�� 11 �� ]�w�U�޺��

Calendar Server �䴩�U�� (�ε��) ��C�b�U�޺��w�ˤ��A�U�Ӻ��@�ΦP�@ Calendar Server ��ҡA�ӹ�Ҥ��\�h�Ӻ��s�b��x��A��W�C�C�Ӻ��w�q�@�ӦW�٪Ŷ��A�ӦW�٪Ŷ��Ҧ��ϥΪ̡B�s�թM�귽��O�ߤ@��C�C�Ӻ��پ֦��z�S�O�]�w��@��ݩʩM�ߦn�]�w�C


�`�N	�uSun Java System Calendar Server Deployment Planning Guide�v(/docs/cd/E19263-01/816-6709) �׭z�ǳƦw�˥H�ϥΰU�޺��һݭn��Ҧ��B�J�C

�U�޺�쪺²��

LDAP �ؿ��´��c

Calendar Server �n�J

��e��j�M

��D�U�޺��Ҫ��䴩

LDAP �ؿ��´��c

�z�L�U�޺��w�ˡALDAP �ؿ��´��U�Ӥ��P��D��e�Ϭq�A�C�ӰϬq�N��W�٨t�� (DNS) ��@�Ӻ��C�ϥΪ̡B�s�թM�귽�� uid �b�C�Ӻ�줤��O�ߤ@��C�Ҧp�A�C�Ӻ�줤�u�i�H��@�� uid �� jdoe ��ϥΪ̡C�ѧO�W�� (DN) ��C�Ӻ�쪺�ڡC

Sun LDAP Schema 2 (�ۮe�έ�ͼҦ�)

Sun LDAP Schema 1

Sun LDAP Schema 2


�`�N	�� Directory Server �]�w�{�� (comm_dssetup.pl) �ɡA�z�i�H�� LDAP Schema 1 �� LDAP Schema 2�C�H�U�O�Ʊ�`�N�ƶ��G �s�w���C�p�G�z��I�n�N Calendar Server 6 2005Q1 �@��s�w�˨Ӧw�ˡA�Шϥ� LDAP Schema 2�C �ɯ��C�p�G�z��I�n�q Calendar Server 5.x �i��ɯšA�Ы�ӥH�U��ϥμҦ��G �p�G�n�ϥ� Access Manager �\��A�Ҧp commadmin ��ε{��γ榸�n�J (SSO)�A�п�� LDAP Schema 2�C �p�G��Q�ϥ� Access Manager �\��A�h�i�H�ϥΥ�󪩥��C��L�A�p��i��A�Шϥ� LDAP Schema 2�C

�� 11-1 ��ܨϥ� Sun LDAP Schema 2 ��U�޺��w�ˤ� LDAP �ؿ��´��c�C

LDAP Schema 2 �ϥΥ�� LDAP �ؿ��´��c�C��U�޺��w�ˡA�Ĥ@�h�� (�Ϥ�� varriusDomain�BsestaDomain �P siroeDomain) �b�ؿ��´��c��C�o�Ƕ��ؤ��i�Q�O�M�C

�p�G�n�ϥ� Access Manager �\��A�Ҧp Delegated Administrator ��O�椽�ε{�� commadmin �γ榸�n�J (SSO)�A�h�ݭn Schema 2�C

Sun LDAP Schema 1

�� 11-2 ��ܨϥ� Sun LDAP Schema 1 ��U�޺��w�ˤ� LDAP �ؿ��´��c�C

DC ��

��´ (OSI) ��

DC �� (�`�I) �P DNS ��ADNS �i�T�w��Ѻ��W�٪��춵�ءCinetdomainbasedn LDAP �ݩʫ�V�� DN�A�� DN �O OSI �� (�`�I) ��쪺�ϥΪ̡B�귽�M�s�դ��ڡC�b�C�Ӻ�줺�ACalendar Server �ϥΪ̡B�귽�M�s�ժ��ѧO�X��O�ߤ@��C

