Netscape Console 4.0
for Windows NT and Unix
These notes were last updated August 18, 2000.
These release notes contain important information about Netscape Console
4.0. Please read these notes before using the product.
Installation Instructions and Release Notes for all 4.0 versions
of Netscape servers are available online at this location: http://home.netscape.com/eng/server
Use of this product is subject to the terms detailed in the license
agreement accompanying it.
Netscape Console incorporates compression code by the Info-ZIP group.
There are no extra charges or costs due to the use of this code, and
the original compression sources are freely available from ftp://ftp.cdrom.com/pub/infozip/
on the Internet.
The release notes contain these explanations:
What's New in This Release
Netscape Console provides a unified administration interface to all the
intranet, extranet, client, and server software under an administrator's
control. Driven by directory services and implemented in Java using the
Java Foundation Classes, Netscape Console ties all Netscape server server
applications in a network into a single user interface. The Netscape Console,
which can be downloaded from any HTTP server, discovers all registered
hosts and applications in the directory and gives administrators a single
point of access and the ability to control these applications through interactions
with directory and administration servers throughout the network. For bulk
administration and non interactive tasks, Netscape Console provides remote
command line utilities and SDKs for automating administration services.
The architecture supports alternate user interfaces, such as HTML 3.0 end-user
administration screens that access the same Netscape Console back-end services.
This version of Netscape Console does all of the following:
-
Implements a unified administration interface for intranets, extranets
and the Internet.
-
Supports LDAP version 3, the latest version of the Internet-standard directory
access protocol.
-
Simplifies Netscape server deployment through a central installation dashboard.
-
Enables the extranet with secure management using Java over SSL.
-
Supports JDK 1.1, the latest version of Java.
-
Has an extensible architecture for easy drop-in to existing environments.
-
Includes tools for rapid application development.
Potential Problems and Solutions
- To start an SSL-enabled Administration Server without manually entering a password, do the following:
- Create a text file that will contain your security device passwords.
- Add entries to this file using the following format: <token name>: <password>
For instance, if you are using the internal software token, you would enter internal (software): <password>
where <password> is the password for the token. If you are using additional tokens, add each one's name and password on
a new line.
- In the <server root>/admin-serv/config directory, create a text file called custom.conf.
- Add the following line to custom.conf: pinFile: <pin file> where <pinfile> is the full path to the text file containing passwords.
-
If you are are using SSL, you need to be aware of important information
related to root certificate expiration by the end of 1999. At a minimum, you may need to ask your
users to upgrade their browsers to Communicator 4.7. Depending on how you are using SSL, you
may also need to update the root certificate in your server. For important and urgent information on
root certificate expiration, see Digital Certificate Security Alert.
- If your configuration directory is running on Netscape Directory Server
4.0 or lower, you may receive an "error 14" message when performing Console
operations (392925). This is because Console 4.0 requires schema
updates to the directory. To fix this problem, install the latest version
of iPlanet Directory Server.
-
If you lose a network connection while Netscape Console
is running, Netscape Console may become inoperative. Re-establish
your network connection, then restart Netscape Console. (106714)
-
Netscape Console 4.0 does not support SSL server
authentication. (123285)
-
When the default language requires a uid in a
form other than the default (user's first initial followed by last name),
you must manually override the nsuserformat attribute in the configuration
directory. (117507) To change the nsuseridformat attribute:
-
In the Netscape Console, open the Directory Server
that contains the configuration directory you want to modify.
-
In the Directory Server, click Directory.
-
Expand the navigation tree to follow this path:
NetscapeRoot/[administration domain]/Global Preferences.
-
In the navigation tree, select Global Preferences.
-
In the right pane double-click Common.
-
In the Property Editor window, locate the attribute
nsuseridformat
and enter one of the following values as appropriate:
-
firstletter_lastname (this is the default
value)
-
givenname_firstletter
-
lastname_givenname
-
givenname_lastname
-
Click OK.
-
Restart Netscape Console.
