| Index DocHome Next |
| iPlanet Web Server, Enterprise Edition Administrator's Guide |
Contents
About This GuideWhat's In This Guide?
How This Guide Is Organized
Server Basics
Conventions Used In This Guide
Using the Administration Server
Configuring, Monitoring, and Performance Tuning
Managing Virtual Servers and Services
Appendixes
Using the iPlanet Web Server Documentation
Further Reading
Contacting Technical Support
Part 1 Server Basics
Chapter 1 Introduction to iPlanet Web ServeriPlanet Web Server
iPlanet Web Server Features
iPlanet Web Server Architecture
Administering and Managing iPlanet Web Servers
Content Engines
iPlanet Web Server Configuration
Server Extensions
Runtime Environments
Application Services
iPlanet Web Server Component Options
Administration Server
iPlanet Web Server Configuration Files
Dynamic Reconfiguration
Single-Server Configuration
All Platforms
Virtual Server Configuration
Unix and Linux Platforms
Multiple-Server Configuration
Server Manager
Using the Resource Picker
Class Manager
Wildcards Used in the Resource Picker
Virtual Server Manager
Chapter 2 Administering iPlanet Web ServersAccessing the Administration Server
Unix/Linux Platforms
Running Multiple Servers
Windows NT Platforms
Virtual Servers
Removing a Server
Installing Multiple Instances of the Server
Migrating a Server From a Previous Version
Part 2 Using the Administration Server
Chapter 3 Setting Administration PreferencesShutting Down the Administration Server
Editing Listen Socket Settings
Changing the User Account (Unix/Linux)
Changing the Superuser Settings
Allowing Multiple Administrators
Specifying Log File Options
Viewing Log Files
Configuring Directory Services
The Access Log File
Archiving Log Files
The Error Log File
Using Cron-based Log Rotation (Unix/Linux)
Restricting Server Access
Configuring JRE/JDK Paths
Chapter 4 Managing Users and GroupsUsing LDAP to Manage Users and Groups
Understanding Distinguished Names (DNs)
Creating Users
Using LDIF
Guidelines for Creating User Entries
Managing Users
How to Create a New User Entry
Directory Server User Entries
Finding User Information
Creating Groups
Building Custom Search Queries
Editing User Information
Managing a User's Password
Managing User Licenses
Renaming Users
Removing Users
Static Groups
Managing Groups
Guidelines for Creating Static Groups
Dynamic Groups
To Create a Static Group
How iPlanet Web Server Implements Dynamic Groups
Groups Can Be Static and Dynamic
Dynamic Group Impact on Server Performance
Guidelines for Creating Dynamic Groups
To Create a Dynamic Group
Finding Group Entries
Creating Organizational Units
The "Find all groups whose" Field
Editing Group Attributes
Adding Group Members
Adding Groups to the Group Members List
Removing Entries from the Group Members List
Managing Owners
Managing See Alsos
Removing Groups
Renaming Groups
Managing Organizational Units
Finding Organizational Units
Managing a Preferred Language List
The "Find all units whose" Field
Editing Organizational Unit Attributes
Renaming Organizational Units
Deleting Organizational Units
Chapter 5 Securing Your Web ServerRequiring Authentication
Using Certificates for Authentication
Creating a Trust Database
Server Authentication
Client Authentication
Virtual Server Certificates
Creating a Trust Database
Using password.conf
Requesting and Installing a VeriSign Certificate
Start an SSL-enabled Server Automatically
Requesting a VeriSign Certificate
Requesting and Installing Other Server Certificates
Installing a VeriSign Certificate
Required CA Information
Migrating Certificates When You Upgrade
Requesting Other Server Certificates
Installing Other Server Certificates
Installing a Certificate
Migrating a Certificate
Using the Built-in Root Certificate Module
Managing Certificates
Installing and Managing CRLs and CKLs
Installing a CRL or CKL
Setting Security Preferences
Managing CRLs and CKLs
SSL and TLS Protocols
Using External Encryption Modules
Using SSL to Communicate with LDAP
Enabling Security for Connection Groups
Turning Security On
Configuring Security Globally
