Sun Java System Communications Services 6 2005Q1 Delegated Administrator ¼³¸í¼ |
ºÎ·Ï A
¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ ¹× ¼ºñ½º °ø±Þ¾÷ü Á¶Á÷Delegated Administrator Äֿܼ¡¼´Â »õ·Î¿î °ü¸®ÀÚ ¿ªÇÒÀÎ ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ(SPA)¿Í µð·ºÅ丮¿¡¼ »ý¼º °¡´ÉÇÑ »õ·Î¿î Á¶Á÷ À¯ÇüÀ» Á¦°øÇÕ´Ï´Ù.
ÀÌ ºÎ·ÏÀº ´ÙÀ½ ³»¿ëÀ¸·Î ±¸¼ºµÇ¾î ÀÖ½À´Ï´Ù.
ÀÌ ºÎ·Ï¿¡¼´Â SPA ¿ªÇÒ ¹× »õ·Î¿î Á¶Á÷ À¯ÇüÀ» ¼Ò°³ÇÏ°í Delegated Administrator¿¡¼ À̵éÀ» »ý¼ºÇÏ´Â ¹æ¹ýÀ» ¼³¸íÇÕ´Ï´Ù.
¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚDelegated Administrator Äֿܼ¡¼´Â »õ·Î¿î À¯ÇüÀÇ ÇÏÀ§ Á¶Á÷À» ¸¸µé°í °ü¸®ÇÒ ¼ö ÀÖ´Â SPA¶ó´Â »õ·Î¿î ¿ªÇÒ¿¡°Ô °ü¸® ÀÛ¾÷À» À§ÀÓÇÒ ¼ö ÀÖ½À´Ï´Ù.
SPAÀÇ ±ÇÇÑ ¹üÀ§´Â ÃÖ»óÀ§ °ü¸®ÀÚ(TLA)¿Í Á¶Á÷ °ü¸®ÀÚ(OA)ÀÇ »çÀÌ¿¡ ÇØ´çµË´Ï´Ù.
SPA¸¦ »ç¿ëÇϸé 1Àå, "Delegated Administrator °³¿ä"ÀÇ 3°èÃþ ±¸Á¶¿¡¼ ¼³¸íÇÏ´Â 3Ãþ °ü¸® °èÃþÀ» ¸¸µé ¼ö ÀÖ½À´Ï´Ù.
ÀÌ µÎ ¹ø° À§ÀÓ ´Ü°è¸¦ ÀÌ¿ëÇÏ¸é ´ëÇü LDAP µð·ºÅ丮°¡ Áö¿øÇÏ´Â ´ë±Ô¸ð °í°´ ±â¹ÝÀ» ½±°Ô °ü¸®ÇÒ ¼ö ÀÖ½À´Ï´Ù. ¿¹¸¦ µé¾î, ISP°¡ ¼ö¹é°³ ¶Ç´Â ¼öõ°³ÀÇ ÀÛÀº ȸ»çµé¿¡°Ô ¼ºñ½º¸¦ °ø±ÞÇÒ ¼ö Àִµ¥, ÀÌ °æ¿ì ȸ»çº°·Î °¢ÀÚ Á¶Á÷ÀÌ ÇÊ¿äÇÕ´Ï´Ù. ¸ÅÀÏ ¼ö½Ê°³ÀÇ Á¶Á÷ÀÌ µð·ºÅ丮¿¡ »õ·Î Ãß°¡µÇ¾î¾ß ÇÏ´Â °æ¿ìµµ ÀÖ½À´Ï´Ù.
2°èÃþ ±¸Á¶¿¡¼´Â TLA°¡ ¸ðµç »õ Á¶Á÷À» ¸¸µé¾î¾ß ÇÕ´Ï´Ù. ÀÌÁ¦ TLA´Â ±×·¯ÇÑ ÀÛ¾÷À» SPA¿¡°Ô À§ÀÓÇÒ ¼ö ÀÖ½À´Ï´Ù.
SPA´Â »õ °í°´À» À§ÇØ ÇÏÀ§ Á¶Á÷À» ¸¸µé°í ±× Á¶Á÷ÀÇ »ç¿ëÀÚ¸¦ °ü¸®ÇÒ OA¸¦ ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù.
±×¸² A-1¿¡¼´Â »ùÇà 3Ãþ Á¶Á÷ °èÃþÀÇ ³í¸®Àû ºä¸¦ º¸¿© ÁÝ´Ï´Ù.
±×¸² A-1
SPA¸¦ »ç¿ëÇÏ´Â µð·ºÅ丮: ³í¸®Àû ºä
±×¸² A-1ÀÇ ¿¹¿¡¼´Â ÇϳªÀÇ °ø±Þ¾÷ü Á¶Á÷À» º¸¿© ÁÝ´Ï´Ù. ÇÏÁö¸¸ µð·ºÅ丮 Çϳª°¡ ¿©·¯ °ø±Þ¾÷ü Á¶Á÷À» Æ÷ÇÔÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ ¿¹¿¡¼ °ü¸® ÀÛ¾÷Àº ´ÙÀ½°ú °°ÀÌ À§Àӵ˴ϴÙ.
- SPA´Â VIS °ø±Þ¾÷ü Á¶Á÷ ¹× ÀÌ Á¶Á÷ÀÇ ¸ðµç ÇÏÀ§ Á¶Á÷À» °ü¸®ÇÒ ±ÇÇÑÀ» °®½À´Ï´Ù. SPA ¿ªÇÒÀº DEF Á¶Á÷ÀÇ user1¿¡°Ô ÁöÁ¤µÇ¾ú½À´Ï´Ù.
- OA1¶ó´Â À̸§ÀÇ OA°¡ °øÀ¯ Á¶Á÷ÀÎ DEF¸¦ °ü¸®ÇÕ´Ï´Ù. ÀÌ OA ¿ªÇÒÀº DEF Á¶Á÷ÀÇ user2¿¡°Ô ÁöÁ¤µÇ¾ú½À´Ï´Ù.
- OA2´Â °øÀ¯ Á¶Á÷ÀÎ HIJ¸¦ °ü¸®ÇÕ´Ï´Ù. ÀÌ OA ¿ªÇÒÀº HIJ Á¶Á÷ÀÇ user4¿¡°Ô ÁöÁ¤µÇ¾ú½À´Ï´Ù.
- OA3´Â Àüü Á¶Á÷ÀÎ SESTA¸¦ °ü¸®ÇÕ´Ï´Ù. ÀÌ OA ¿ªÇÒÀº SESTA Á¶Á÷ÀÇ user1¿¡°Ô ÁöÁ¤µÇ¾ú½À´Ï´Ù.
°ø±Þ¾÷ü ¹× ÇÏÀ§ Á¶Á÷¿¡ ´ëÇÑ Á¤ÀÇ´Â SPA°¡ °ü¸®ÇÏ´Â Á¶Á÷À» ÂüÁ¶ÇϽʽÿÀ.
SPA ¿ªÇÒ
SPA´Â ´ÙÀ½ ÀÛ¾÷À» ¼öÇàÇÒ ¼ö ÀÖ½À´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ VIS °ø±Þ¾÷ü Á¶Á÷ÀÇ SPA´Â ´ÙÀ½ ÀÛ¾÷À» ¼öÇàÇÒ ¼ö ÀÖ½À´Ï´Ù.
¿¹¸¦ µé¾î, ±×¸² A-1ÀÇ »ùÇà Á¶Á÷¿¡¼ SPA´Â SESTA Á¶Á÷ÀÇ user2¿¡°Ô OA ¿ªÇÒÀ» ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù. ±×¸®°í ³ª¼ user2´Â SESTA Á¶Á÷ÀÇ »ç¿ëÀÚ¸¦ °ü¸®ÇÒ ¼ö ÀÖ½À´Ï´Ù.
