Index Next |
iPlanet Portal Server Administration Guide |
Contents
PrefaceWho Should Use This Book
Chapter 1 Introducing iPlanet Portal Server 3.0
How This Manual Is Organized
Related Books
Accessing Sun Documentation Online
Typographic Conventions
Shell Prompts in Command Examples
What is a Portal?
Chapter 2 Creating A Multi-Domain Portal
Features of the iPlanet Portal Server
Administering iPlanet Portal Server
Getting Information for Administering iPlanet Portal Server
Using the iPlanet Portal Server Desktop From a Remote Client
Where to Go Next
iPlanet Portal Server Components
Introducing the Server
Structure of the iPlanet Portal Server Role Tree
Introducing the Profile Server
Introducing the Gateway
Choosing a Firewall
Basic iPlanet Portal Server Installation
Root Level
Introducing the Administration Console
Domain Role-User Attributes
Domain Level
Inheritance in the Role Tree
Inheritance at the Domain Level
Role Level
Inheritance at the Role Level
User Level
Inheritance at the User Level
Logging in to the Administration Console
Interacting With The Administration Console
How the Administration Console is Organized
Main Screen Task Frame
Moving Through the Administration Console Content Pages
Content Frame
Navigating Through the Administration Console
Screen Shortcuts
Using the Search Link
Modifying Information in the Contents Frame
Processing Changes to the Profile Server
Managing Customized Attributes
Overview
Chapter 3 Configuring The Desktop
Creating a Business to Consumer Portal
Creating the Business To Consumer Domain
Creating a Business to Employee Portal
Enabling Self-Registration Using the Membership Module
Verifying User Self Registration Authentication and Self-registered User Role Placement
Specifying URL Access Policy For the Customer Role
Verifying URL Access Policy From the Desktop
Disabling Access To an Application and Other Secure Providers
Verifying Disabled Application Access
Creating the Business To Employee Domain
Setting Up a Delegated Administrator
Enabling UNIX Authentication
Verifying UNIX Authentication at Desktop Log In Screen
Setting Up a Virtual VPN for the Employee Domain
Verifying Netlet Service on Port 8143
Denying Access to a URL and an Application for a Role
Verifying Denied Access to Engineer User to URL and Application
Customizing the Desktop With a Welcome Message
Verifying the Customized Desktop Welcome Message
Adding a New Role
Managing Roles and Users
Assigning Admin Privileges to the New Role
Adding a New User for the Admin Role
Move Users
Delete Users
Delete a Role
Adding a Custom Application Provider
Chapter 4 Configuring Membership
Copying the Class File
Configuring an Available Channel
Adding the Channel to the Available Channels List
Adding the Channel to a Desktop
Specifying Column Layout
Setting Desktop Colors and Content
Additional Channel Display Attributes
Specifying a Custom Name and Logo for the Portal Home Page
Introducing The Channel Wizard
Overview
Chapter 5 Configuring Policy
Functionality
User Types
Screens
User Data
Components
Customization
Look and Feel
Membership Module Requirements
Content
Function
Overview
Chapter 6 Managing Authentication
Configuring Policy
To Configure Policy at the Domain, Role, and User Levels
Policy Details
Using Lists and Checkboxes
Applications Policy
Desktop Policy
Logging Policy
NetFile Policy
Netlet Policy
Platform Policy
Session Policy
S/Key Generation Policy
User Policy
Miscellaneous
ADMIN and USER Permissions
Overview of iPlanet Portal Server Authentication
Chapter 7 Configuring The Netlet
Default Authentication Methods
Managing Authentication Attributes
Common Authentication Tasks
Files Used for Authentication
How the Users Experience the Authentication Process
Setting Up User Authentication for a Multiple Domain Portal
Requiring the User to Type a Domain Name
Using a Virtual Host Name for the Gateway
To Define Platform-Wide Authentication Attributes
Setting Up Authentication for Users
To Define Domain-Specific Authentication Attributes
Configuring Authentication for Administrators
Customizing Authentication on Your Portal
Configuring S/Key Authentication
S/Key Password Generation
Authentication Using the LDAP Server
Security
Configuring Personal Digital Certificates (PDCs) and Encoded Devices Authentication
Which LDAP Server to Use?
Configuring LDAP Authentication
Managing PDC Attributes
Configuring Windows NT Primary Domain Controller Authentication
Configuring SafeWord Authentication
Viewing or Changing SafeWord Attributes
Configuring SecurID Authentication
Viewing or Changing SecurID Attributes
Configuring RADIUS Authentication
Viewing or Changing RADIUS Attributes
Configuring UNIX Authentication
Editing the Properties Files
Adding or Removing Modules From the Menu
Adding or Removing an Authentication Module from the Platform
Changing the Look of Authentication Modules on a Per-Domain Basis
To Customize an Authentication Module on a Per-Domain Basis
Authentication Helpers (daemons)
Platform-wide Authentication Attributes
Authentication Attributes at the Domain Level
Authentication Attributes at the Role or User Level
Providing Secure Applications Through the Netlet
Chapter 8 Configuring the Gateway
Requirements for the Netlet
Writing Netlet Rules
How the Netlet Works
What Is Involved in Configuring the Netlet?
