Defining Authentication Entities (System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP))

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Defining Authentication Entities

As you configure Sun ONE Directory Server 5.1 and Administration Server, you will be asked for various user names, distinguished names (DN), and passwords. This list of login and bind entities will differ depending on the type of configuration that you are performing.

Directory Manager DN and password

The Directory Manager DN is the special directory entry to which access control does not apply. Think of the directory manager as your directory's superuser. (In previous releases of Sun ONE Directory Server, the Directory Manager DN was known as the root DN).

The default Directory Manager DN is cn=Directory Manager. Because the Directory Manager DN is a special entry, the Directory Manager DN does not have to conform to any suffix configured for your Sun ONE Directory Server 5.1. Therefore, you must not manually create an actual Sun ONE Directory Server 5.1 entry that has the same DN as the directory manager DN.

The Directory Manager password must be at least 8 characters long, and is limited to ASCII letters, digits, and symbols.

Note –
It is wise to use the same Directory Manager DN and password for all of your LDAP servers, especially if you have set the replicas to follow referrals to the master server during client add and modify operations.
Configuration Directory Administrator ID and password

The configuration directory administrator is the person responsible for managing all Sun ONE servers accessible through Sun ONE Console. If you log in with this user ID, then you can administer any Sun ONE server that you can see in the server topology area of Sun ONE Console.

For security, the configuration directory administrator should not be the same as the directory manager. The default configuration directory administrator ID is admin.
The Administration Server User and password

You are prompted for this only during custom configurations. The Administration Server user is the special user that has all privileges for the local Administration Server. Authentication as this person allows you to administer all Sun ONE servers stored on this server.

Administration Server user ID and password is used only when Sun ONE Directory Server 5.1 is down and you are unable to log in as the configuration directory administrator. The existence of this user ID means that you can access Administration Server and perform disaster recovery activities such as starting Sun ONE Directory Server 5.1, reading log files, and so forth.

Normally, Administration Server user and password should be identical to the configuration directory administrator ID and password.