Complete Contents
Introduction
Chapter 1 Introducing Netscape Console
Chapter 2 The Netscape Server Family Setup Program
Chapter 3 Using Netscape Console
Chapter 4 User and Group Administration
Chapter 5 Using SSL
Chapter 6 Delegating Server Administration
Chapter 7 Using SNMP to Monitor Services
Chapter 8 Administration Server Basics
Chapter 9 Administration Server Configuration
Appendix A Distinguished Name Attributes and Syntax
Appendix B Administration Server Command Line Tools
Appendix C FORTEZZA
Appendix D Introduction to Public-Key Cryptography
Appendix E Introduction to SSL
Managing Servers with Netscape Console: Using Netscape Console
Previous Next Contents Index


Chapter 3 Using Netscape Console

Netscape Console let's you view all servers under your control. It's where you go to open and manage individual servers.

This chapter contains the following sections:


Logging In to Netscape Console
Netscape Console is a stand-alone Java application. When you start Netscape Console, you connect to an Administration Server in your network. Typically, you log in using your own user name and password.

To start Netscape Console and log in:

  1. Start Netscape Console:
  2. Unix. In the server root, enter./startconsole.

    Windows NT. From the Start Menu, choose Programs. Then, from the Netscape Server Family Program Group, choose Netscape Console 4.0.

  3. In Netscape Console login window, enter your user name, password, and the URL for the Administration Server you want to access.

  4. Click OK.
The user name and password you use to log in determine which servers and server operations you can access in Netscape Console. See "Network Resources and Administrative Privileges" on page 94 for more information.


The Navigation Tree
The navigation tree represents all the resources, or objects, in a Netscape topology. A topology includes all resources registered in the same configuration directory. An administration domain is a collection of host systems and servers that share the same user directory. A server group consists of all servers managed by the same Administration Server. Individual servers are the products that provide specific services such as directory database, messaging, and publishing.

Figure 3.1    The navigation tree represents the Netscape topology which includes all resources registered in the same configuration directory. Click the plus (+) or minus (-) signs to expand or collapse a section of the tree.

Opening a Netscape Server
Each Netscape Server has its own set of tasks and configuration settings.

To open a Netscape server:

  1. In the navigation tree of Netscape Console, click a server to select it.
  2. In the server information section of Netscape Console, click Open.
Each Netscape server has specialized tabs for setting configurations or viewing server-specific information. For detailed information, see the server's Administrator's Guide.

Figure 3.2    The Directory Server graphical interface.

The Administration Domain
An administration domain is a group of Netscape servers that all use the same user directory for user data management and authentication. For example, you might want to create a separate domain for each division in your company with each domain including all host computers used only by that division.

Creating an Administration Domain
Before you can create a new Administration Domain, you must be member of the Configuration Administrators group.

To create a new administration domain:

  1. In Netscape Console, from the Console menu, choose Create Administration Domain.
  2. In the Create Administration Domain dialog box, enter domain information:
  3. Domain Name. Enter the name of the domain as you want it to appear in the navigation tree.

    Description. (Optional) You can enter any string that helps you identify this domain.

    User Directory. Specify the location of the user directory using the fully qualified domain name and port number.

    Secure Connection. Select this option if the new user directory port is already enabled for SSL communication.

    User Directory Subtree. enter the location of the new user directory. Example: o=mcom.com

    Bind DN. Enter the distinguished name for a user who has access permission to the new user directory. Example: uid=ginac, ou=people, o=Airius.com.

    Bind Password. Enter the password of the user above.

  4. Click OK.
If you've changed the User Directory Host, User Directory Port, or SSL option, you must restart the server before the change takes effect.

Modifying an Administration Domain
Note. Changing these settings will have serious and far-reaching impacts on the rest of the servers in the domain! If you make changes here, you must restart all the servers in the domain.

To modify an administration domain:

  1. In Netscape Console, select the domain you want to modify, then click Edit.
  2. Modify domain information as necessary:
  3. Domain Name. Enter the name of the domain as you want it to appear in the navigation tree.

