As you configure iPlanet Directory Server 5.1 and Administration Server, you will be asked for various user names, distinguished names (DN), and passwords. This list of login and bind entities will differ depending on the type of configuration that you are performing.
Directory Manager DN and password
The Directory Manager DN is the special directory entry to which access control does not apply. Think of the directory manager as your directory's superuser. (In former releases of iPlanet Directory Server, the Directory Manager DN was known as the root DN).
The default Directory Manager DN is cn=Directory Manager. Because the Directory Manager DN is a special entry, the Directory Manager DN does not have to conform to any suffix configured for your iPlanet Directory Server 5.1. Therefore, you must not manually create an actual iPlanet Directory Server 5.1 entry that has the same DN as the directory manager DN.
The Directory Manager password must be at least 8 characters long, and is limited to ASCII letters, digits, and symbols.
It is wise to use the same Directory Manager DN and password for all of your LDAP servers, especially if you have set the replicas to follow referrals to the master server during client add and modify operations.
Configuration Directory Administrator ID and password
The configuration directory administrator is the person responsible for managing all the iPlanet servers accessible through iPlanet Console. If you log in with this user ID, then you can administer any iPlanet server that you can see in the server topology area of iPlanet Console.
For security, the configuration directory administrator should not be the same as the directory manager. The default configuration directory administrator ID is admin.
The Administration Server User and password
You are prompted for this only during custom configurations. The Administration Server user is the special user that has all privileges for the local Administration Server. Authentication as this person allows you to administer all the iPlanet servers stored on this server.
Administration Server user ID and password is used only when the iPlanet Directory Server 5.1 is down and you are unable to log in as the configuration directory administrator. The existence of this user ID means that you can access Administration Server and perform disaster recovery activities such as starting iPlanet Directory Server 5.1, reading log files, and so forth.
Normally, Administration Server user and password should be identical to the configuration directory administrator ID and password.