Selecting a Server Certificate for a Connection Group
Selecting Ciphers
SSLSessionTimeout
SSLCacheEntries
SSL3SessionTimeout
Installing the PKCS#11Module
Setting Client Security Requirements
Using modutil to Install a PKCS#11 Module
FIPS-140 Standard
Using pk12util
Selecting the Certificate Name for a Connection Group
Requiring Client Authentication
Setting Stronger Ciphers
To Require Client Authentication
Mapping Client Certificates to LDAP
Using the certmap.conf File
Creating Custom Properties
Sample Mappings
Considering Additional Security Issues
Limit Physical Access
Limit Administration Access
Choosing Solid Passwords
Creating Hard-to-Crack Passwords
Changing Passwords or PINs
Changing Passwords
Limiting Other Applications on the Server
Unix and Linux
Preventing Clients from Caching SSL Files
Windows NT
Limiting Ports
Knowing Your Server's Limits
Making Additional Changes to Protect Servers
Specifying chroot for a Virtual Server Class
Specifying chroot for a Virtual Server
Chapter 6 Managing Server ClustersAbout Clusters
Guidelines for Using Server Clusters
Setting Up a Cluster
Adding a Server to a Cluster
Modifying Server Information
Removing Servers from a Cluster
Controlling Server Clusters
Adding Variables
Part 3 Configuring, Monitoring, and Performance Tuning
Chapter 7 Configuring Server PreferencesStarting and Stopping the Server
Setting the Termination Timeout
Tuning Your Server for Performance
Restarting the Server (Unix/Linux)
Starting SSL-enabled Servers Automatically
Restarting the Server (Windows NT)
Restarting With Inittab (Unix/Linux)
Restarting With the System RC Scripts (Unix/Linux)
Restarting the Server Manually (Unix/Linux)
Stopping the Server Manually (Unix/Linux)
Using the Automatic Restart Utility (Windows NT)
Editing the magnus.conf File
Adding and Editing Listen Sockets
Choosing MIME Types
Restricting Access
Restoring Configuration Settings
Configuring the File Cache
Adding and Using Thread Pools
The Native Thread Pool and Generic Thread Pools (Windows NT)
Thread Pools (Unix/Linux)
Editing Thread Pools
Using Thread Pools
Chapter 8 Controlling Access to Your ServerWhat Is Access Control?
Setting Access Control for User-Group
How Access Control Works
Default Authentication
Setting Access Control for Host-IP
Basic Authentication
SSL Authentication
Digest Authentication
Other Authentication
Using Access Control Files
Configuring the ACL User Cache
Setting Access Control
Setting Access Control Globally
Selecting Access Control Options
Setting Access Control for a Server Instance
Setting the Action
Limiting Access to Areas of Your Server
Specifying Users and Groups
Specifying the From Host
Restricting Access to Programs
Setting Access Rights
Writing Customized Expressions
Turning Off Access Control
Responding When Access is Denied
Restricting Access to the Entire Server
Working with Dynamic Access Control Files
Restricting Access to a Directory (Path)
Restricting Access to a URI (Path)
Restricting Access to a File Type
Restricting Access Based on Time of Day
Restricting Access Based on Security
Using .htaccess Files
Controlling Access for Virtual Servers
Enabling .htaccess from the User Interface
Supported .htaccess Directives
Enabling .htaccess from magnus.conf
Converting Existing .nsconfig Files to .htaccess Files
Using htaccess-register
Example of an .htaccess File
allow
deny
AuthGroupFile
AuthUserFile
AuthName
AuthType
<Limit>
<LimitExcept>
order
require
.htaccess Security Considerations
Accessing Databases from Virtual Servers
Specifying LDAP Databases in the User Interface
Editing Access Control Lists for Virtual Servers
Chapter 9 Using Log FilesAbout Log Files
Viewing an Access Log File
Viewing the Error Log File
Archiving Log Files
Internal-daemon Log Rotation
Setting Log Preferences
Cron-based Log Rotation
Easy Cookie Logging
Running the Log Analyzer
Viewing Events (Windows NT)
Chapter 10 Monitoring ServersMonitoring the Server Using Statistics
Enabling Statistics
Using Quality of Service
Using Statistics
Quality of Service Example
SNMP Basics
Setting Up Quality of Service
Required Changes to obj.conf