¶ÇÇÑ SPA´Â »ç¿ëÀڷκÎÅÍ OA ¿ªÇÒÀ» Á¦°ÅÇÒ ¼ö ÀÖ½À´Ï´Ù.
CoS ÆÐÅ°Áö¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº 1Àå, "Delegated Administrator °³¿ä"ÀÇ ¼ºñ½º ÆÐÅ°Áö¸¦ ÂüÁ¶ÇϽʽÿÀ.
SPA´Â Á¤ÇØÁø À¯ÇüÀÇ CoS ÆÐÅ°Áö¸¦ Á¶Á÷¿¡ ÁöÁ¤ÇÏ°í ÇØ´ç Á¶Á÷¿¡¼ °¢ ÆÐÅ°Áö¸¦ ¸î °³±îÁö »ç¿ëÇÒ ¼ö ÀÖ´ÂÁö °áÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù.
¿¹¸¦ µé¾î, SPA´Â ´ÙÀ½°ú °°ÀÌ CoS ÆÐÅ°Áö¸¦ ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù.
SPA´Â Delegated Administrator ÄܼÖÀ» »ç¿ëÇÏ¿© ÀÌ ÀÛ¾÷À» ¼öÇàÇÒ ¼ö ÀÖ½À´Ï´Ù. À̹ø ¸±¸®½ºÀÇ Delegated Administrator À¯Æ¿¸®Æ¼¿¡´Â ÀÌ ÀÛ¾÷À» ¼öÇàÇÏ´Â ¸í·É ¿É¼ÇÀÌ Æ÷ÇÔµÇÁö ¾Ê¾Ò½À´Ï´Ù.
ÁÖ
TLA´Â ±âÁ¸ °øÀ¯ Á¶Á÷ ¶Ç´Â Àüü Á¶Á÷À» ¼öÁ¤Çϰųª »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù. ¶ÇÇÑ TLA´Â ±×·¯ÇÑ Á¶Á÷ÀÇ »ç¿ëÀÚ¸¦ °ü¸®ÇÒ ¼ö ÀÖ½À´Ï´Ù.
TLA´Â ÄܼÖÀ» ÅëÇØ ¾î¶² »ç¿ëÀڷκÎÅÍ SPA ¿ªÇÒÀ» Á¦°ÅÇÒ ¼ö ÀÖÁö¸¸ SPA ¿ªÇÒÀ» ÁöÁ¤ÇÒ ¼ö´Â ¾ø½À´Ï´Ù. À̹ø Delegated Administrator ¸±¸®½º¿¡¼ÀÇ Á¦¾à Á¶°Ç ¸ñ·ÏÀº À̹ø ¸±¸®½º¿¡¼ÀÇ °í·Á »çÇ×À» ÂüÁ¶ÇϽʽÿÀ.
TLA°¡ ¼öÇàÇÏ´Â °ü¸® ÀÛ¾÷¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº 1Àå, "Delegated Administrator °³¿ä"ÀÇ °ü¸®ÀÚ ¿ªÇÒ ¹× µð·ºÅ丮 °èÃþÀ» ÂüÁ¶ÇϽʽÿÀ.
»ç¿ëÀÚ¿¡°Ô SPA ¿ªÇÒ ÁöÁ¤
SPA ÁöÁ¤ ´ë»óÀÌ µÈ Á¶Á÷ÀÇ »ç¿ëÀڷμ SPA°¡ °ü¸®ÇÒ °ø±Þ¾÷ü Á¶Á÷ÀÇ ÇÏÀ§ Á¶Á÷¿¡ ¼ÓÇÑ »ç¶÷¿¡°Ô SPA ¿ªÇÒÀÌ ÁÖ¾îÁ®¾ß ÇÕ´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼´Â VIS¶ó´Â À̸§ÀÇ °ø±Þ¾÷ü Á¶Á÷À» À§ÇØ SPA¸¦ »ý¼ºÇÑ´Ù°í °¡Á¤ÇÕ´Ï´Ù. DEF Á¶Á÷ÀÇ user1¿¡°Ô SPA ¿ªÇÒÀ» ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷ ³ëµå¿¡´Â »ç¿ëÀÚ°¡ Æ÷ÇÔµÇÁö ¾ÊÀ¸¹Ç·Î SPA´Â ÇÏÀ§ Á¶Á÷¿¡ ¼ÓÇØ¾ß ÇÕ´Ï´Ù.
µû¶ó¼ SPA°¡ ¾î¶² °ø±Þ¾÷ü Á¶Á÷À» °ü¸®ÇÏ·Á¸é ¸ÕÀú ÇØ´ç °ø±ÞÀÚ Á¶Á÷ ¾Æ·¡¿¡ Çϳª ÀÌ»óÀÇ Á¶Á÷À» ¸¸µé¾î¾ß ÇÕ´Ï´Ù. ÀÌ ÇÏÀ§ Á¶Á÷Àº SPA ¿ªÇÒÀÌ ÁÖ¾îÁú »ç¿ëÀÚ¸¦ ¼ö¿ëÇØ¾ß ÇÕ´Ï´Ù. ÀÚ¼¼ÇÑ ³»¿ëÀº ÀÌ ÀåÀÇ °ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼ºÀ» ÂüÁ¶ÇϽʽÿÀ.
À̹ø ¸±¸®½º¿¡¼ÀÇ °í·Á »çÇ×
À̹ø Delegated Administrator ¸±¸®½º¿¡¼´Â Delegated Administrator ÄÜ¼Ö ¶Ç´Â À¯Æ¿¸®Æ¼¸¦ »ç¿ëÇÏ¿© SPA³ª °ø±Þ¾÷ü Á¶Á÷À» ¸¸µé ¼ö ¾ø½À´Ï´Ù.
SPA ¶Ç´Â °ø±Þ¾÷ü Á¶Á÷À» ¸¸µé·Á¸é »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®ÀÎ da.provider.skeleton.ldif¸¦ ¼öµ¿À¸·Î ¼öÁ¤ÇØ¾ß ÇÕ´Ï´Ù.
»ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®¸¦ »ç¿ëÇÏ¿© ÀÌ ÀÛ¾÷À» ¼öÇàÇÏ´Â °Í¿¡ ´ëÇÑ ÁöħÀº ÀÌ ºÎ·ÏÀÇ µÞºÎºÐ¿¡ ÀÖ´Â ¹× °ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼ºÀ» ÂüÁ¶ÇϽʽÿÀ.
