Sun Java System Directory Server Enterprise Edition 6.1 Installation Guide

Installing Directory Server Enterprise Edition 6.1 Using the Zip distribution

You do not need to have a previous version of Directory Server Enterprise Edition installed. If the installer locates an existing instance of Directory Server Enterprise Edition during the installation process, it upgrades the instance automatically.

You can install the zip distribution as non-root user.

On Windows, in order to enable remote management capabilities when installing the zip distribution, you must install either as Administrator, or as a user who belongs directly to the local Administrators group.

ProcedureTo Install Directory Server Enterprise Edition 6.1 Using the Zip Distribution

Before You Begin

Backup the Directory Server Enterprise Edition installation directory, if any, as after upgrading to Directory Server Enterprise Edition 6.1 you will not be able to restore your Directory Server Enterprise Edition 6.0 instance.

Directory Server Enterprise Edition 6.1 removes any previous partial installation of Directory Server Enterprise Edition.

Refer to the following table for information about the appropriate zip patch for your system.

Operating System 

Patch number 

Solaris Sparc 


Solaris x86 


Solaris x64 








Complete the worksheet given below before you start your installation.

Requisite Information 


Your Answers 

Fully qualified hostname of the system where you install  

  • Directory Server

  • Directory Proxy Server





(Optional) Common agent container port number to access from Directory Service Control Center 

Default: 11162


File system paths where you create instances for: 

  • Directory Server

  • Directory Proxy Server


  • /local/ds/

  • /local/dps/

Create instances only on local file systems, never on network–mounted file systems such as NFS. 

Each path is henceforth referred to as an instance-path.


LDAP port number 

Default: 389 when installing as root; 1389 for non-root


LDAP or SSL port number 

Default: 636 when installing as root; 1636 for non-root


Directory Manager DN 

Default: cn=Directory Manager


Directory Proxy Manager DN 

Default: cn=Proxy Manager


Directory Manager password 

Must be at least eight characters long 


Directory Proxy Manager password 

Must be at least eight characters long 


Base suffix DN 

Example: dc=example,dc=com


(UNIX systems) Server user (uid)

Example: noaccess


(UNIX systems) Server group (gid)

Example: noaccess


(Optional) Connection information for each server to access through the proxy 



By default, the user and group IDs for zip installations are those of the user performing the installation.

  1. Obtain the zip distribution for this installation.

  2. Perform any of the following based on your requirements.

  3. Change to the zip distribution directory that contains the dsee_deploy command.

  4. Install the software with the dsee_deploy(1M) command.

    $ ./dsee_deploy install -i install-path options

    For example, the following command installs the component in the /local directory, assuming you have write access to that directory.

    $ ./dsee_deploy install -i /local

    You can also use the --no-inter option to install in non-interactive mode, accepting the license without confirmation. Non-interactive mode is particularly useful for silent installation.

    This step installs a Common Agent Container, cacao, with the local Directory Service Control Center agent as well, allowing you to use DSCC to create server instances. The previous command works properly only if you have not yet installed a Common Agent Container using the default port, 11162.

    If you installed DSCC previously on the same system, a Common Agent Container using the default port is already installed. Specify a different port using the -p option.

    $ ./dsee_deploy install -i /local -p 11169

    During the installation process, a Web Archive (WAR) file is saved on your system. This file is used to configure DSCC. For more information, see Installing Directory Service Control Center Using the Zip Distribution.

  5. Restart Directory Server and Directory Proxy Server instances, if any.

  6. (Optional) Load sample data in your directory.

    Examples that use command-line tools depend on sample data residing under the dc=example,dc=com suffix of your directory.

    You can set up part of the data that is required by creating a dc=example,dc=com suffix. You can then populate the suffix with entries from the ldif/Example.ldif file.

    Read the Example.ldif file to find bind passwords needed in the examples.

    After you load the Example.ldif content into the directory, generate test data for examples by using the makeldif(1) command and the following template:

    define suffix=dc=example,dc=com
    branch: ou=test,[suffix]
    subordinateTemplate: person:100
    template: person
    rdnAttr: uid
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    givenName: <first>
    sn: <last>
    cn: {givenName} {sn}
    initials: {givenName:1}{sn:1}
    employeeNumber: <sequential>
    uid: test{employeeNumber}
    mail: {uid}@[maildomain]
    userPassword: auth{employeeNumber}{employeeNumber}
    telephoneNumber: <random>
    description: This is the description for {cn}.

