Index     Next     
iPlanet Portal Server Administration Guide



Contents


Preface
Who Should Use This Book
How This Manual Is Organized
Related Books
Accessing Sun Documentation Online
Typographic Conventions
Shell Prompts in Command Examples
Chapter 1 Introducing iPlanet Portal Server 3.0
What is a Portal?
Features of the iPlanet Portal Server
Administering iPlanet Portal Server
Getting Information for Administering iPlanet Portal Server
Using the iPlanet Portal Server Desktop From a Remote Client
Where to Go Next
iPlanet Portal Server Components
Introducing the Server
Introducing the Profile Server
Introducing the Gateway
Choosing a Firewall
Basic iPlanet Portal Server Installation
Structure of the iPlanet Portal Server Role Tree
Root Level
Domain Role-User Attributes
Inheritance in the Role Tree
Domain Level
Inheritance at the Domain Level
Role Level
Inheritance at the Role Level
User Level
Inheritance at the User Level
Introducing the Administration Console
Logging in to the Administration Console
How the Administration Console is Organized
Main Screen Task Frame
Content Frame
Moving Through the Administration Console Content Pages
Navigating Through the Administration Console
Screen Shortcuts
Using the Search Link
Interacting With The Administration Console
Modifying Information in the Contents Frame
Processing Changes to the Profile Server
Managing Customized Attributes
Chapter 2 Creating A Multi-Domain Portal
Overview
Creating a Business to Consumer Portal
Creating the Business To Consumer Domain
Enabling Self-Registration Using the Membership Module
Verifying User Self Registration Authentication and Self-registered User Role Placement
Specifying URL Access Policy For the Customer Role
Verifying URL Access Policy From the Desktop
Disabling Access To an Application and Other Secure Providers
Verifying Disabled Application Access
Creating a Business to Employee Portal
Creating the Business To Employee Domain
Enabling UNIX Authentication
Verifying UNIX Authentication at Desktop Log In Screen
Setting Up a Virtual VPN for the Employee Domain
Verifying Netlet Service on Port 8143
Denying Access to a URL and an Application for a Role
Verifying Denied Access to Engineer User to URL and Application
Customizing the Desktop With a Welcome Message
Verifying the Customized Desktop Welcome Message
Setting Up a Delegated Administrator
Adding a New Role
Assigning Admin Privileges to the New Role
Adding a New User for the Admin Role
Managing Roles and Users
Move Users
Delete Users
Delete a Role
Chapter 3 Configuring The Desktop
Adding a Custom Application Provider
Copying the Class File
Adding the Channel to the Available Channels List
Adding the Channel to a Desktop
Configuring an Available Channel
Specifying Column Layout
Additional Channel Display Attributes
Setting Desktop Colors and Content
Specifying a Custom Name and Logo for the Portal Home Page
Introducing The Channel Wizard
Chapter 4 Configuring Membership
Overview
Functionality
User Types
Screens
User Data
Components
Customization
Look and Feel
Content
Function
Membership Module Requirements
Chapter 5 Configuring Policy
Overview
Configuring Policy
To Configure Policy at the Domain, Role, and User Levels
Policy Details
Using Lists and Checkboxes
Applications Policy
Desktop Policy
Logging Policy
NetFile Policy
Netlet Policy
Platform Policy
Session Policy
S/Key Generation Policy
User Policy
Miscellaneous
ADMIN and USER Permissions
Chapter 6 Managing Authentication
Overview of iPlanet Portal Server Authentication
Default Authentication Methods
Common Authentication Tasks
Files Used for Authentication
How the Users Experience the Authentication Process
Setting Up User Authentication for a Multiple Domain Portal
Requiring the User to Type a Domain Name
Using a Virtual Host Name for the Gateway
Managing Authentication Attributes
To Define Platform-Wide Authentication Attributes
To Define Domain-Specific Authentication Attributes
Setting Up Authentication for Users
Configuring Authentication for Administrators
Configuring S/Key Authentication
S/Key Password Generation
Authentication Using the LDAP Server
Security
Which LDAP Server to Use?
Configuring LDAP Authentication
Configuring Personal Digital Certificates (PDCs) and Encoded Devices Authentication
Managing PDC Attributes
Configuring Windows NT Primary Domain Controller Authentication
Configuring SafeWord Authentication
Viewing or Changing SafeWord Attributes
Configuring SecurID Authentication
Viewing or Changing SecurID Attributes
Configuring RADIUS Authentication
Viewing or Changing RADIUS Attributes
Configuring UNIX Authentication
Customizing Authentication on Your Portal
Editing the Properties Files
Adding or Removing Modules From the Menu
Adding or Removing an Authentication Module from the Platform
Changing the Look of Authentication Modules on a Per-Domain Basis
To Customize an Authentication Module on a Per-Domain Basis
Authentication Helpers (daemons)
Platform-wide Authentication Attributes
Authentication Attributes at the Domain Level
Authentication Attributes at the Role or User Level