SPA°¡ °ü¸®ÇÏ´Â Á¶Á÷SPA´Â ÇØ´ç SPAÀÇ °ø±Þ¾÷ü Á¶Á÷ ¾Æ·¡¿¡¼ ´ÙÀ½ À¯ÇüÀÇ ÇÏÀ§ Á¶Á÷À» ¸¸µé°í ¼öÁ¤ÇÏ¸ç »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷, Àüü Á¶Á÷ ¹× °øÀ¯ Á¶Á÷Àº À̾îÁö´Â Àý¿¡¼ ¼³¸íÇÕ´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷
°ø±Þ¾÷ü Á¶Á÷Àº Àüü Á¶Á÷ ¹× °øÀ¯ Á¶Á÷À» ³í¸®ÀûÀ¸·Î ¼ö¿ëÇÏ´Â LDAP µð·ºÅ丮»óÀÇ ³ëµåÀÔ´Ï´Ù. °ø±Þ¾÷ü Á¶Á÷ ³ëµå¿¡´Â SPA°¡ ÇÏÀ§ Á¶Á÷À» °ü¸®ÇÒ ¼ö ÀÖ°Ô ÇÏ´Â ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
LDAP µð·ºÅ丮¿¡¼ °ø±Þ¾÷ü Á¶Á÷Àº ¸ÞÀÏ µµ¸ÞÀÎ ¾Æ·¡¿¡ À§Ä¡ÇØ¾ß ÇÕ´Ï´Ù. ÀÌ ºÎ·Ï µÞºÎºÐ¿¡ ÀÖ´Â »ùÇà ¼¹ö °ø±Þ¾÷ü Á¶Á÷ µ¥ÀÌÅÍ¿¡¼ ¿¹¸¦ È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷Àº »ç¿ëÀÚ Ç׸ñÀ» Æ÷ÇÔÇÒ ¼ö ¾ø½À´Ï´Ù. ±× ´ë½Å »ç¿ëÀÚ´Â °ø±Þ¾÷ü Á¶Á÷ ¾Æ·¡¿¡ »ý¼ºµÈ Á¶Á÷¿¡¼ °ü¸®ÇÕ´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷Àº ÀÚ½ÅÀÇ ÇÏÀ§ Á¶Á÷¿¡ ´ëÇÑ µð·ºÅ丮 Á¤º¸¸¦ ÀúÀåÇÕ´Ï´Ù. ¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
Àüü Á¶Á÷
Àüü Á¶Á÷Àº ´ÙÀ½°ú °°Àº Ư¡À» °®½À´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ user2´Â sesta.com µµ¸ÞÀο¡ ¼ÓÇØ ÀÖÀ¸¸ç ¸ÞÀÏ ÁÖ¼Ò´Â user2@sesta.comÀÔ´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ Àüü Á¶Á÷ÀÎ SESTA´Â sesta.comÀ̶ó´Â µµ¸ÞÀÎ À̸§À» °®½À´Ï´Ù.
°øÀ¯ Á¶Á÷
°øÀ¯ Á¶Á÷Àº ´ÙÀ½°ú °°Àº Ư¡À» °®½À´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ user5´Â siroe.com µµ¸ÞÀο¡ ¼ÓÇØ ÀÖÀ¸¸ç ¸ÞÀÏ ÁÖ¼Ò´Â user5@siroe.comÀÔ´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ °øÀ¯ Á¶Á÷ DEF´Â siroe.comÀ̶ó´Â µµ¸ÞÀÎ À̸§À» »ç¿ëÇÕ´Ï´Ù.
±×¸² A-1ÀÇ ¿¹¿¡¼ DEF¿Í HIJ Á¶Á÷ ¸ðµÎ siroe.com µµ¸ÞÀο¡ ¼ÓÇØ ÀÖ½À´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼ºÀ̹ø Delegated Administrator ¸±¸®½º¿¡¼´Â Á÷Á¢ °ø±Þ¾÷ü Á¶Á÷°ú SPA¸¦ ¸¸µé·Á¸é Delegated Administrator¿¡¼ Á¦°øÇÑ »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®(da.provider.skeleton.ldif)¸¦ »ç¿ëÇØ¾ß ÇÕ´Ï´Ù.
ÁÖ
¶ÇÇÑ Delegated Administrator ±¸¼º ÇÁ·Î±×·¥À» ½ÇÇàÇÒ ¶§ »ùÇà °ø±Þ¾÷ü Á¶Á÷(ÇÏÀ§ Á¶Á÷ Æ÷ÇÔ)°ú »ùÇà SPA¸¦ µð·ºÅ丮¿¡ ¼³Ä¡ÇÒ ¼ö ÀÖ½À´Ï´Ù. ±¸¼º ÇÁ·Î±×·¥¿¡¼ »ùÇà Á¶Á÷ ·Îµå¸¦ ¼±ÅÃÇÏ¸é µË´Ï´Ù.
ÇÏÁö¸¸ »ùÇà Á¶Á÷ ÅÛÇø®Æ®(da.sample.data.ldif)´Â Á÷Á¢ °ø±Þ¾÷ü Á¶Á÷À» ¸¸µé±â À§ÇÑ ÅÛÇø®Æ®°¡ ¾Æ´Ï¶ó ¿¹·Î »ç¿ëÇϵµ·Ï Á¦°øµÈ °ÍÀÔ´Ï´Ù. ÀÌ ¿¹¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº ÀÌ ºÎ·ÏÀÇ µÞºÎºÐ¿¡ ÀÖ´Â »ùÇà ¼¹ö °ø±Þ¾÷ü Á¶Á÷ µ¥ÀÌÅ͸¦ ÂüÁ¶ÇϽʽÿÀ.
°ø±Þ¾÷ü Á¶Á÷°ú SPA¸¦ ¸¸µé¾ú´Ù¸é ÀÌ SPA´Â Delegated Administrator Äֿܼ¡ ·Î±×ÀÎÇÏ¿© ÇÏÀ§ Á¶Á÷À» ¸¸µé¾î °ü¸®ÇÏ°í SPA Á¶Á÷ÀÇ ´Ù¸¥ »ç¿ëÀÚ¿¡°Ô SPA ¿ªÇÒÀ» ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÇÏÁö¸¸ ÀÌ SPA´Â µ¿ÀÏÇÑ °ø±Þ¾÷ü Á¶Á÷¸¸ °ü¸®ÇÒ ¼ö ÀÖ½À´Ï´Ù.
¶Ç ´Ù¸¥ °ø±Þ¾÷ü Á¶Á÷ ¹× À̸¦ °ü¸®ÇÒ SPA¸¦ ¸¸µé·Á¸é »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®¸¦ ´Ù½Ã »ç¿ëÇØ¾ß ÇÕ´Ï´Ù.
ÀÌ ÀýÀº ´ÙÀ½ ³»¿ëÀ¸·Î ±¸¼ºµÇ¾î ÀÖ½À´Ï´Ù.
- ÅÛÇø®Æ®¿¡¼ »ý¼ºÇÏ´Â Ç׸ñ¿¡¼´Â ÀÌ ÅÛÇø®Æ®ÀÇ ÆíÁýµÈ º¹»çº»ÀÌ µð·ºÅ丮¿¡ ¼³Ä¡µÉ °æ¿ì »ý¼ºµÇ´Â Á¶Á÷ÀÇ ¿¹¸¦ º¸¿© ÁÝ´Ï´Ù.
- °ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ Á¶Á÷ ¹× SPA »ý¼º¿¡ ÇÊ¿äÇÑ Á¤º¸¿¡¼´Â °ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ °øÀ¯ Á¶Á÷ ¹× SPA¸¦ ¸¸µé ¶§ ÇÊ¿äÇÑ ÅÛÇø®Æ®ÀÇ ¸Å°³ º¯¼ö¸¦ Á¤ÀÇÇÕ´Ï´Ù.
- °ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼º ´Ü°è¿¡¼´Â ÅÛÇø®Æ®¸¦ ÆíÁýÇÏ°í µð·ºÅ丮¿¡ ±× Á¤º¸¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®´Â ÅÛÇø®Æ®ÀÇ ¸ñ·ÏÀÔ´Ï´Ù.
ÅÛÇø®Æ®¿¡¼ »ý¼ºÇÏ´Â Ç׸ñ
»ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®ÀÇ ÆíÁýµÈ º¹»çº»À» µð·ºÅ丮¿¡ ¼³Ä¡ÇÏ¸é ´ÙÀ½ Ç׸ñÀÌ ¸¸µé¾îÁý´Ï´Ù.
