Chapter 2 Installing Directory Server Enterprise Edition 6.1

This chapter includes the detailed information about how to install Directory Server Enterprise Edition 6.1.

• Directory Server Enterprise Edition 6.1 Installation Instructions

• Directory Server Enterprise Edition 6.1 Downgrade Instructions

Directory Server Enterprise Edition 6.1 Installation Instructions

If you are using the native packages based distribution, you need to install Directory Server Enterprise Edition 6.0 first and then upgrade to version 6.1. Use the Java Enterprise System distribution to install the software. For more information, refer to the installation instructions in Chapter 3, Installing Directory Server Enterprise Edition 6.0.

If you are using the zip distribution, you can directly install Directory Server Enterprise Edition 6.1. During the installation process if dsee_deploy finds the existing instance of Directory Server Enterprise Edition, it upgrades the instance.

This section covers the upgrade instructions for the native packages based distribution and the installation instructions for the zip based distribution.

• Upgrading to Directory Server Enterprise Edition 6.1 Using Native Packages

• Installing Directory Server Enterprise Edition 6.1 Using the Zip distribution

Upgrading to Directory Server Enterprise Edition 6.1 Using Native Packages

This section describes how to upgrade to Directory Server Enterprise Edition 6.1 using the native packages. You must be root to perform these steps.

All the Directory Server instances, Directory Proxy Server instances, and configuration information remain unaffected after you complete the Directory Server Enterprise Edition upgrade.

To Upgrade to Directory Server Enterprise Edition 6.1 Using Native Packages

Before You Begin

This procedures assumes that you have already installed Directory Server Enterprise Edition 6.0 on your machine.

1. Stop the DSCC registry.

   $ dsadm stop install-path/var/dscc6/dcc/ads

2. Stop any running instances of Directory Server and Directory Proxy Server.

3. Download the Directory Server Enterprise Edition 6.1 patch.

   See Getting the Software in Sun Java System Directory Server Enterprise Edition 6.1 Release Notes for the details about where to get the patches.

4. Change to the directory where you saved the patch.

5. Run the following command to install the patch.

   • Solaris OS. Choose one of the following commands based on the operating system architecture you are using.

     • Sparc

       For Directory Server Enterprise Edition patch: # patchadd 125276-02

       For localized patch: # patchadd 125937-02

     • x86

       For Directory Server Enterprise Edition patch: # patchadd 125277-02

       For localized patch: # patchadd 125938-02

     • AMD x64

       For Directory Server Enterprise Edition patch: # patchadd 125278-02

       For localized patch: # patchadd 125938-02

   • Linux. Install the contents of patch 125309-02 in the following order:

     # rpm -U sun-ldap-shared-6.1-2.i386.rpm # rpm -U sun-ldap-directory-6.1-2.i386.rpm # rpm -U sun-ldap-directory-config-6.1-2.i386.rpm # rpm -U sun-ldap-directory-client-6.1-2.i386.rpm # rpm -U sun-ldap-directory-man-6.1-2.i386.rpm # rpm -U sun-ldap-proxy-6.1-2.i386.rpm # rpm -U sun-ldap-proxy-config-6.1-2.i386.rpm # rpm -U sun-ldap-proxy-client-6.1-2.i386.rpm # rpm -U sun-ldap-proxy-man-6.1-2.i386.rpm # rpm -U sun-ldap-console-cli-6.1-2.i386.rpm # rpm -U sun-ldap-console-agent-6.1-2.i386.rpm # rpm -U sun-ldap-console-gui-help-6.1-2.i386.rpm # rpm -U sun-ldap-console-gui-6.1-2.i386.rpm

     To install the localized patches, install the .rpm files in the 125939-03 patch in the same order listed above.

   • HP-UX

     For Directory Server Enterprise Edition patch: # /usr/sbin/swinstall -s path-to-patch/125310-02 125310-02

     For localized patch: # /usr/sbin/swinstall -s path-to-patch/125940-02 125940-02

     In the above installation, path-to-patch is the path to the patch directory.

     After the patch is installed, you must restart the common agent container.

6. Start the Directory Server instances and Directory Proxy Server instances, if any.

7. Restart the DSCC registry.

   $ dsadm start install-path/var/dscc6/dcc/ads

Installing Directory Server Enterprise Edition 6.1 Using the Zip distribution

You do not need to have a previous version of Directory Server Enterprise Edition installed. If the installer locates an existing instance of Directory Server Enterprise Edition during the installation process, it upgrades the instance automatically.

You can install the zip distribution as non-root user.

On Windows, in order to enable remote management capabilities when installing the zip distribution, you must install either as Administrator, or as a user who belongs directly to the local Administrators group.

To Install Directory Server Enterprise Edition 6.1 Using the Zip Distribution

Before You Begin

Backup the Directory Server Enterprise Edition installation directory, if any, as after upgrading to Directory Server Enterprise Edition 6.1 you will not be able to restore your Directory Server Enterprise Edition 6.0 instance.