Syntax of Netlet Rules
Configuring Netlet Profiles in the Role Tree
Ports Used by iPlanet Portal Server
Sample Netlet Rules
Basic Static Rule
Static Rule With Multiple Target Hosts
Dynamic Rule That Invokes a URL
Dynamic Rule That Downloads an Applet
To Configure a Netlet Profile for a Domain
Configuring Netlet Privileges for the Role Tree
To Set Permissions for the Netlet
To Configure a Netlet Profile for a Role or Users
To Delete a Netlet Rule
To Modify an Existing Rule
To Define Netlet Policies for a Domain
Client Specifications and Examples
To Define Netlet Policies for a Role
To Define Netlet Policies for a User
Rules for Predefined Netlet Applications
Configuring Client Software
Integrating Applet Clients
Integrating Non-Applet Clients
Configuring Lotus Notes
Writing a Netlet Rule for the Lotus Notes Web Client
Writing Netlet Rules for Stand-Alone Email Clients to an IMAP or an SMTP Server
Writing a Netlet Rule for the Lotus Notes (non-Web) Client
Configuring the Netscape Mail Client
Accessing Netscape Mail
Configuring Netlet for Use With Microsoft Outlook and Exchange Server
End User Access to Microsoft Exchange Server
Configuring Web Proxies
Chapter 9 Expanding The Portal
Configuring the Web Proxies Used To Contact the Profile Service
Using Virtual IP and DNS Names
Configuring the Web Proxies for the Server and All Other Machines
Using One Gateway Name
Configuring the Rewriter
Multi-hosting or Multiple Gateway Names
Rewriting HTML Attributes
Running In HTTP mode
Rewriting Form Input Tags List
Rewriting JavaScript Function Parameters
Rewriting HTML Attributes Containing JavaScript
Rewriting JavaScript Variables in URLs
Rewriting JavaScript Variables Function
Rewriting JavaScript Function Parameters in HTML
Rewriting JavaScript Variables in HTML
Rewriting Applet Parameter Values List
Configuring The Gateway Proxy
Enabling PDC
IP Address Validation
HTTP Basic Authentication
Forward Cookie Configuration
Non-Portal Server Cookie Management
Adding Servers and Gateways
Chapter 10 Data Logging
Character Restrictions on Host Names
To Add a Gateway After Installation
To Add a Server After Installation
To Restart a Gateway or Server
To Restart a Gateway
Modifying Information About a Server or Gateway
To Restart a Server
Setting Up Multiple Gateways and Servers
Load Balancing Support in iPlanet Portal Server
Pre-Configuration Issues for Multiple Gateways and Servers
Logging
Chapter 11 Maintaining iPlanet Portal Server
Manage Logging Profile
Viewing a Log
Managing the Logging Profile
Storing Log Information in a Database
LDAP Backup and Restore
Appendix A Administering the Firewall Application
LDAP Backup - Procedure 1
Setting Up Encrypted Communications Between Server and Gateway
LDAP Restore - Procedure 1
LDAP Backup - Procedure 2
LDAP Restore - Procedure 2
To Generate a Self-Signed SSL Certificate on the Gateway
Fixing Known Problems
Obtaining SSL Certificates From Vendors
To Install SSL Certificates From Verisign
Configuring Encrypted Communications on the Server
To Install SSL Root Certificates
To Install SSL Certificates From a Certificate Authority
Browser Issues Involving the Netlet
Troubleshooting Authentication Problems
Setting Platform Debugging
Modules with Helpers
Debugging SafeWord
Starting Debugging Using the SafeWord Helper
Debugging SecurID
Starting Debugging Using the SecurID Helper
Debugging RADIUS
Starting Debugging Using the RADIUS Helper
Debugging Windows NT Primary Domain Controller
Configuring Windows NT Aliases
Debugging UNIX
Manually Testing Windows NT Authentication
Starting Debugging Using the UNIX Helper
Debugging S/Key
Starting Debugging Using the S/Key Helper
iPlanet Portal Server Firewall Application
Appendix B iPlanet Portal Server Attributes
How the Firewall Works
Configuring the iPlanet Portal Server Firewall Application
To Configure the iPlanet Portal Server Firewall Application
Administering the iPlanet Portal Server Firewall Application
Using fw.activate to turn on firewall
Firewall Troubleshooting
Using fw.address to change address
Address Management
Using fw.rule for packet filtering
Individual IP Addresses
Address Ranges
Rules
Using fw.services supplied
Standard Services
Service Groups
Platform-wide Authentication Attributes
Appendix C iPlanet Portal Server 3.0 Third-Party Software CD-ROM
Super Administrator Authentication Attributes
Domain Level Authentication Attributes
Glossary
Samba
To Install Samba Software
GO-Joe
Installing GO-Joe on the Machine You Want to Control
pcANYWHERE
To Add the SUNWgjvxs Package
Using GO-Joe With Browsers
To install the Trial Version of pcANYWHERE on the CD
To Configure the Trial Version of pcANYWHERE
Index
Index Next
Copyright © 2000 Sun Microsystems, Inc. Some preexisting portions Copyright © 2000 Netscape Communications Corp. All rights reserved.
Last Updated May 04, 2000