±×¸² A-2¿¡¼´Â ÅÛÇø®Æ® ¼³Ä¡·Î »ý¼ºµÇ´Â Ç׸ñÀÇ ¿¹¸¦ º¸¿© ÁÝ´Ï´Ù. Á¶Á÷¿¡ ´ëÇÑ µð·ºÅ丮 Á¤º¸ Æ®¸®(DIT) ºäÀÔ´Ï´Ù.
±×¸² A-2´Â ¿¹ÀÏ »ÓÀÔ´Ï´Ù. ¼³Ä¡ ȯ°æ¿¡ ÀûÇÕÇÑ Á¶Á÷ À̸§, SPA »ç¿ëÀÚ À̸§ ¹× DIT ±¸Á¶°¡ »ç¿ëµÇ¾î¾ß ÇÕ´Ï´Ù.
±×¸² A-2
Custom Service-Provider ÅÛÇø®Æ®: µð·ºÅ丮 Á¤º¸ Æ®¸® ºä
»ùÇà ¼³Ä¡µÈ »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®¿¡¼ÀÇ ³ëµå
±×¸² A-2¿¡¼ ¼Ò°³ÇÏ´Â ¿¹ÀÇ ³ëµå´Â ´ÙÀ½°ú °°½À´Ï´Ù.
- o=usergroup - »ç¿ëÀÚ/±×·ì µ¥ÀÌÅÍÀÇ ·çÆ® Á¢¹Ì¾î
- o=siroe.com - °ø±Þ¾÷ü Á¶Á÷¿¡¼ »ç¿ëÇÏ´Â ¸ÞÀÏ µµ¸ÞÀÎ
- o=MyProviderOrg - °ø±Þ¾÷ü Á¶Á÷ ³ëµå
- o=MySPAUserOrg - SPA ¿ªÇÒÀÌ ÁÖ¾îÁø »ç¿ëÀÚ¸¦ ºñ·ÔÇÏ¿© °ø±Þ¾÷ü Á¶Á÷ »ç¿ëÀÚ¸¦ ¼ö¿ëÇϵµ·Ï ÁöÁ¤µÈ ÇÏÀ§ °øÀ¯ Á¶Á÷
- ou=people - »ç¿ëÀÚ¸¦ ¼ö¿ëÇÏ´Â µ¥ ÇÊ¿äÇÑ Ç¥ÁØ LDAP Á¶Á÷ ´ÜÀ§
- uid=user1 - MySPAUserOrg Á¶Á÷¿¡¼ SPA·Î ÁöÁ¤µÈ »ç¿ëÀÚÀÇ uid
- o=MyProviderOrgDomainsRoot - MyProviderOrg °ø±Þ¾÷ü Á¶Á÷ÀÇ ÇÏÀ§ Àüü Á¶Á÷À» ¼ö¿ëÇÒ ÀÚ¸® Ç¥½ÃÀÚ ³ëµå
°ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ Á¶Á÷ ¹× SPA »ý¼º¿¡ ÇÊ¿äÇÑ Á¤º¸
°ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ Á¶Á÷ ¹× SPA¸¦ ¸¸µé·Á¸é »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®ÀÇ ¸Å°³ º¯¼ö¸¦ ¼³Ä¡ ȯ°æ¿¡ ÇØ´çÇÏ´Â Á¤º¸·Î ¹Ù²ã¾ß ÇÕ´Ï´Ù.
ÀÌ ¸Å°³ º¯¼ö¸¦ ¼³¸íÇÏ´Â ºÎºÐ¿¡¼ »ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®¿¡ ³ªÅ¸³ª´Â da.provider.skeleton.ldifÀÇ ¸ñ·ÏÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù. ¶Ç´Â ´ÙÀ½ µð·ºÅ丮¿¡ ÀÖ´Â ½ÇÁ¦ ldif ÆÄÀÏÀ» ¿¾î º¼ ¼ö ÀÖ½À´Ï´Ù.
da_base/lib/config-templates
ÀÌ ¸Å°³ º¯¼ö¿Í °ü·ÃµÈ ¼Ó¼ºÀÇ Á¤ÀÇ´Â Sun Java System Communications Services Schema ReferenceÀÇ “5Àå: Communications Services Delegated Administrator(Schema 2)°¡ »ç¿ëÇϴ Ŭ·¡½º ¹× ¼Ó¼º” ¹× “3Àå: ¼Ó¼º”À» ÂüÁ¶ÇϽʽÿÀ.
°ø±Þ¾÷ü ¹× ÇÏÀ§ Á¶Á÷À» Á¤ÀÇÇÏ´Â ¸Å°³ º¯¼ö
°ø±Þ¾÷ü Á¶Á÷ ¹× ÇÏÀ§ Á¶Á÷À» ¸¸µé·Á¸é ´ÙÀ½ ¸Å°³ º¯¼ö¸¦ ÆíÁýÇÕ´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷ÀÇ À̸§. °ø±Þ¾÷ü Á¶Á÷ÀÌ À§Ä¡ÇÏ´Â µð·ºÅ丮 ³ëµå¿¡ ÀÌ À̸§ÀÌ ºÎ¿©µË´Ï´Ù.
ÀÌ ¸Å°³ º¯¼ö´Â da.provider.skeleton.ldif ÅÛÇø®Æ®¿¡¼ ¿©·¯ Â÷·Ê »ç¿ëµË´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunProviderOrgDN: o=MyProviderOrg,o=siroe.com,o=usergroup
o=MyProviderOrg
sunBusinessOrgBase: o=MyProviderOrgdomainsroot, o=usergroup
°ø±Þ¾÷ü Á¶Á÷ÀÇ ÇÏÀ§ Á¶Á÷ »ç¿ëÀÚ¿¡°Ô ÁöÁ¤µÉ ¼ö ÀÖ´Â ¼ºñ½º ÆÐÅ°Áö À̸§. ¿©·¯ °³ÀÇ °ª ¸Å°³ º¯¼öÀÔ´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ “Provider Organization” ¼½¼Ç¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
sunIncludeServices: <servicepackage>
°ø±Þ¾÷ü Á¶Á÷¿¡ Æ÷ÇÔ½Ãų ¼ºñ½º ÆÐÅ°Áö¸¶´Ù sunIncludeServices ¼Ó¼º ¹× servicepackage ¸Å°³ º¯¼öÀÇ ÀνºÅϽº¸¦ Çϳª¾¿ Ãß°¡ÇÕ´Ï´Ù. ¿©±â¿¡ Ç¥½ÃµÈ ¼ºñ½º ÆÐÅ°Áö¸¸ ÇÏÀ§ Á¶Á÷ »ç¿ëÀÚ¿¡°Ô ÁöÁ¤µÉ ¼ö ÀÖ½À´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunIncludeServices: gold
sunIncludeServices: platinum
sunIncludeServices: ruby
sunIncludeServices: silversunIncludeServices ¼Ó¼ºÀ» »ç¿ëÇÏÁö ¾Ê´Â´Ù¸é(servicepackage ¸Å°³ º¯¼ö¸¦ Æ÷ÇÔÇÏ´Â ÁÙÀ» »èÁ¦ÇÏ´Â °æ¿ì) µð·ºÅ丮ÀÇ ¸ðµç ¼ºñ½º ÆÐÅ°Áö¸¦ ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù.