Chapter 7 Configuring The Netlet
Providing Secure Applications Through the Netlet
Requirements for the Netlet
How the Netlet Works
What Is Involved in Configuring the Netlet?
Writing Netlet Rules
Syntax of Netlet Rules
Ports Used by iPlanet Portal Server
Sample Netlet Rules
Basic Static Rule
Static Rule With Multiple Target Hosts
Dynamic Rule That Invokes a URL
Dynamic Rule That Downloads an Applet
Configuring Netlet Profiles in the Role Tree
To Configure a Netlet Profile for a Domain
To Set Permissions for the Netlet
To Configure a Netlet Profile for a Role or Users
To Delete a Netlet Rule
To Modify an Existing Rule
Configuring Netlet Privileges for the Role Tree
To Define Netlet Policies for a Domain
To Define Netlet Policies for a Role
To Define Netlet Policies for a User
Rules for Predefined Netlet Applications
Client Specifications and Examples
Configuring Client Software
Integrating Applet Clients
Integrating Non-Applet Clients
Configuring Lotus Notes
Writing a Netlet Rule for the Lotus Notes Web Client
Writing a Netlet Rule for the Lotus Notes (non-Web) Client
Writing Netlet Rules for Stand-Alone Email Clients to an IMAP or an SMTP Server
Configuring the Netscape Mail Client
Accessing Netscape Mail
Configuring Netlet for Use With Microsoft Outlook and Exchange Server
End User Access to Microsoft Exchange Server
Chapter 8 Configuring the Gateway
Configuring Web Proxies
Configuring the Web Proxies Used To Contact the Profile Service
Configuring the Web Proxies for the Server and All Other Machines
Using Virtual IP and DNS Names
Using One Gateway Name
Multi-hosting or Multiple Gateway Names
Configuring the Rewriter
Rewriting HTML Attributes
Rewriting Form Input Tags List
Rewriting HTML Attributes Containing JavaScript
Rewriting JavaScript Function Parameters
Rewriting JavaScript Variables in URLs
Rewriting JavaScript Variables Function
Rewriting JavaScript Function Parameters in HTML
Rewriting JavaScript Variables in HTML
Rewriting Applet Parameter Values List
Running In HTTP mode
Configuring The Gateway Proxy
Enabling PDC
IP Address Validation
HTTP Basic Authentication
Forward Cookie Configuration
Non-Portal Server Cookie Management
Chapter 9 Expanding The Portal
Adding Servers and Gateways
Character Restrictions on Host Names
To Add a Gateway After Installation
To Add a Server After Installation
To Restart a Gateway or Server
To Restart a Gateway
To Restart a Server
Modifying Information About a Server or Gateway
Setting Up Multiple Gateways and Servers
Load Balancing Support in iPlanet Portal Server
Pre-Configuration Issues for Multiple Gateways and Servers
Chapter 10 Data Logging
Logging
Manage Logging Profile
Viewing a Log
Managing the Logging Profile
Storing Log Information in a Database
Chapter 11 Maintaining iPlanet Portal Server
LDAP Backup and Restore
LDAP Backup - Procedure 1
LDAP Restore - Procedure 1
LDAP Backup - Procedure 2
LDAP Restore - Procedure 2
Setting Up Encrypted Communications Between Server and Gateway
To Generate a Self-Signed SSL Certificate on the Gateway
Obtaining SSL Certificates From Vendors
To Install SSL Certificates From Verisign
To Install SSL Root Certificates
To Install SSL Certificates From a Certificate Authority
Configuring Encrypted Communications on the Server
Fixing Known Problems
Browser Issues Involving the Netlet
Setting Platform Debugging
Troubleshooting Authentication Problems
Modules with Helpers
Debugging SafeWord
Starting Debugging Using the SafeWord Helper
Debugging SecurID
Starting Debugging Using the SecurID Helper
Debugging RADIUS
Starting Debugging Using the RADIUS Helper
Debugging Windows NT Primary Domain Controller
Configuring Windows NT Aliases
Manually Testing Windows NT Authentication
Debugging UNIX
Starting Debugging Using the UNIX Helper
Debugging S/Key
Starting Debugging Using the S/Key Helper
Appendix A Administering the Firewall Application
iPlanet Portal Server Firewall Application
How the Firewall Works
Configuring the iPlanet Portal Server Firewall Application
To Configure the iPlanet Portal Server Firewall Application
Administering the iPlanet Portal Server Firewall Application
Using fw.activate to turn on firewall
Using fw.address to change address
Address Management
Individual IP Addresses
Address Ranges
Using fw.rule for packet filtering
Rules
Using fw.services supplied
Standard Services
Service Groups
Firewall Troubleshooting
Appendix B iPlanet Portal Server Attributes
Platform-wide Authentication Attributes
Super Administrator Authentication Attributes
Domain Level Authentication Attributes
Appendix C iPlanet Portal Server 3.0 Third-Party Software CD-ROM
Samba
To Install Samba Software
GO-Joe
Installing GO-Joe on the Machine You Want to Control
To Add the SUNWgjvxs Package
Using GO-Joe With Browsers
pcANYWHERE
To install the Trial Version of pcANYWHERE on the CD
To Configure the Trial Version of pcANYWHERE
Glossary

Index


Index     Next     
Copyright © 2000 Sun Microsystems, Inc. Some preexisting portions Copyright © 2000 Netscape Communications Corp. All rights reserved.

Last Updated May 04, 2000