Directory Server Enterprise Edition 6.1 removes any previous partial installation of Directory Server Enterprise Edition.

Refer to the following table for information about the appropriate zip patch for your system.

Complete the worksheet given below before you start your installation.

By default, the user and group IDs for zip installations are those of the user performing the installation.

1. Obtain the zip distribution for this installation.

2. Perform any of the following based on your requirements.

   • Stop all of the running Directory Server and Directory Proxy Server instances, if any.

   • If no previous installation of DSEE exists, install the prerequisite patches or service packs for your platform.

     See Operating System Requirements in Sun Java System Directory Server Enterprise Edition 6.1 Release Notes.

3. Change to the zip distribution directory that contains the dsee_deploy command.

4. Install the software with the dsee_deploy(1M) command.

   $ ./dsee_deploy install -i install-path options

   For example, the following command installs the component in the /local directory, assuming you have write access to that directory.

   $ ./dsee_deploy install -i /local

   You can also use the --no-inter option to install in non-interactive mode, accepting the license without confirmation. Non-interactive mode is particularly useful for silent installation.

   This step installs a Common Agent Container, cacao, with the local Directory Service Control Center agent as well, allowing you to use DSCC to create server instances. The previous command works properly only if you have not yet installed a Common Agent Container using the default port, 11162.

   If you installed DSCC previously on the same system, a Common Agent Container using the default port is already installed. Specify a different port using the -p option.

   $ ./dsee_deploy install -i /local -p 11169

   During the installation process, a Web Archive (WAR) file is saved on your system. This file is used to configure DSCC. For more information, see Installing Directory Service Control Center Using the Zip Distribution.

5. Restart Directory Server and Directory Proxy Server instances, if any.

6. (Optional) Load sample data in your directory.

   Examples that use command-line tools depend on sample data residing under the dc=example,dc=com suffix of your directory.

   You can set up part of the data that is required by creating a dc=example,dc=com suffix. You can then populate the suffix with entries from the ldif/Example.ldif file.

   Read the Example.ldif file to find bind passwords needed in the examples.

   After you load the Example.ldif content into the directory, generate test data for examples by using the makeldif(1) command and the following template:

   define suffix=dc=example,dc=com
   define maildomain=example.com
   
   branch: ou=test,[suffix]
   subordinateTemplate: person:100
   
   template: person
   rdnAttr: uid
   objectclass: top
   objectclass: person
   objectclass: organizationalPerson
   objectclass: inetOrgPerson
   givenName: <first>
   sn: <last>
   cn: {givenName} {sn}
   initials: {givenName:1}{sn:1}
   employeeNumber: <sequential>
   uid: test{employeeNumber}
   mail: {uid}@[maildomain]
   userPassword: auth{employeeNumber}{employeeNumber}
   telephoneNumber: <random>
   description: This is the description for {cn}.

   First, copy the template content to template.ldif. Next, use commands such as the following to generate the data in test.ldif and to load the content into the directory.

   $ cd install-path/dsrk6/bin/example_files/ $ makeldif -t test.template -o test.ldif Processing complete. 101 total entries written. $ ldapmodify -a -D uid=hmiller,dc=example,dc=com -w - -f test.ldif Enter bind password: …

   If you read Example.ldif, you see that the password for hmiller is hillock.

Next Steps

After installing the software, see Environment Variables.

Installing Directory Service Control Center Using the Zip Distribution

The Directory Server Enterprise Edition zip distribution includes a WAR file (dscc.war) that contains the Directory Service Control Center (DSCC) web application. The WAR file is deployed with the application server, which makes it possible to be out of the Sun Java Web Console and enables you to do the following:

• Connect to DSCC without having an operating system login account on the system hosting DSCC.

• Deploy DSCC without root privileges as the application server enables DSCC.

The WAR file supports the following application servers:

• Sun Java System Application Server 8.2 Enterprise Edition included in Sun Java Enterprise System 5.0

• Tomcat 5.5

  ---

  Note –

  If you deploy the WAR file in Tomcat, make sure that tag pooling is disabled. To disable tag pooling, edit the tomcat-instance-path/conf/web.xml file and add the following text:

  <init-param> <param-name>enablePooling</param-name> <param-value>false</param-value> </init-param>

  ---

You can deploy the WAR file with any of the compliant application servers. The following procedure contains information about deploying the WAR file with Sun Java System Application Server.

To Deploy the WAR File with Sun Java System Application Server

After you install Directory Server Enterprise Edition, the WAR file, dscc.war, is at install path/var/dscc6/.

The steps might differ depending on the application server that you use to deploy the WAR file. For information about deploying the WAR file using other application servers, see the respective server documentation.

