Sun Java System Identity Synchronization for Windows 1 2004Q3 Installation and Configuration Guide |
Preface
Sun Java System Identity Synchronization for Windows 1 2004Q3 (formerly Sun ONE Identity Synchronization for Windows) allows passwords and other, specified user attributes to flow between Sun Java System Directory Server and other systems.
This guide explains how to install and configure Sun Java System Identity Synchronization for Windows for use in a production environment.
For the latest information about new features and enhancements in this release of Identity Synchronization for Windows, please see the online release notes at:
Note
User interfaces depicted in this document are subject to change in future versions of the product.
This Preface contains the following information:
Who Should Use This BookThis Installation and Configuration Guide is intended for use by administrators, systems engineers, and professional services engineers who will install and configure Identity Synchronization for Windows to establish bidirectional password and user attribute synchronization between Sun Java System Directory Server and Windows Active Directory/NT machines.
You should already be familiar with
- Configuring and operating Directory Server and Windows Active Directory/NT
- Lightweight Directory Access Protocol (LDAP)
- Java technology
- Extensible Markup Language (XML)
- Basic concepts of public-key cryptography and Secure Sockets Layer (SSL) protocol
- Basic concepts of intranet, extranet, and the Internet security and the role of digital certificates in an enterprise
Before You Read This BookThe Sun Java System Identity Synchronization for Windows 1 2004Q3 Release Notes contain the latest information about the product — including information that may supersede instructions provided in this book. Be sure you read these Release Notes before attempting any procedures described in this book.
Because Sun Java System Directory Server is used as the data store in an Identity Synchronization for Windows deployment, you should be familiar with the documentation provided with that product. Directory Server documentation can be accessed online at http://docs.sun.com/coll/DirectoryServer_04q2.
How This Book Is OrganizedThe Sun Java System Identity Synchronization for Windows 1 2004Q3 Installation and Configuration Guide is organized into the following chapters:
- Chapter 1, "Understanding the Product": Explains some basic concepts related to Identity Synchronization for Windows; such as product features, system components, command line utilities, system component distribution, and deployment examples.
- Chapter 2, "Preparing for Installation": Describes the installation and configuration processes, and provides information you may find helpful as you prepare to install the product.
- Chapter 3, "Installing Core": Explains how to use the Identity Synchronization for Windows installation program and how to install the Identity Synchronization for Windows Core component.
- Chapter 4, "Configuring Core Resources": Explains how to add and configure Core resources using the Console.
- Chapter 5, "Installing Connectors and Directory Server Plugins": Provides instructions for installing the Identity Synchronization for Windows Connectors and Directory Server Plugins.
- Chapter 6, "Synchronizing Existing Users": Explains how to link and resynchronize existing users for new Identity Synchronization for Windows installations.
- Chapter 7, "Migrating to Identity Synchronization for Windows 1 2004Q3": Explains how to migrate your system from Sun Java System Identity Synchronization for Windows version 1.0 to version 1 2004Q3.
- Chapter 8, "Removing the Software": Explains how to remove Identity Synchronization for Windows, including how to prepare for the uninstallation and how to uninstall the Console manually.
- Chapter 9, "Troubleshooting": Provides information you can use to troubleshoot your Identity Synchronization for Windows installation.
- Chapter 10, "Understanding Audit and Error Files": Provides information about audit and error logging, including how to set logging levels, viewing and understanding your log files and directory source status.
- Chapter 11, "Configuring Security": Describes how to configure a secure system. Information provided includes hardening security, securing replicated configurations, enabling SSL, and adding Active Directory CA certificates to certificate databases.
- Appendix A, "Using the Identity Synchronization for Windows Command Line Utilities": Explains how to use the Identity Synchronization for Windows command line utilities to perform different tasks.
- Appendix B, "LinkUsers XML Document Sample": Provides a sample Linkusers XML document (linkusers-simple.cfg) that you can use to customize to your environment.