°ø±Þ¾÷ü Á¶Á÷ÀÇ ÇÏÀ§ Á¶Á÷¿¡ ÁöÁ¤µÉ ¼ö ÀÖ´Â µµ¸ÞÀÎ À̸§. ¿©·¯ °³ÀÇ °ª ¸Å°³ º¯¼öÀÔ´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ “Provider Organization”¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
sunAssignableDomains: <domain_name>
sunAssignableDomains ¼Ó¼º¿¡¼ÀÇ µµ¸ÞÀÎ À̸§Àº ¸ÞÀÏ µµ¸ÞÀÎ Á¶Á÷ÀÇ sunPreferredDomain ¹× associatedDomain ¼Ó¼º¿¡ ³ª¿µÈ À̸§ÀÇ ÀϺÎ(¶Ç´Â ÀüºÎ)ÀÔ´Ï´Ù(¸ÞÀÏ µµ¸ÞÀÎÀº ±× ¾Æ·¡¿¡¼ ÀÌ °ø±Þ¾÷ü Á¶Á÷ÀÌ ¸¸µé¾îÁö´Â Á¶Á÷ÀÔ´Ï´Ù).
°ø±Þ¾÷ü Á¶Á÷¿¡ Æ÷ÇÔ½Ãų µµ¸ÞÀÎ À̸§¸¶´Ù sunAssignableDomains ¼Ó¼º ¹× domain_name ¸Å°³ º¯¼öÀÇ ÀνºÅϽº¸¦ Çϳª¾¿ Ãß°¡ÇÕ´Ï´Ù. ¿©±â¿¡ ³ª¿µÈ µµ¸ÞÀÎ À̸§¸¸ ÇÏÀ§ Á¶Á÷¿¡ ÁöÁ¤µÉ ¼ö ÀÖ½À´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunAssignableDomains: siroe.com
sunAssignableDomains: siroe.net
sunAssignableDomains: varrius.com
sunAssignableDomains: sesta.com
sunAssignableDomains: sesta.net
SPA »ç¿ëÀÚ°¡ À§Ä¡ÇÏ´Â °øÀ¯ µµ¸ÞÀÎÀÇ À̸§. ÆíÁýµÈ ldif Á¤º¸¸¦ µð·ºÅ丮¿¡ ¼³Ä¡ÇÏ¸é °ø±Þ¾÷ü Á¶Á÷ÀÇ ÇÏÀ§ °øÀ¯ Á¶Á÷À¸·Î ÀÌ Á¶Á÷ÀÌ ¸¸µé¾îÁý´Ï´Ù. SPA »ç¿ëÀÚ¸¦ ¼ö¿ëÇÏ´Â Á¶Á÷À¸·Î ÁöÁ¤µË´Ï´Ù. ÀÌ °ø±Þ¾÷ü Á¶Á÷ÀÇ SPA ¿ªÇÒÀÌ ÁÖ¾îÁø ´Ù¸¥ »ç¿ëÀÚ´Â ÀÌ ÇÏÀ§ °øÀ¯ Á¶Á÷¿¡ À§Ä¡ÇØ¾ß ÇÕ´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ “Provider Organization” ¼½¼Ç¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
sunProviderOrgDN:
o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>sunProviderOrgDN ¼Ó¼ºÀº °ø±Þ¾÷ü Á¶Á÷ »ç¿ëÀÚ, ƯÈ÷ SPA »ç¿ëÀÚ°¡ ¼ÓÇÏ´Â Á¶Á÷À» ½Äº°ÇÕ´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunProviderOrgDN:
o=MySPAUserOrg,o=MyProviderOrg,o=siroe.com,o=usergroup
°ø±Þ¾÷ü Á¶Á÷ÀÇ (SPA »ç¿ëÀÚ°¡ ¼ÓÇÑ)ÇÏÀ§ Á¶Á÷¿¡¼ ±âº» ¸ÞÀÏ È£½ºÆ®ÀÇ ½Ã½ºÅÛ À̸§. Á¤±ÔÈµÈ µµ¸ÞÀÎ À̸§(FQDN)À» »ç¿ëÇØ¾ß ÇÕ´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ “Shared Subordinate Organization” ¼½¼Ç¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
preferredMailHost: <preferredmailhost>
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
preferredMailHost: mail.siroe.com
ƯÁ¤ ÇÏÀ§ Á¶Á÷ÀÇ »ç¿ëÀÚ¿¡°Ô ÁöÁ¤µÉ ¼ö ÀÖ´Â µµ¸ÞÀÎ À̸§. ¿©·¯ °³ÀÇ °ª ¸Å°³ º¯¼öÀÔ´Ï´Ù.
available_domain_nameÀÇ °ªÀº sunAssignableDomains: <domain_name> ¼Ó¼º ¹× ¸Å°³ º¯¼öÀÇ °ª Áß ÇØ´çµÇ´Â ÀϺÎÀÔ´Ï´Ù. domain_nameÀÌ °ø±Þ¾÷ü Á¶Á÷ Àüü¿¡ Àû¿ëµÈ´Ù¸é available_domain_nameÀº ÇϳªÀÇ ÇÏÀ§ Á¶Á÷¿¡ Àû¿ëµË´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ “Shared Subordinate Organization” ¼½¼Ç¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
sunAvailableDomainNames: <available_domain_name>
ÀÌ ÇÏÀ§ Á¶Á÷ÀÌ °ø±Þ¾÷ü Á¶Á÷ÀÇ sunAssignableDomains ¼Ó¼º¿¡ ÀÖ´Â µµ¸ÞÀÎ À̸§ ¸ñ·Ï Áß¿¡¼ »ó¼ÓÇÏ·Á´Â µµ¸ÞÀÎ À̸§¸¶´Ù sunAvailableDomains ¼Ó¼º ¹× available_domain_name ¸Å°³ º¯¼öÀÇ ÀνºÅϽº¸¦ Çϳª¾¿ Ãß°¡ÇÕ´Ï´Ù. ¿©±â ³ª¿µÈ µµ¸ÞÀÎ À̸§¸¸ ÇÏÀ§ Á¶Á÷¿¡ ÁöÁ¤µÉ ¼ö ÀÖ½À´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunAvailableDomainNames: siroe.com
sunAvailableDomainNames: siroe.net
sunAvailableDomainNames: varrius.com
ƯÁ¤ ÇÏÀ§ Á¶Á÷¿¡¼ »ç¿ë °¡´ÉÇÑ ¼ºñ½º ÆÐÅ°Áö. ¿©·¯ °³ÀÇ °ª ¸Å°³ º¯¼öÀÔ´Ï´Ù.
ÇÏÀ§ Á¶Á÷¿¡ ÁöÁ¤µÇ´Â ¼ºñ½º ÆÐÅ°Áö´Â °ø±Þ¾÷ü Á¶Á÷ Àüü¿¡ ÁöÁ¤µÇ°í sunIncludeServices ¼Ó¼ºÀ» °®´Â ¼ºñ½º ÆÐÅ°ÁöÀÇ ÀϺÎÀÔ´Ï´Ù.
da.provider.skeleton.ldif ÆÄÀÏÀÇ Shared Subordinate Organization ¼½¼Ç¿¡ ´ÙÀ½ ¼Ó¼ºÀÌ ÀÖ½À´Ï´Ù.
sunAvailableServices: <available_services>
available_services ¸Å°³ º¯¼öÀÇ Çü½ÄÀº ´ÙÀ½°ú °°½À´Ï´Ù.
Service package name: count
¿©±â¼ count´Â Á¤¼öÀÔ´Ï´Ù. count°¡ ¾øÀ¸¸é ±âº»°ªÀº ¹«Á¦ÇÑ ¼öÀÔ´Ï´Ù.