- You can grant or deny server access to an individual
user, but you cannot grant or deny server access to a group. If you
select a server in the Netscape Console navigation tree, and attempt to
use the Set Access Permissions command to specify a group of users, the
permissions you set will not work as expected. (337487)
This is caused by an incorrectly defined Access Control Instruction (ACI)
under o=NetscapeRoot. To work around this problem, use ldapmodify to
patch this ACI with the following LDIF content:
dn: o=NetscapeRoot
changetype: modify
delete: aci
aci: (targetattr="*")(version 3.0; acl "Enable Group Expansion"; allow (read,
search, compare)groupdnattr="ldap:///o=NetscapeRoot?uniquemember?sub";)
-
add: aci
aci: (targetattr="*")(version 3.0; acl "Enable Group Expansion"; allow (read,
search, compare)groupdnattr="uniquemember";)
If you are unfamiliar with ldapmodify and LDIF, refer to the
Netscape Directory Server Administrator's Guide.
-
When creating a new user or editing a user's personal
data, do not use 8-bit characters in the First Name and Last Name fields.
If you use 8-bit characters in the First Name or Last Name fields,
the user ID is not automatically generated for you. Instead, use
ASCII characters to enter the user's personal data. (117507)
-
If you create a user without indicating a password,
selecting the user and clicking on the Password button will allow you to
assign a value for the user's password attribute. If you try to change
this value by clicking on the Password button again, the new value will
be stored alongside the old value and the user will have two valid passwords.
To work around this: select the user, click on Edit, and then enter and
confirm the new password in the Edit Entry dialog box. Alternatively, you
can choose to assign a password when creating a new user. If you have already
created a user with multiple passwords, perform a new search for the user
and enter a new password using the Edit or Password button. This will discard
any old values and assign a single password for the user.
-
On Windows NT with DHCP, you cannot install
Administration Server 4.0 or Directory Server 4.0. As a workaround,
you can install successfully using a static IP address. (106750)
-
On HP-UX, if Netscape Console randomly crashes,
make sure you have the patch PHKL_14750 installed on your system.
Contact Hewlett-Packard for detailed information on obtaining this patch.
-
On HP-UX, if you're using a multi-CPU system,
you need to install this patch: PHNE_16645. This addresses
the Administration Server process spinning problem. Contact Hewlett-Packard
for detailed information on obtaining the patch.
-
On HP-UX, when using the Users and Groups
Search Directory, the screen may not draw properly. (291656) When this
happens, click Search to perform the search again.
-
On AIX with jre 1.1.6, if Netscape
Console crashes upon startup, you must disable JIT. (316827) To disable
JIT, invoke startconsole with the -nojit option.
-
On Linux, start Netscape Console using green
threads instead of native threads. At the command line, enter startconsole
-g.
-
On Linux, if Netscape Console hangs during
log in, it may be due to a problem with NIS (349906). As a workaround,
in /etc/nsswitch.conf,
modify the nis and dns lookup ordering
in the the hosts entry. Make sure dns comes before nis.
For example, change this entry:
hosts:
files nisplus nis dns
to this entry:
hosts:
files dns nisplus nis
Changes to IP address
If, for any reason, your computer system's IP address
changes, the Administration Server will not start (332357, 354994).
The IP address must be changed in both the Administration Server configuration
and the Configuration Directory. As a workaround, follow these steps:
-
Copy the Perl script provided below, and save it
as a file in the
<Server_Root>/shared/bin directory.