�b�ϥ� LDAP Schema 1 ��U�޺��w�ˤ��A�ؿ�j�M�ݭn�H�U��ӨB�J�ӴM�䶵�ءG


�`�N	�p�G�z�H�e�� LDAP �t�m��]�t DC ��A�Y�n�ϥ� Schema 1 �Ҧ�� Schema 2 �ۮe�Ҧ��A�h��]�m�U�޺��ۦ�إ� DC ��`�I�C

�b DC �𤤡A�j�M�@�~�|��]�t��V OSI �𤤺�줧�� DN (inetDomainBaseDN �ݩ�) �� DN �Ȫ��춵�ءC

�b OSI �𤤡A�j�M�@�~�|��Ӻ�춵�ءA�M��q�Ӷ��ت�� DN �}�l�j�M�H��Ӻ�줤��3�ϥΪ̡B�귽�θs�աC

Calendar Server �n�J

��U�޺��w�ˡA��줤��C��ϥΪ̳��ߤ@��ϥΪ� ID (uid)�C�ШϥΥH�U�榡�n�J Calendar Server�G

�p�G�ٲ� domain-name�ACalendar Server �|�ϥ� ics.conf �ɮפ� service.defaultdomain �Ѽƫ�w��w�]��W�١C�]��A�p�G�ϥΪ̭n�n�J�w�]��A�Ȼݭn userid�C

��ϥΫD�U�޺��Ҫ��w�ˡA�h��ݭn domain-name�C�p�G��w��W�١A�h��|�Q��C

�p�G�۰ʧG�ؤw�ҥΡACalendar Server �|�b�ϥΪ̭��n�J�ɬ��إߤ@�ӹw�]��ƾ�C�p�ݦ��إߦ�ƾ䪺��T�A�аѾ\�� 15 ��u�޲z��ƾ�v�C

�n�J�v��H icsStatus �� icsAllowedServiceAccess �ݩʬ��¦�C�p�ݧ�h��T�A�аѾ\�� D-17�C

��e��j�M

�̹w�]�A�ϥΪ̶ȥi�b�ۤv��줺�j�M�ϥΪ̻P�s�աA�H�ܽШ�ѻP�ƥ�C��O�A�u�n��H�U�ݨD�A��e��j�M�N��\�@�Ӻ�줤��ϥΪ̦b��L��줤�j�M�ϥΪ̩M�s�աG

�C�Ӻ��i�b icsExtendedDomainPrefs �ݩʪ� domainAccess �S�ʤ��w�s��M�� (ACL)�A�H��\�Ωڵ��q��L��i��e��j�M�C�]��A��i�H��\�Τ��\�S�w��ΩҦ��i��j�M�C

�C�Ӻ��i�H��w��ϥΪ̥i�H�j�M��~��CicsDomainNames LDAP �ݩʫ�w�Y�Ӻ�쪺�ϥΪ̬d��ϥΪ̩M�s�ծɥi�H�j�M��~�� (�u�n�Ω�~��쪺 ACL ��\�i��o�طj�M)�C

��D�U�޺��Ҫ��䴩

Calendar Server ��䴩�D�U�޺�� (�]�N�O��A�֦��@��) ��Ҥ��@�~�C�Ҧp�A�p�G�֦��{�� Calendar Server 5.x �Χ󦭪��ª��w�ˡA�h�z�L�N ics.conf �Ѽ� service.virtualdomain.support �]�w�� "no"�A�z��i�H�b��@��Ҥ��@�~�C�t�аѾ\��ΰU�޺��C

�]�m�U�޺��

��p�`�]�t�b LDAP ��إ߷s��U�޺�춵�ؤ��e�i��ݭn��檺�H�U�򥻤u�@�G

�p�G�z�n�q Calendar Server 5.x �E��A�нT�w�b�xճ]�m�U�޺�줧�e�N�w�g��F cs5migrate �� cs5migrate_recurring�Bcsmig �M csvdmig�C�z�i�H�q Sun �޳N�䴩��o cs5migrate �� cs5migrate_recurring ��̷s��C�p�ݦ��o�ǾE��ε{��h��T�A�аѾ\�� 4 ��u��Ʈw�E��ε{��v�C

