test

Sun Java Enterprise System 2005Q4 Installation Planning Guide

LDAP Schema and LDAP Directory Tree Structure

Most Java ES solutions include Directory Server. Installing and configuring a solution requires input values that establish both the directory schema and the directory tree structure. Your installation plan must list input values that result in the correct LDAP schema and directory tree structure.

The LDAP schema and directory tree structure are specified before you begin the installation plan. For examples of specifications, see Developing Your User Management Specifications.

The LDAP schema is established by the following installation and configuration processes:

  1. Installing Directory Server automatically establishes a directory with Schema 1. No input is required to select the schema.

  2. Installing Access Manager automatically modifies the directory, and converts it to Schema 2. No input is required to select the schema.

  3. Running the Directory Preparation Tool extends the schema for use with Messaging Server, Calendar Server, and Communications Express. The Directory Preparation Tool extends both Schema 1 and Schema 2 directories. Input values for the Directory Preparation Tool are listed in your installation plan.

  4. Running Delegated Administrator extends the schema with object classes and attributes used to authorize and authenticate users for specific services. The input values depend on the service provided by your solution. The input values are listed in your installation plan. For more information on the input values, see Adding Procedures for Delegated Administrator to Your Installation Plan.

The installation and configuration process also establishes the basic directory tree structure:

  1. Installing Directory Server creates the base suffix, or directory tree root. The base suffix is a required input value when the Java ES installer installs Directory Server. Your installation plan lists the base suffix as one of the input values for the installation process.

  2. Installing and configuring Messaging Server branches the directory tree and creates an LDAP organization. This organization represents the email domain managed by the Messaging Server instance. The name of the organization is a required input for the Messaging Server configuration wizard. Your installation plan lists the organization DN as one of the input values for the Messaging Server configuration process.

  3. Installing and configuring Calendar Server, Communications Express, Delegated Administrator, and Instant Messaging specifies where in the directory these components look up user data. An LDAP DN is required input for each component's configuration wizard, and your installation plan lists the DN as an input value for each configuration wizard. If the solution uses Access Manager single sign-on, all of these components must be configured to use the same location for user data, which is the organization that the Messaging Server configuration wizard created. The same LDAP DN is input in all of these configuration wizards. Your installation plan lists the organization DN as one of the input values for all of the configuration wizards.

The names for the LDAP base suffix and email domain organization are taken from the user management specification and added to the installation plan. For more information about the user management specification, see Developing Your User Management Specifications. For more information about adding the LDAP base suffix to your installation plan, see Table 3–5. For more information about adding the email domain organization to your installation plan, see Table 3–9, Table 3–10, Table 3–11, Table 3–13, and Table 3–14.