    First, copy the template content to template.ldif. Next, use commands such as the following to generate the data in test.ldif and to load the content into the directory.

    $ cd install-path/dsrk6/bin/example_files/
    $ makeldif -t test.template -o test.ldif
    Processing complete.
    101 total entries written.
    $ ldapmodify -a -D uid=hmiller,dc=example,dc=com -w - -f test.ldif
    Enter bind password:

    If you read Example.ldif, you see that the password for hmiller is hillock.

Next Steps

After installing the software, see Environment Variables.

Installing Directory Service Control Center Using the Zip Distribution

The Directory Server Enterprise Edition zip distribution includes a WAR file (dscc.war) that contains the Directory Service Control Center (DSCC) web application. The WAR file is deployed with the application server, which makes it possible to be out of the Sun Java Web Console and enables you to do the following:

The WAR file supports the following application servers:

You can deploy the WAR file with any of the compliant application servers. The following procedure contains information about deploying the WAR file with Sun Java System Application Server.

ProcedureTo Deploy the WAR File with Sun Java System Application Server

After you install Directory Server Enterprise Edition, the WAR file, dscc.war, is at install path/var/dscc6/.

The steps might differ depending on the application server that you use to deploy the WAR file. For information about deploying the WAR file using other application servers, see the respective server documentation.

  1. Initialize the DSCC registry.

    $ install path/dscc6/bin/dsccsetup ads-create
    Choose password for Directory Service Manager:
    Confirm password for Directory Service Manager:
    Creating DSCC registry...
    DSCC Registry has been created successfully
  2. Create an application server instance.

    $ mkdir /local/domainroot
    $ setenv AS_DOMAINS_ROOT /local/domainroot
    $ cd app-server-install-path/apserver/bin
    $ asadmin create-domain --domaindir ${AS_DOMAINS_ROOT} --adminport 3737 \
    --adminuser boss dscc
  3. Edit server.policy file.

    $ vi ${AS_DOMAINS_ROOT}/dscc/config/server.policy

    Add the following statements to the end of the file:

    // Permissions for Directory Service Control Center
    grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/dscc/-" 

    This configures the application server to grant all of the Java permissions to the DSCC application.

  4. Deploy the WAR file in your application server instance.

    $ asadmin start-domain --domaindir ${AS_DOMAINS_ROOT} dscc 
    $ cp install path/var/dscc6/dscc.war ${AS_DOMAINS_ROOT}/dscc/autodeploy

    For more information about creating and configuring application server instances and deploying the WAR file, refer to the Sun Java System Application Server Online Help.

  5. Open DSCC.

    Depending on the configuration of your application server , use http://localhost:8080 or https://localhost:8181 to connect to DSCC.

    The Directory Service Manager Login page displays.

ProcedureTo Troubleshoot Problems Accessing Directory Service Control Center

Use this procedure on the host where you installed DSCC.

  1. Verify that DSCC has been initialized properly.

    $ install-path/dscc6/bin/dsccsetup status
    Sun Java (TM) Web Console is not installed
    DSCC Agent is registered in Cacao
    Cacao uses a custom port number (11168)
    DSCC Registry has been created
    Path of DSCC registry is install-path/var/dscc6/dcc/ads
    Port of DSCC registry is 3998
  2. If you see errors that pertain to the DSCC agent, check the status of Common Agent Container.

    The cacaoadm(1M) man page describes the error codes that the command returns. For the exact location of this command on your system, see Command Locations.

    You must run the cacaoadm command as the user who performed the installation. Otherwise, run the command as root.

    After installing Directory Server, the Common Agent Container starts automatically. However, when you reboot, you might have to start the Common Agent Container manually as follows:

    # instance-path/dsee6/cacao_2.0/usr/lib/cacao/bin/cacaoadm status
    default instance is DISABLED at system startup.
    Smf monitoring process:
    Uptime: 0 day(s), 0:16

    For more information about the Common Agent Container, see Sun Java Enterprise System 5 Monitoring Guide.