�p�G�z�|�� comm_dsseetup.pl�A�а�榹�@�~�C��|��s�]�t�䴩�U�޺��һݰѼƪ� ics.conf �ɮסC

�� 11-1 �C�X�û�� ics.conf �ɮפ��Ω�U�޺��䴩��t�m�ѼơC

�p�G�� 11-1 ��C�X��@�ѼƤ��b ics.conf �ɮפ��A�бN�ӰѼƤΨ��p�ȼW�[��ɮסA�M�᭫�s�Ұ� Calendar Server �H�ϳo�ǭȥͮġC

�� 11-1 �Ω�U�޺��䴩��t�m�Ѽ�
�Ѽ�	��
service.virtualdomain.support	�ҥ� ("yes") �ΰ�� ("no") ��U�� (��) ��Ҧ��䴩�C�w�]�� "no"�C
local.schemaversion	��w LDAP �Ҧ��G "1" = Sun LDAP Schema 1. �t�аѨ� service.dcroot�C "2" = Sun LDAP Schema 2. �t�аѨ� service.schema2root�C �w�]�� "1"�C
service.dcroot	�b LDAP �ؿ��w DC �𪺮ڦr�� (�p�G local.schemaversion = "1")�C �Ҧp�G"o=internet"�C �b�U�� (��) ��Ҧ��ACalendar Server �ϥ� service.dcroot �ѼƦӫD local.ugldapbasedn �P local.authldapbasedn �ѼơC �ۤϡA�b�D�U�� (��) ��Ҧ��ACalendar Server �ϥ� local.ugldapbasedn �P local.authldapbasedn �ѼƦӫD service.dcroot �ѼơC
service.schema2root	��w�Ҧ��Ҧb��ڦr�� (�p�G local.schemaversion = "2")�C �Ҧp�G"o=sesta.com"�C
service.defaultdomain	��w�� Calendar Server ��Ҫ��w�]��C�n�J�v��Ѻ��W�ٮɨϥΡC �Ҧp�G"red.sesta.com"�C
service.loginseparator	��w Calendar Server ��R "userid[login-separator]domain" �ɥΩ� login-separator ��9j�r��r��CCalendar Server �\|�̦��xըC�Ӥ9j�r��C �w�]�� "@+"�C
service.siteadmin.userid	��w��޲z��ϥΪ� ID�C �Ҧp�GDomainAdmin@sesta.com�C
service.virtualdomain.scope = "select"	��e��j�M�G "primary" = �Ȧb�ϥΪ̵n�J��줺�j�M�C "select" = �b��󤹳\�i��o�طj�M��줺�j�M�C �w�]�� "select"�C
local.domain.language	��w��y��C�w�]�� "en" (�^��)�C



�`�N	�p�G�z��I�ثe�Q�t�m�Ω� Calendar Server ��h�ӹ�ҩΦ��:��Ҧ��A��p��z�� Sun Microsystems �P��Ȥ�N��A�H��o��z�E��ݨD��C

�إ߹w�]��춵�ءC

�� Schema 2�A�w�]�� commadmin �t�m�{��إߡC

�� Schema 1�A�b DC ��ڥؿ�r�$U�إߤ@�өΦh�Ӽh�Ū��w�]�� (�䤤�@�ӰU�޺��)�A��M��z�� DC �𵲺c�C�Ҧp�A�p�G�z��ڥؿ�r�,O o=internet�A�h�V�U�@�Ӽh�Ū��`�I�� com�A�p�� 11-2 �ҥܡC�M�ӡA�z��w�]��쬰�C�@�Ӽh�Ū��`�I�A�Ҧp sesta.com�C�ϥ� csdomain �إ� DC ��`�I�A�p�H�U�d�ҩҥܡJ

csdomain -n o=com,dc=com,o=internet create com
csdomain -n o=sesta.com,dc=sesta,dc=com,o=internet create sesta.com