ÀÌ ÇÏÀ§ Á¶Á÷ÀÌ °ø±Þ¾÷ü Á¶Á÷ÀÇ sunIncludeServices ¼Ó¼º¿¡¼ »ç¿ë °¡´ÉÇÑ ¼ºñ½º ÆÐÅ°Áö Áß¿¡¼ »ó¼ÓÇÏ·Á´Â ¼ºñ½º ÆÐÅ°Áö¸¶´Ù sunAvailableServices ¼Ó¼º ¹× available_services ¸Å°³ º¯¼öÀÇ ÀνºÅϽº¸¦ Çϳª¾¿ Ãß°¡ÇÕ´Ï´Ù.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
sunAvailableServices: gold:1500
sunAvailableServices: platinum:2000
sunAvailableServices: silver:5000SPA¸¦ Á¤ÀÇÇÏ´Â ¸Å°³ º¯¼ö
SPA¸¦ ¸¸µé·Á¸é ´ÙÀ½ ¸Å°³ º¯¼ö¸¦ ÆíÁýÇÕ´Ï´Ù.
SPA »ç¿ëÀÚ¿¡°Ô ÁöÁ¤µÈ ¼ºñ½º ÆÐÅ°Áö. ¼ºñ½º ÆÐÅ°Áö¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº
1Àå, "Delegated Administrator °³¿ä"ÀÇ ¼ºñ½º ÆÐÅ°Áö¸¦ ÂüÁ¶ÇϽʽÿÀ.¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
inetCos: platinum
SPA »ç¿ëÀÚÀÇ ¸ÞÀÏ ÁÖ¼Ò. ¸ÞÀÏ ÁÖ¼Ò Áß µµ¸ÞÀÎ ºÎºÐÀº available_domain_name ¸Å°³ º¯¼ö¸¦ ±³Ã¼ÇÏ´Â µµ¸ÞÀÎ °ª Áß Çϳª°¡ µÇ¾î¾ß ÇÕ´Ï´Ù. Áï SPA »ç¿ëÀÚ°¡ ¼ÓÇÑ ÇÏÀ§ Á¶Á÷¿¡¼ »ç¿ë °¡´ÉÇÑ µµ¸ÞÀÎÀ̾î¾ß ÇÕ´Ï´Ù. ÀÚ¼¼ÇÑ ³»¿ëÀº available_domain_nameÀ» ÂüÁ¶ÇϽʽÿÀ.
¿¹¸¦ µé¸é ´ÙÀ½°ú °°½À´Ï´Ù.
mail: user1@siroe.com
»ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®¸¦ ÆíÁýÇÏ°í µð·ºÅ丮¿¡ Á¤º¸¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ý¿¡ ´ëÇÑ ÁöħÀº °ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼º ´Ü°è¸¦ ÂüÁ¶ÇϽʽÿÀ.
°ø±Þ¾÷ü Á¶Á÷ ¹× ¼ºñ½º °ø±Þ¾÷ü °ü¸®ÀÚ »ý¼º ´Ü°è
°ø±Þ¾÷ü Á¶Á÷ ¹× SPA¸¦ ¸¸µé·Á¸é ´ÙÀ½ ´Ü°è¸¦ ¼öÇàÇÕ´Ï´Ù.
- µð·ºÅ丮¿¡ ¸ÞÀÏ µµ¸ÞÀÎÀ» ¸¸µì´Ï´Ù.
¾ÆÁ÷ ¸¸µéÁö ¾Ê¾Ò´Ù¸é µð·ºÅ丮¿¡ ¸ÞÀÏ µµ¸ÞÀÎÀ» ¸¸µì´Ï´Ù. °ø±Þ¾÷ü Á¶Á÷ ¹× ±× ÇÏÀ§ °øÀ¯ Á¶Á÷ÀÌ ÀÌ ¸ÞÀÏ µµ¸ÞÀÎÀ» »ç¿ëÇÏ°Ô µË´Ï´Ù.
- da.provider.skeleton.ldif ÆÄÀÏÀ» º¹»çÇÏ°í À̸§À» ¹Ù²ß´Ï´Ù.
Delegated Administrator ¼³Ä¡ ½Ã da.provider.skeleton.ldif ÆÄÀÏÀÌ ´ÙÀ½ µð·ºÅ丮¿¡ ¼³Ä¡µË´Ï´Ù.
da_base/lib/config-templates
- da.provider.skeleton.ldif ÆÄÀÏÀÇ º¹»çº»¿¡¼ ´ÙÀ½ ¸Å°³ º¯¼ö¸¦ ÆíÁýÇÕ´Ï´Ù. ¸Å°³ º¯¼ö¸¦ ¼³Ä¡ ȯ°æ¿¡ ÀûÇÕÇÑ °ªÀ¸·Î ¹Ù²ß´Ï´Ù.
¸Å°³ º¯¼ö Á¤ÀÇ´Â °ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ Á¶Á÷ ¹× SPA »ý¼º¿¡ ÇÊ¿äÇÑ Á¤º¸¸¦ ÂüÁ¶ÇϽʽÿÀ.
ÀϺΠ¸Å°³ º¯¼ö´Â ldif ÆÄÀÏ¿¡¼ µÎ Â÷·Ê ÀÌ»ó »ç¿ëµË´Ï´Ù. °¢ ¸Å°³ º¯¼öÀÇ ¸ðµç ÀνºÅϽº¸¦ °Ë»öÇÏ¿© ¹Ù²ã¾ß ÇÕ´Ï´Ù.
¸î¸î ¸Å°³ º¯¼ö´Â ¿©·¯ °³ÀÇ °ª ¼Ó¼º¿¡ ´ëÇÑ °ªÀ» ³ªÅ¸³À´Ï´Ù. ÀÌ·¯ÇÑ ¸Å°³ º¯¼ö´Â ÇØ´ç ¼Ó¼º À̸§°ú ÇÔ²² º¹»çÇÏ¿© ÆíÁýÇÔÀ¸·Î½á ldif ÆÄÀÏ¿¡¼ ¼Ó¼ºÀÇ ¿©·¯ ÀνºÅϽº¸¦ Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. ¿©·¯ °³ÀÇ °ª ¸Å°³ º¯¼ö´Â ´ÙÀ½°ú °°½À´Ï´Ù.
- <ugldapbasedn>
- <maildomain_dn>
- <maildomain_dn_str>
- <providerorg>
- <servicepackage>(´ÙÁß°ª)
- <domain_name>(´ÙÁß°ª)
- <provider_sub_org>
- <preferredmailhost>
- <available_domain_name>(´ÙÁß °ª)
- <available_services>(´ÙÁß°ª)
- <spa_uid>
- <spa_password>
- <spa_firstname>
- <spa_lastname>
- <spa_servicepackage>
- <spa_mailaddress>
ÀÌ ¸Å°³ º¯¼ö¿Í °ü·ÃµÈ ¼Ó¼º¿¡ ´ëÇÑ Á¤ÀÇ´Â Sun Java System Communications Services Schema ReferenceÀÇ 5Àå: Communications Services Delegated Administrator(Schema 2)°¡ »ç¿ëÇϴ Ŭ·¡½º ¹× ¼Ó¼º ¹× 3Àå: ¼Ó¼º”À» ÂüÁ¶ÇϽʽÿÀ.
- LDAP µð·ºÅ丮 µµ±¸ ldapmodify¸¦ »ç¿ëÇÏ¿© °ø±Þ¾÷ü Á¶Á÷ ¹× SPA¸¦ µð·ºÅ丮¿¡ ¼³Ä¡ÇÕ´Ï´Ù.