Known Limitations to Quality of Service
The iPlanet Web Server MIB
Setting Up SNMP
Using a Proxy SNMP Agent (Unix/Linux)
Installing the Proxy SNMP Agent
Reconfiguring the SNMP Native Agent
Starting the Proxy SNMP Agent
Restarting the Native SNMP Daemon
Installing the SNMP Master Agent
Enabling and Starting the SNMP Master Agent
Starting the Master Agent on Another Port
Configuring the SNMP Master Agent
Manually Configuring the SNMP Master Agent
Editing the Master Agent CONFIG File
Defining sysContact and sysLocation Variables
Configuring the SNMP Master Agent
Starting the SNMP Master Agent
Manually Starting the SNMP Master Agent
Starting the SNMP Master Agent Using the Administration Server
Configuring the Community String
Enabling the Subagent
Configuring Trap Destinations
Understanding SNMP Messages
Chapter 11 Tuning Your Server for Performance
Chapter 12 Using SearchAbout Search
Configuring Text Search
Controlling Search Access
Indexing Your Documents
Mapping URLs
Eliminating Words from Search
Turning Search On or Off
Configuring the Search Parameters
Configuring Your Search Pattern Files
Configuring Files Manually
The Configuration Files
Adjusting the Maximum Number of Attributes
Restricting Memory for Indexing
Restricting Your Index File Size
About Collections
Performing a Search: The Basics
About Collection Attributes
Creating a New Collection
Configuring a Collection
Updating a Collection
Maintaining a Collection
Scheduling Regular Maintenance
Removing Scheduled Collection Maintenance
Search Home Page
Using the Query Operators
A Search Query
Guided Search
Advanced Search
The Search Results
Listing Matched Documents
Displaying Collection Contents
Sorting the Results
Displaying a Highlighted Document
Default Assumptions
Customizing the Search Interface
Search Rules
Angle Brackets
Determining Which Operators To Use
Combining Operators
Using Query Operators as Search Words
Canceling Stemming
Modifying Operators
Using Wildcards
Non-alphanumeric Characters
Dynamically Generated Headers and Footers
HTML Pattern Files
Search Function Syntax
URL Encodings
Using Pattern Variables
Required Search Arguments
User-defined Pattern Variables
Configuration File Variables
Macros and Generated Pattern Variables
Part 4 Managing Virtual Servers and Services
Chapter 13 Using Virtual ServersVirtual Servers Overview
Multiple Server Instances
Using iPlanet Web Server Features with Virtual Servers
Virtual Server Classes
The obj.conf File
Listen Sockets
Virtual Servers in a Class
The Default Class
Connection Groups
Virtual Servers
Types of Virtual Servers
Virtual Server Selection for Request Processing
IP-Address-Based Virtual Servers
URL-Host-Based Virtual Servers
Default Virtual Server
Document Root
Log Files
Migrating Virtual Servers from a Previous Release
Using SSL with Virtual Servers
Using the Virtual Server User Interface
Using Access Control with Virtual Servers
Using CGIs with Virtual Servers
Using Configuration Styles with Virtual Servers
The Class Manager
Setting Up Virtual Servers
The Virtual Server Manager
Using Variables
Dynamic Reconfiguration
Creating a Listen Socket
Allowing Users to Monitor Individual Virtual Servers
Creating a Connection Group
Creating a Virtual Server Class
Editing or Deleting a Virtual Server Class
Specifying Services Associated with a Virtual Server Class
Creating a Virtual Server
Specifying Settings Associated with a Virtual Server
Access Control
Deploying Virtual Servers
Log Files
Example 1: Default Configuration
Example 2: Secure Server
Example 3: Intranet Hosting
Example 4: Mass Hosting
Chapter 14 Creating and Configuring Virtual ServersCreating a Virtual Server
Editing Virtual Server Settings
Editing Using the Virtual Server Manager
Editing Using the Class Manager
Editing Virtual Server Settings
Deleting a Virtual Server
Configuring Virtual Server MIME Settings
Configuring Virtual Server ACL Settings
Configuring Virtual Server Security
Configuring Virtual Server Quality of Service Settings
Configuring Virtual Server Log Settings
Configuring Virtual Server Web Application Settings