��w�]��춵�رҥΦ�ƾ�\��A�ȡC

�� Schema 1�G�ϥ� csattribute �b LDAP ��W�[ icsCalendarDomain ��O�� o=sesta.com ��춵�ءC

�� Schema 2�G�t�m commadmin ��A�ק�w�]�� (�� commadmin �t�m�{��إ�) �H�W�[��ƾ� (�M�l��) �A�ȡC�b�H�U�d�Ҥ��A��ƾ�A�ȩM�l��A�ȧ��Q�W�[�ܰU�޺��G

commadmin domain modify -D admin -w passwd -d defaultdomain -S cal,mail

�b�t�ΤW�إߩһݪ��U�޺��C�p�ݦ��p��b Schema 2 �Ҧ��W�[�U�޺�쪺��A�аѾ\�إ߷s��U�޺��C

�Y�n�إ� Schema 1 �U�޺��A�Шϥ� csdomain create�A�p�H�U�d�ҩҥܡJ

csdomain -n o=red.sesta.com,dc=red,dc=sesta,dc=com create red.sesta.com

��B�J 4 ��A��s��U�޺��ҥΦ�ƾ�\��A�ȡC

�p�G calmaster ��޲z��ϥΪ̨ä��s�b�A�� Schema 2�A�Шϥ� commadmin user create ��O�إߥ��A�p�H�U�d�Ҥ��ҥܡJ

commadmin user create -D admin -w passwd -F Calendar -L Administrator -l calmaster -W calmasterpasswd -d sesta.com -S cal

�� Schema 1�A�ϥ� csuser �b OSI ��W�إ� calmaster �ϥΪ̡A�p�H�U�d�Ҥ��ҥܡJ

csuser o=sesta.com,o=rootsuffix -d sesta.com -g Calendar -s Administrator -y calmasterpassword create calmaster

�p�G calmaster ��޲z��ϥΪ̤w�s�b��H�e��D�U�޺�� (Schema 1) ��A�а��U�C�B�J�A�H�N�䲾�ܹw�]��J

��{�� calmaster LDAP ��ت� LDAP �ɦL�A�ñN��x�s�ܼȦs�ɡA�Ҧp /tmp/calmaster.ldif�C

�ϥ� ldapdelete �R�� OSI �ڥؿ�r�$W�{�� calmaster LDAP ��ءA�p�U�ҥܡJ

#ldapdelete -D "cn=Directory Manager" -w password uid=calmaster, ou=People, o=rootsuffix

�z�L�ϥ� csuser �إ߷s�� calmaster �ϥΪ� LDAP �� (�b OSI ��W)�A�p�B�J 7 ��ҥܡC�Ϊ̨ϥ� LDAP ��ε{��W�[�s�� calmaster LDAP ��ءA��O��P�H�U LDIF �O��J

dn:uid=calmaster, ou=People, o=sesta.com,o=rootsuffix

givenName:Calmaster

sn:Administrator

icsCalendarOwned:calmaster$Calmaster Administrator

mail:calmaster@sesta.com

icsSubscribed:calmaster$Calmaster Administrator

icsCalendar:calmaster@sesta.com

objectClass:top

objectClass:person

objectClass:organizationalPerson

objectClass:inetOrgPerson

objectClass:inetUser

objectClass:ipUser

objectClass:icsCalendarUser

uid:calmaster

cn:Calendar Administrator

preferredLanguage:en

userPassword:password

�ק��ƾ�޲z��s�ն�� (��s uniqueMember �ݩ�) �H��3�Ұ��ܧ�A�p�H�U�d�Ҥ��ҥܡJ

dn:cn=Calendar Administrators,ou=Groups,o=rootsuffix
changetype:modify
replace:uniqueMember
uniqueMember:uid=calmaster,ou=People,o=sesta.com,o=rootsuffix

�L��N�s�ն��ز��ܰU�޺��C

��s�z�֦��Ҧ��޲z�{��ɡA�H�� WCAP ��O�� calid ��X��C�]�N�O��A�C�� calid �{�b��]�A�Ӻ��W�١C�Ҧp�Gjsmith@sesta.com�C