¿¹¸¦ µé¾î, ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇÒ ¼ö ÀÖ½À´Ï´Ù.
ldapmodify -D <directory manager> -w <password>
-f <da.provider.finished.ldif>¿©±â¼
<directory manager>´Â Directory Server °ü¸®ÀÚÀÇ À̸§ÀÔ´Ï´Ù.
<password>´Â Directory Server °ü¸®ÀÚÀÇ ºñ¹Ð¹øÈ£ÀÔ´Ï´Ù.
<da.provider.finished.ldif>´Â »õ °ø±Þ¾÷ü Á¶Á÷ ¹× SPA·Î¼ µð·ºÅ丮¿¡ ¼³Ä¡µÈ ÆíÁýµÈ ldif ÆÄÀÏÀÇ À̸§ÀÔ´Ï´Ù.
»ç¿ëÀÚ Á¤ÀÇ ¼ºñ½º °ø±Þ¾÷ü ÅÛÇø®Æ®
ÀÌ ÅÛÇø®Æ®(da.provider.skeleton.ldif)¿¡´Â »õ °ø±Þ¾÷ü Á¶Á÷ ¹× SPA¸¦ ¸¸µé±â À§ÇØ ¼öÁ¤ÇØ¾ß ÇÒ ¸Å°³ º¯¼ö°¡ µé¾î ÀÖ½À´Ï´Ù.
¾Æ·¡ ¸ñ·Ï¿¡¼´Â ldif ÆÄÀÏ¿¡¼ ¸Å°³ º¯¼ö°¡ ÀÖ´Â ¼½¼ÇÀ» º¸¿© ÁÝ´Ï´Ù. ÆÄÀÏ Àüü°¡ Æ÷ÇÔµÈ °ÍÀº ¾Æ´Õ´Ï´Ù. Access Manager Áö¿ø¿¡ ÇÊ¿äÇÑ Ç׸ñ ¹× ACI´Â ¿©±â¿¡ Æ÷ÇÔµÇÁö ¾Ê¾Ò½À´Ï´Ù.
ldif ÆÄÀÏ¿¡¼ ¸Å°³ º¯¼ö¸¸ ¼öÁ¤ÇØ¾ß ÇÕ´Ï´Ù. Access Manager¿Í °ü·ÃµÈ ÆÄÀÏ ¼½¼ÇÀº ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù.
da.provider.skeleton.ldif File(°ü·Ã ¼½¼Ç)