- Appendix C, "Running Services as Non-Root on Solaris": Explains how to run Identity Synchronization for Windows services as a non-root user.
- Appendix D, "Defining and Configuring Synchronization User Lists": Provides information about Synchronization User List definitions and multiple domain configurations.
- Appendix E, "Installation Notes for Replicated Environments": Provides a brief overview of the steps required to configure and secure a multimaster replication (MMR) deployment.
Conventions Used in This BookThe tables in this section describe the conventions used in this book.
The information is organized as follows:Typographic Conventions
The following table describes the typographic conventions used in this book.
Symbols
The following table describes the symbol conventions used in this book.
Mnemonics
Identity Synchronization for Windows uses mnemonics (underlined letters) throughout the user interface to give you quicker options for performing certain tasks. You simply type the unlined letter to perform the task. Mnemonics are not case sensitive. To access them press the Alt key simultaneously.
For example, in some dialog boxes, you can type a capital “C” or “Alt-c” to cancel the dialog box or type capital “H” or “Alt-h,” to opent an online help dialog box.
Default Paths and File Names
The following table describes the default paths and file names used in this book.
Related DocumentationThe http://docs.sun.com web site enables you to access Sun technical documentation online. You can browse the archive or search for a specific book title or subject.
Books in This Documentation Set
The following table summarizes the books included in the Identity Synchronization for Windows documentation set.
Table 3 Books in This Documentation Set
Book Title
Description
Sun Java System Identity Synchronization for Windows 1 2004Q3 Installation and Configuration Guide
(http://docs.sun.com/doc/817-6199)Describes how to install and configure Identity Synchronization for Windows for use in a production environment.
Sun Java System Identity Synchronization for Windows 1 2004Q3 Deployment Planning Guide (http://docs.sun.com/doc/817-6200)
Provides general guidelines and best practices for the planning and deploying Identity Synchronization for Windows.
Sun Java System Identity Synchronization for Windows 1 2004Q3 Release Notes
(http://docs.sun.com/doc/817-6202)Available after the product is released. Contains last-minute information, including a description of what is new in this current release, known problems and limitations, installation notes, and how to report issues with the software or the documentation.
Other Documentation
Because you will be working ith Directory Server and Sun Java System Message Queue, you may need to refer to their product documentation. You can access the documentation from the following locations:
- Sun Java System Directory Server documentation
http://docs.sun.com/coll/DirectoryServer_04q2- Sun Java System Message Queue documentation
http://docs.sun.com/db/prod/2296#hicFor information about the basic concepts of public-key cryptography; Secure Sockets Layer (SSL) protocol; intranet, extranet, and the Internet security; and the role of digital certificates in an enterprise, read the security-related appendixes in the Managing Servers with iPlanet Console 5.0 manual.
For information about Windows 2003 Server and Windows Password Policies, read the following Microsoft publications:
Accessing Sun Resources OnlineFor product downloads, professional services, patches and support, and additional developer information, go to the following:
- Developer Information
http://developers.sun.com/prodtech/index.html- Download Center
http://wwws.sun.com/software/download/- Product Data Sheets
http://www.sun.com/software/- Product Documentation Online
http://docs.sun.com- Product Support and Status
http://www.sun.com/service/support/software/- Professional Services
http://www.sun.com/service/sunps/sunone/index.html- Sun Enterprise Services, Solaris Patches, and Support
http://sunsolve.sun.com- Support and Training
http://www.sun.com/supportraining/
Contacting Sun Technical SupportIf you have technical questions about this product that are not answered in the product documentation, go to:
http://www.sun.com/service/contacting
Related Third-Party Web Site ReferencesThe following third-party web sites are referenced in this publication:
Sun is not responsible for the availability of third-party web sites mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through such sites or resources.
Sun Welcomes Your CommentsSun is interested in improving its documentation and welcomes your comments and suggestions.
To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the book or at the top of the document.
For example, the title of this books is Sun Java System Identity Synchronization for Windows 1 2004Q3 Installation and Configuration Guide, and the part number is 817-6199.