�ϥΥ� Messaging Server �إߪ��

�p�G Messaging Server �إߤF�U�޺��A�i�H�w�� Schema 1 �� Schema 2 ��̱ҥΦ�ƾ�C��p�`�]�A�H�U�D�D�G

�w�� Schema 1 �ҥΦ�ƾ�\��

�w�� Schema 2 �ҥΦ�ƾ�\��

�w�� Schema 1 �ҥΦ�ƾ�\��

�W�[ icsCalendarDomain ��O�ܭn�� Calendar Server �ϥΪ̱ҥΪ��C�Ӻ�줧 LDAP ��ءC

�b�z�w�b�B�J 1 ��ҥΪ��C�Ӻ�줤�A�N icsStatus ��ݩʭȳ]�w�� "active"�C

�b�z�w�b�B�J 1 ��ҥΪ��C�Ӻ�줤�A�N icsExtendedDomainPrefs �ݩʤ��ﶵ domainAccess ��ȳ]�w��z�n�Ω�s�� ACL�C

�z�i�H�ϥΥH�U��ؤ�k��@�Ӱ�榹�ʧ@�G�ϥ� csattribute add ��O�Ψϥ� ldapmodify�A�p�{��X�d�� 11-1 ��ҥܡC

�{��X�d�� 11-1 �ק�� LDAP ��

dn:dc=sesta,dc=com,o=internet
changetype:modify
add:objectclass
objectClass:icsCalendarDomain
add:icsStatus
icsStatus:active
add:icsExtendedDomainPrefs
icsExtendedDomainPrefs:domainAccess=@@d^a^slfrwd^g;anonymous^a^r^g;@^a^s^g

�p�G�z�n�N��h�Ū��޲z��Ω��ƾ�t�ΡA�мW�[�@�� calmaster �ϥΪ̦ܨC�Ӻ��A�üW�[�A�?�s��C

��w�ҥΪ��C�Ӻ��A�Ҧ��{��ϥΪ̤]��ϥ� csuer enable ��O�ҥΦ�ƾ�C

�w�� Schema 2 �ҥΦ�ƾ�\��

�p�G�z�w�N�{�� Messaging Server LDAP ��ؾE�� Schema 2 (�ϥ� commdirmig)�A�Ϊ̱z��Ӧb Schema 2 �Ҧ��U�إߤF Messaging Server LDAP ��ءA�ШϥΥH�U�B�J�H�ҥΦ�ƾ�\��G

�ϥ� commadmin domain modify ��O�M -S �ﶵ�N��ƾ�A�ȼW�[�ܺ��C

�z�L�ϥ� commadmin user modify ��O�M -S �ﶵ�N��ƾ�A�ȫ�w��v�T��줤��C��ϥΪ̡A�H�ҥγo�ǨϥΪ̡C

�p�� commadmin ��O�A�аѾ\�uSun Java System Communications Services Delegated Administrator ��n�v�C

�p�ݦ�� commdirmig ��T�A�аѾ\�uSun Java System Communications Services Schema Migration ��n�v)

�W�@�� ؿ� �d� �U�@��
Sun Java System Calendar Server 6 2005Q1 �޲z��n

�� 11 �� �]�w�U�޺��

�U�޺�쪺²��

LDAP �ؿ��´���c

Sun LDAP Schema 2

Sun LDAP Schema 1

Calendar Server �n�J

��e���j�M

��D�U�޺����Ҫ��䴩

�]�m�U�޺�����

�ϥΥ� Messaging Server �إߪ����

�w�� Schema 1 �ҥΦ�ƾ�\��

�w�� Schema 2 �ҥΦ�ƾ�\��

�� 11 ��
�]�w�U�޺��

LDAP �ؿ��´��c

��e��j�M

��D�U�޺��Ҫ��䴩

�]�m�U�޺��

�ϥΥ� Messaging Server �إߪ��