#
# The following parameterized values must be replaced.
#
# <ugldapbasedn> :: Root suffix for user/group data
# <maildomain_dn> :: Complete dn of the mail domain underneath which the
# provider organization will be created.
# <maildomain_dn_str> :: The maildomain dn with all ',' replaced by '_'. E.g.
# dn --> o=siroe.com,o=SharedDomainsRoot,o=Business,
# dc=red,dc=iplanet,dc=com
# dn_str --> o=siroe.com_o=SharedDomainsRoot_o=Business_
# dc=red_dc=iplanet_dc=com
# <providerorg> : Organization value for provider node.
# <servicepackage> :: One for each service package to include.
# All service packages in the system may be assigned
# by leaving this value empty.
# <domain_name> :: One for each DNS name which may be assigned to a
# subordinate organization.
# These names form a proper subset (some or all) of the
# names listed in the <maildomain> organization's
# sunpreferreddomain and associateddomain attributes.
# <provider_sub_org> :: Organization value for the shared subordinate
# organization in which the Provider Administrator resides.
# <preferredmailhost> :: Name of the preferred mail host for the provider's
# subordinate organization.
# <available_domain_name> :: one for each DNS name that an organization allows an
# organization admin to use when creating a user's mail
# address. This is a proper subset of the values given
# for <domain_name> (sunAssignableDomains attribute).
# <available_services> :: One for each service packags available to an
# organization (sunAvailableServices attribute). These
# service packages form a proper subset of the ones
# assigned to a provider organization - <servicepackage> # (sunIncludeServices attribute). Form is
# <service package name>:<count>
# where count is an integer. If count is absent then
# default is unlimited.
# <spa_uid> :: The uid for the SPA(Service Provider Administrator).
# <spa_password> :: The password for the SPA(Service Provider Administrator).
# <spa_firstname> :: First name of the SPA(Service Provider Administrator).
# <spa_lastname> :: Last name of the service provider administrator.
# <spa_servicepackage> :: Service package assigned to the service provider
# administrator.
# <spa_mailaddress> :: The spa's mail address. The domain part of the mail
# address must be one of the values used for
# <available_domain_name>.
#
#
# Provider Organization
#
dn: o=<providerorg>,<maildomain_dn>
changetype: add
o: <providerorg>
objectClass: top
objectClass: sunismanagedorganization
objectClass: sunmanagedorganization
objectClass: organization
objectClass: sunManagedProvider
sunAllowBusinessOrgType: full
sunAllowBusinessOrgType: shared
sunBusinessOrgBase: o=<providerorg>domainsroot,<ugldapbasedn>
sunIncludeServices: <servicepackage>
sunAssignableDomains: <domain_name>
sunAllowMultipleDomains: true
sunAllowOutsideAdmins: false
sunProviderOrgDN: o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
# .
# .
# [Entries and ACIs required by Access Manager]
# .
# .
#
# Full Organizations node
#
dn: o=<providerorg>DomainsRoot,<ugldapbasedn>
changetype: add
o: <providerorg>DomainsRoot
objectClass: top
objectClass: organization
objectClass: sunmanagedorganization
# .
# .
# [Entries and ACIs required by Access Manager]
# .
# .
#
# Provider Admin Role shared organizations
#
dn: cn=Provider Admin Role,o=<providerorg>,<maildomain_dn>
changetype: add
cn: Provider Admin Role
objectClass: ldapsubentry
objectClass: nssimpleroledefinition
objectClass: nsroledefinition
objectClass: nsmanagedroledefinition
objectClass: iplanet-am-managed-role
objectClass: top
iplanet-am-role-description: Provider Admin
#
# Provider Admin Role full organizations
#
dn: cn=Provider Admin Role,o=<providerorg>DomainsRoot,<ugldapbasedn>
changetype: add
cn: Provider Admin Role
objectClass: ldapsubentry
objectClass: nssimpleroledefinition
objectClass: nsroledefinition
objectClass: nsmanagedroledefinition
objectClass: iplanet-am-managed-role
objectClass: top
iplanet-am-role-description: Provider Admin
#
# Shared Subordinate Organization. Includes 1 users who is the Provider Administrator.
#
dn: o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
changetype: add
preferredMailHost: <preferredmailhost>
sunNameSpaceUniqueAttrs: uid
o: <provider_sub_org>
objectClass: inetdomainauthinfo
objectClass: top
objectClass: sunismanagedorganization
objectClass: sunnamespace
objectClass: sunmanagedorganization
objectClass: organization
objectClass: sunDelegatedOrganization
objectClass: sunMailOrganization
sunAvailableDomainNames: <available_domain_name>
sunAvailableServices: <available_services>
sunOrgType: shared
sunMaxUsers: -1
sunNumUsers: 1
sunMaxGroups: -1
sunNumGroups: 0
sunEnableGAB: true
sunAllowMultipleServices: true
inetDomainStatus: active
sunRegisteredServiceName: GroupMailService
sunRegisteredServiceName: DomainMailService
sunRegisteredServiceName: UserMailService
sunRegisteredServiceName: iPlanetAMAuthService
sunRegisteredServiceName: UserCalendarService
sunRegisteredServiceName: iPlanetAMAuthLDAPService
sunRegisteredServiceName: DomainCalendarService
# .
# .
# [Entries and ACIs required by Access Manager]
# .
# .
dn: ou=People,o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
changetype: add
ou: People
objectClass: iplanet-am-managed-people-container
objectClass: organizationalUnit
objectClass: top
dn: ou=Groups,o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
changetype: add
ou: Groups
objectClass: iplanet-am-managed-group-container
objectClass: organizationalUnit
objectClass: top
# .
# .
# [Entries and ACIs required by Access Manager]
# .
# .
#
# User - provider administrator
#
dn: uid=<spa_uid>,ou=People,o=<provider_sub_org>,o=<providerorg>,<maildomain_dn>
changetype: add
sn: <spa_lastname>
givenname: <spa_firstname>
cn: <spa_firstname> <spa_lastname>
uid: <spa_uid>
iplanet-am-modifiable-by: cn=Top-level Admin Role,<ugldapbasedn>
objectClass: inetAdmin
objectClass: top
objectClass: iplanet-am-managed-person
objectClass: iplanet-am-user-service
objectClass: iPlanetPreferences
objectClass: person
objectClass: organizationalPerson
objectClass: inetuser
objectClass: inetOrgPerson
objectClass: ipUser
objectClass: inetMailUser
objectClass: inetLocalMailRecipient
objectClass: inetSubscriber
objectClass: userPresenceProfile
objectClass: icsCalendarUser
mailhost: <preferredmailhost>
mail: <spa_mailaddress>
mailDeliveryOption: mailbox
mailuserstatus: active
inetCos: <spa_servicepackage>
inetUserStatus: Active
nsroledn: cn=Provider Admin Role,o=<providerorg>,<maildomain_dn>
userPassword: <spa_password>
»ùÇà ¼¹ö °ø±Þ¾÷ü Á¶Á÷ µ¥ÀÌÅÍDelegated Administrator ±¸¼º ÇÁ·Î±×·¥ config-commda¸¦ ½ÇÇàÇÒ ¶§ (ldif ÆÄÀÏ¿¡ Á¤ÀǵÈ)»ùÇà Á¶Á÷ µ¥ÀÌÅ͸¦ µð·ºÅ丮¿¡ ¼³Ä¡Çϵµ·Ï ¼±ÅÃÇÒ ¼ö ÀÖ½À´Ï´Ù(±¸¼º ÇÁ·Î±×·¥ ½ÇÇà ½Ã ¼ºñ½º ÆÐÅ°Áö ¹× Á¶Á÷ »ùÇà Æгο¡¼ »ùÇà Á¶Á÷ ·Îµå ¼±ÅÃ). ±¸¼º ÇÁ·Î±×·¥Àº da.sample.data.ldif ÆÄÀÏÀ» LDAP µð·ºÅ丮 Æ®¸®¿¡ Ãß°¡ÇÕ´Ï´Ù.
ÀÌ ldif ÆÄÀÏÀº Á÷Á¢ °ø±Þ¾÷ü Á¶Á÷À» ¸¸µé±â À§ÇÑ ÅÛÇø®Æ®°¡ ¾Æ´Ï¶ó ¿¹·Î »ç¿ëµÇµµ·Ï ¸¶·ÃµÇ¾ú½À´Ï´Ù. »õ °ø±Þ¾÷ü Á¶Á÷À» ¸¸µé·Á¸é °ø±Þ¾÷ü Á¶Á÷, ÇÏÀ§ Á¶Á÷ ¹× SPA »ý¼º¿¡ ÇÊ¿äÇÑ Á¤º¸¸¦ ÂüÁ¶ÇϽʽÿÀ.
»ùÇà µ¥ÀÌÅÍ¿¡¼ Á¦°øÇÑ Á¶Á÷
±×¸² A-1¿¡¼´Â »ùÇà ldif ÆÄÀÏ¿¡¼ Á¦°øÇÏ´Â Á¶Á÷ ±¸Á¶¿¡ ´ëÇÑ ³í¸®Àû ºä¸¦ º¸¿© ÁÝ´Ï´Ù (±×¸² A-1¿¡¼´Â ÆÄÀÏ¿¡ Á¸ÀçÇÏÁö ¾Ê´Â °øÀ¯ Á¶Á÷ HIJ Ãß°¡).
»ùÇà ldif ÆÄÀÏ¿¡´Â ·çÆ® Á¢¹Ì¾î ³ëµå ¾Æ·¡¿¡ ´ÙÀ½ Á¶Á÷ÀÌ ÀÖ½À´Ï´Ù.
ldif ÆÄÀÏ¿¡¼´Â ÀÌ Á¶Á÷¿¡ ´ëÇØ ´ÙÀ½ °ü¸® ¿ªÇÒÀ» Á¤ÀÇÇÕ´Ï´Ù.
³í¸®Àû °èÃþ ¹× µð·ºÅ丮 Á¤º¸ Æ®¸®
3Ãþ µð·ºÅ丮 °èÃþ¿¡¼´Â µð·ºÅ丮 Á¤º¸ Æ®¸®(DIT)°¡ ±×¸² A-1ÀÇ ³í¸®Àû ºä¿Í Á¤È®ÇÏ°Ô ÀÏÄ¡ÇÏÁö ¾Ê½À´Ï´Ù. DIT¿¡¼´Â Á¶Á÷ÀÌ ¾à°£ ´Ù¸¥ °èÃþÀ¸·Î ±¸ÇöµË´Ï´Ù.
¿¹¸¦ µé¾î, DIT¿¡¼´Â Àüü µµ¸ÞÀÎÀÌ ·çÆ® Á¢¹Ì¾î ¹Ù·Î ¾Æ·¡¿¡ À§Ä¡ÇØ¾ß ÇÕ´Ï´Ù. µû¶ó¼ (°øÀ¯ Á¶Á÷¿¡¼ »ç¿ëÇÏ´Â) °øÀ¯ µµ¸ÞÀÎ ¹× (°¢ÀÚ µµ¸ÞÀÎÀÌ ÀÖ´Â) Àüü Á¶Á÷¿¡ ´ëÇÑ LDAP Á¤º¸¸¦ ÀúÀåÇÒ µµ¸ÞÀÎ ³ëµå°¡ ·ÎÆ® Á¢¹Ì¾î ¾Æ·¡¿¡ Ãß°¡µË´Ï´Ù.
»ùÇà Á¶Á÷ µ¥ÀÌÅÍ: µð·ºÅ丮 Á¤º¸ Æ®¸® ºä
±×¸² A-3¿¡¼´Â »ùÇà Á¶Á÷ µ¥ÀÌÅÍ¿¡ ´ëÇÑ µð·ºÅ丮 Á¤º¸ Æ®¸®(DIT) ºä¸¦ º¸¿© ÁÝ´Ï´Ù.
±×¸² A-3ÀÇ ¿¹´Â ±×¸² A-1ÀÇ ³í¸®Àû ºäó·³ ´ÙÀ½ Á¶Á÷À» Æ÷ÇÔÇÕ´Ï´Ù.
»ùÇà µð·ºÅ丮 Á¤º¸ Æ®¸® »óÀÇ ³ëµå
»ùÇà Á¶Á÷ ÆÄÀÏ(da.sample.data.ldif)ÀÇ ³ëµå´Â ´ÙÀ½°ú °°½À´Ï´Ù.
»ùÇà µð·ºÅ丮 Á¤º¸ Æ®¸® »óÀÇ »ç¿ëÀÚ DN
±×¸² A-3ÀÇ »ùÇà Á¶Á÷ ÆÄÀÏ¿¡´Â ´ÙÀ½°ú °°Àº »ç¿ëÀÚ DNÀÌ ÀÖ½À´Ï´Ù.