check the summary page to ensure that the deployment corresponds to what you want.

    If you need to make any modifications, use the Previous button.

13. To view the commands that will be launched for your installation, select Show Commands.

    These commands are saved in a log file, in the logs folder. You can use these commands to run additional installations with similar deployment options later.

14. Click Finish to launch your deployment.

    ---

    Note - Once your installation is complete, you can use dsconfig in the command line if you want to modify the current installation. For more information, see Configuring the Server With dsconfig in Sun OpenDS Standard Edition 2.2 Administration Guide.

    ---