1. Initialize the DSCC registry.

   $ install path/dscc6/bin/dsccsetup ads-create Choose password for Directory Service Manager: Confirm password for Directory Service Manager: Creating DSCC registry... DSCC Registry has been created successfully

2. Create an application server instance.

   $ mkdir /local/domainroot $ setenv AS_DOMAINS_ROOT /local/domainroot $ cd app-server-install-path/apserver/bin $ asadmin create-domain --domaindir ${AS_DOMAINS_ROOT} --adminport 3737 \ --adminuser boss dscc

3. Edit server.policy file.

   $ vi ${AS_DOMAINS_ROOT}/dscc/config/server.policy

   Add the following statements to the end of the file:

   // Permissions for Directory Service Control Center grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/dscc/-" { permission java.security.AllPermission; };

   This configures the application server to grant all of the Java permissions to the DSCC application.

4. Deploy the WAR file in your application server instance.

   $ asadmin start-domain --domaindir ${AS_DOMAINS_ROOT} dscc $ cp install path/var/dscc6/dscc.war ${AS_DOMAINS_ROOT}/dscc/autodeploy

   For more information about creating and configuring application server instances and deploying the WAR file, refer to the Sun Java System Application Server Online Help.

5. Open DSCC.

   Depending on the configuration of your application server , use http://localhost:8080 or https://localhost:8181 to connect to DSCC.

   The Directory Service Manager Login page displays.

To Troubleshoot Problems Accessing Directory Service Control Center

Use this procedure on the host where you installed DSCC.

1. Verify that DSCC has been initialized properly.

   $ install-path/dscc6/bin/dsccsetup status *** Sun Java (TM) Web Console is not installed *** DSCC Agent is registered in Cacao Cacao uses a custom port number (11168) *** DSCC Registry has been created Path of DSCC registry is install-path/var/dscc6/dcc/ads Port of DSCC registry is 3998 ***

2. If you see errors that pertain to the DSCC agent, check the status of Common Agent Container.

   The cacaoadm(1M) man page describes the error codes that the command returns. For the exact location of this command on your system, see Command Locations.

   You must run the cacaoadm command as the user who performed the installation. Otherwise, run the command as root.

   After installing Directory Server, the Common Agent Container starts automatically. However, when you reboot, you might have to start the Common Agent Container manually as follows:

   # instance-path/dsee6/cacao_2.0/usr/lib/cacao/bin/cacaoadm status default instance is DISABLED at system startup. Smf monitoring process: 13400 Uptime: 0 day(s), 0:16

   For more information about the Common Agent Container, see Sun Java Enterprise System 5 Monitoring Guide.

Directory Server Enterprise Edition 6.1 Downgrade Instructions

After you upgrade to Directory Server Enterprise Edition 6.1 you might want to restore your Directory Server Enterprise Edition 6.0 installation. This section provides complete information about how to downgrade the Directory Server Enterprise Edition installation.

Downgrading to Directory Server Enterprise Edition 6.0 Using Native Packages

Downgrading to Directory Server Enterprise Edition 6.0 restores the previous working copy of your Directory Server Enterprise Edition 6.0 instance and retains all your configuration information that you had before upgrading to Directory Server Enterprise Edition 6.1.

To downgrade to Directory Server Enterprise Edition 6.0, do the following steps:

1. Stop all running server instances.

2. Run the following command to remove the patch.

   • Solaris OS. Choose one of the following commands based on your operating system architecture.

     • Sparc: # patchrm 125276-02

     • x86: # patchrm 125277-02

     • AMD x64: # patchrm 125278-02

   • Linux. Go to the directory where the Directory Server Enterprise Edition 6.0 .rpm files are stored and run the commands in the following order.

     # rpm -U --oldpackage sun-ldap-shared-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-directory-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-directory-config-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-directory-client-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-directory-man-6.0-4.i386.rpm # rpm -U --oldpackage sun-ldap-proxy-6.0-24.i386.rpm # rpm -U --oldpackage sun-ldap-proxy-config-6.0-24.i386.rpm # rpm -U --oldpackage sun-ldap-proxy-client-6.0-24.i386.rpm # rpm -U --oldpackage sun-ldap-proxy-man-6.0-4.i386.rpm # rpm -U --oldpackage sun-ldap-console-cli-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-console-agent-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-console-gui-help-6.0-32.i386.rpm # rpm -U --oldpackage sun-ldap-console-gui-6.0-32.i386.rpm

   • HP-UX. # /usr/sbin/swremove 125310-02

   To remove localized patches, use the same commands as above with the respective patch numbers.

Downgrading to Directory Server Enterprise Edition 6.0 Using the Zip Distribution

Directory Server Enterprise Edition 6.1 zip distribution does not downgrade to the previous version. If you need to revert to Directory Server Enterprise Edition 6.0, restore the backup copy that you saved before upgrading to Directory Server Enterprise Edition 6.1.

To remove Directory Server Enterprise Edition completely, see Chapter 4, Uninstalling Directory Server Enterprise Edition 6.0.

Uninstalling Directory Service Control Center Installed Using the Zip Distribution

Uninstalling Directory Server Enterprise Edition does not uninstall Directory Service Control Center configured using the WAR file. If you need to uninstall DSCC, manually remove the WAR file from the application server instance.