Chapter 15 Extending Your Server With ProgramsOverview of Server-Side Programs
Types of Server-Side Applications That Run on the Server
Java Servlets and JavaServer Pages (JSP)
How Server-Side Applications Are Installed on the Server
Overview of Servlets and JavaServer Pages
Installing CGI Programs
What the Server Needs to Run Servlets and JSPs
Using the web-apps.xml File
Deploying a Web Application using wdeploy
For example:
Deploying Servlets and JSPs Not in Web Applications
Configuring JVM Attributes
Deleting Version Files
Overview of CGI
Installing Windows NT CGI Programs
Specifying a CGI Directory
Configuring Unique CGI Attributes for Each Software Virtual Server
Specifying CGI as a File Type
Downloading Executable Files
Overview of Windows NT CGI Programs
Installing Shell CGI Programs for Windows NT
Specifying a Windows NT CGI Directory
Specifying Windows NT CGI as a File Type
Overview of Shell CGI Programs for Windows NT
Using the Query Handler
Specifying a Shell CGI Directory (Windows NT)
Specifying Shell CGI as a File Type (Windows NT)
Chapter 16 Content ManagementSetting the Primary Document Directory
Setting Additional Document Directories
Customizing User Public Information Directories (Unix/Linux)
Restricting Content Publication
Enabling Remote File Manipulation
Loading the Entire Password File on Startup
Using Configuration Styles
Configuring Document Preferences
Setting the Document Preferences
Configuring URL Forwarding
Entering an Index Filename
Selecting Directory Indexing
Specifying a Server Home Page
Specifying a Default MIME Type
Parsing the Accept Language Header
Customizing Error Responses
Changing the Character Set
Setting the Document Footer
Using htaccess
Restricting Symbolic Links (Unix/Linux)
Setting up Server-Parsed HTML
Setting Cache Control Directives
Using Stronger Ciphers
Chapter 17 Applying Configuration StylesCreating a Configuration Style
Assigning a Configuration Style
Listing Configuration Style Assignments
Editing a Configuration Style
Removing a Configuration Style
Part 5 Appendixes
Appendix A Command Line UtilitiesFormatting LDIF Entries
Modifying Database Entries Using ldapmodify
HttpServerAdmin (Virtual Server Administration)
HttpServerAdmin Syntax
control Command
Options
create Command
Syntax
Parameters
Examples
Options
delete Command
Create Virtual Server Class
Create Connection Group
Create Listen Socket
Create Virtual Server
Options
list Command
Delete Class
Delete Connection Group
Delete Listen Socket
Delete Virtual Server
Syntax
Options
Example
Appendix B HyperText Transfer ProtocolAbout HyperText Transfer Protocol (HTTP)
Requests
Request Method
Responses
Request Header
Request Data
Status Code
Response Header
Response Data
Appendix C ACL File SyntaxACL File Syntax
Authentication Methods
Referencing ACL Files in obj.conf
Authorization Statements
Hierarchy of Authorization Statements
The Default ACL File
Attribute Expressions
Operators For Expressions
General Syntax Items
Appendix D Internationalized iPlanet Web ServerGeneral Information
Installing the Server
Search Information
Entering UTF-8 Data
File or Directory Names
Using the Accept Language Header
LDAP Users and Groups
Language Settings in Configuration Files
Character Sets
International Search
Using International Character Sets in Servlets
Searching in Japanese, and Korean
Query Operators
Document Formats
Searching in Japanese
Parameter Encoding Values
Auto
Posting to JSPs
None
utf8
Appendix E Server Extensions for Microsoft FrontPageOverview
Glossary
Types of FrontPage Webs
Downloading the Extensions
Domain Names and FrontPage Webs
Security Issues
Space Requirements
Installing FrontPage Server Extensions
Preliminary Tasks
Some Additional Considerations
Installing FrontPage Server Extensions on Windows NT Systems
Further Information
Installing FrontPage97 Server Extensions on Unix /Linux Systems
Installing FrontPage98 Server Extensions on Unix /Linux Systems
Installing FrontPage2000 Server Extensions on Unix /Linux Systems
Index
Index DocHome Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated May 10, 2001