In this example, the file is named admin_ip.pl
-
In the <Server_Root>/shared/bin directory,
..\..\install\perl admin_ip.pl <Directory_Manager_DN> <Directory_Manager_password>
<old_IP> <new_IP> [port #]
admin_ip.pl <Directory_Manager_DN> <Directory_Manager_password>
<old_IP> <new_IP> [port #]
#!../../install/perl -w
# This script automatically changes the Administration
Server IP address in both the local.conf file and in the
Configuration Directory. The old IP
address is stored in the file local.conf.old.
die "Usage: admin_ip.pl <Directory_Manager_DN>
<Directory_Manager_password>
<old_IP> <new_IP> [port #]\n" unless
(($#ARGV >= 2) && ($#ARGV <= 4));
$dirmgr = $ARGV[0];
$passwd = $ARGV[1];
$oldIPaddr = $ARGV[2];
$newaddr = $ARGV[3];
$port = 389;
$port = $ARGV[4] if ($ARGV[4]);
$adminconfig = "../../admin-serv/config/";
$ldapsearch = "./ldapsearch";
$ldapmodify = "./ldapmodify";
$baseobject = "o=NetscapeRoot";
$query = "(&(&(cn=configuration)(objectclass=nsConfig))(nsserveraddress=\"$oldIPaddr\"))";
$dn = "";
$oldaddr = "";
$/ = ""; # enable paragraph mode
# Find the old IP address in the directory
open (LDAP, "$ldapsearch -p $port -b $baseobject
-D \"$dirmgr\" -w $passwd \"$query\" |");
while (<LDAP>) {
s/\n //g;
if (/\nnsserveraddress: (.*)\n/) {
$oldaddr = $1;
print "Old IP in directory:
$oldaddr\n";
}
if (/^dn: (.*)\n/) {
$dn = $1;
print "DN: $dn\n";
# Update the IP address stored in the configuration
directory
open (LDAP2, "| $ldapmodify
-p $port -D \"$dirmgr\" -w $passwd");
print LDAP2 "dn: $dn\n";
print LDAP2 "changetype:
modify\n";
print LDAP2 "replace:
nsserveraddress\n";
print LDAP2 "nsserveraddress:
$newaddr\n";
close (LDAP2);
}
}
close (LDAP);
# Update the admin config file
$newconfig=$adminconfig . "local.conf";
$oldconfig = $adminconfig . "local.conf.old";
rename $newconfig, $oldconfig;
open (OLD, "<" . $oldconfig);
open (NEW, ">" . $newconfig);
print "oldaddr: $oldaddr\n";
print "newaddr: $newaddr\n";
while (<OLD>) {
s/$oldaddr/$newaddr/g;
print NEW;
}
close(OLD);
close(NEW);
Using Netscape Console with Netscape Certificate
Server 1.x
-
If you use a Netscape 4.x server to
request a server certificate from a Netscape Certificate Server 1.x, do
not use wildcards, punctuation marks, or other special characters when
specifying the server host name. If you do, Certificate Server will
display the following message "Invalid DER encoding" when the certificate
is submitted. Instead, use a simple expression to specify the server
host name. Example: www.netscape.com.
Using Netscape Console with Netscape Messaging Server
-
When using Messaging Server 4.0, if
you try to access the end-user page at http://<hostname:portnumber>,
and you don't have a default language selected for your browser,
an internal error will occur. (329519) If you're using Communicator
4.x, you can set its default language by following these steps:
-
From the Edit Menu, choose Preferences.
-
In the Categories tree, expand the Navigator section,
and then click Languages.
-
If no language is listed, click Add, and then follow
the onscreen instructions to add a language to the default language list.
-
When using Messaging Server 4.0 or 4.1, if
you set a greeting which is longer than 2048 characters in the User and
Group tab, Netscape Console displays a "stack overflow" error message
(345046). This problem may also affect other attributes in versions of
Messaging Server released before October 25, 1999. It is caused by a bug
in the Admin SDK and is fixed in version 4.1 of Console.
Changes
to the Documentation
When updates to Netscape Console documentation are
available, they are published at this location:
http://home.netscape.com/eng/server/console.
Where to Go for
Other Information
For installation instructions, see the Install.htm
file for the server you're installing. Installation Instructions
and Release Notes for all Netscape servers are posted at this location:
http://home.netscape.com/eng/server
If you can't find the information you need, contact
technical support.
©
Copyright 1998-2000 Netscape Communications Corporation. All rights
reserved.