    Description. (Optional) You can enter any string that helps you identify this domain.

    User Directory Host and Port. Specify the location of the user directory using the host computer's fully qualified domain name and port number. For authentication purposes, you can enter more than one user directory location separated by spaces.

    Example:
    Eros.Airius.com:389 Zeus.Airius.com:389

Note.

Secure Connection. Select this option if the new user directory port is already enabled for SSL communication.

User Directory Subtree. Enter the location of the new user directory. Example: o=mcom.com

Bind DN. Enter the distinguished name for a user who has access permissions to the new user directory. Example: uid=ginac, ou=people, o=Airius.com.

Bind Password. Enter the password of the user above.

  1. Click OK.
Adding a Pre-4.0 Server to the Tree
If you already have pre-4.0 Netscape servers installed in your enterprise, you can access it and continue to manage it though Netscape Console. This is useful when you want to keep and use your older pre-4.0 server until you're ready to put your 4.0 server into production.

The pre-4.0 server will not be completely integrated into the 4.0 environment: it will run in a browser as did before. For example, if you already have Netscape Messaging Server 3.0 installed, you can add it to the Navigation tree. But when you open the server, the 3.0 server appears in the browser. You manage it using the 3.0 Server Manager as you usually do.

If you want to fully integrate a pre-4.0 server into Netscape Console, you must migrate its configurations to a 4.0 installation.

Figure 3.3    When you open a pre-4.0 server, it opens in a browser.

To add a pre-4.0 server to the navigation tree:

  1. In Netscape Console, from the Console menu, choose Add Pre-4.0 Server.
  2. In the Add Pre-4.0 Server window, enter information for the server you want to add to the navigation tree, then click OK.
  3. In the Server List window, all servers in the server root are, by default, checked. Deselect the servers you do not want to add to the navigation tree.
  4. Click OK.
Migrating a Pre-4.0 Server to a 4.0 Server
When you migrate a pre-4.0 server, its configuration settings are copied to a newer 4.0 server installation. For example, if you're already using Netscape Messaging 3.0 Server, you can install the new Messaging 4.0 Server in a different server root. You could then migrate the 3.0 server settings to the 4.0 server for testing purposes.

Note. The old and new servers can coexist on the same host system because they are installed in different server roots. If you use the same port number for both servers, you cannot run both servers at the same time. Before you start the 4.0 server, be sure the 3.0 server is turned off. Before you start the 3.0 server, be sure the 4.0 server is turned off.

Migrating the configuration settings takes less time than manually configuring the server. It also ensures that you maintain identical settings that worked for you in the older version. Once you're certain that the configuration settings work in the 4.0 server environment, you can safely remove your 3.0 server.

To migrate a pre-4.0 server to a 4.0 server:

  1. Turn off the pre-4.0 server.
  2. Run the Setup Program and install the 4.0 server. When prompted, specify a server root that's different from the 3.0 server root.
  3. Start Netscape Console, and select the server group that contains the new 4.0 server. This group becomes the target group.
Note.

  1. From the Object menu, choose Migrate Server Config.
  2. In the Migrate Server Configuration window, enter the absolute path to the pre-4.0 server, then click OK.
  3. In the Select Server for Migration window, select the pre-4.0 servers you want to migrate to 4.0 servers, then click Migrate.
  4. In the Migrate Key and Certificate window:
  5. Restart the Administration Server for the target server group.
Cloning a Server
Cloning is useful when you want to replicate configuration settings on a number of servers of the same type. For example, an administrator has installed Netscape servers on each of ten hosts. The administrator configures the Administration Server on the first host. Then, instead of configuring each of the remaining nine Administration Servers individually, the administrator copies the configuration settings from the first one to each of the others.

When you clone a server, a predetermined number of attributes are copied from the reference server to the target server. The number and the actual attributes copied vary depending upon the server.

To clone server settings to another server:

  1. In the navigation tree of Netscape Console, select the server that has the settings you want to replicate to other servers of the same type. This is the reference server.
  2. From the Object menu, choose Clone Server.
  3. In the Select Server window, choose the servers you cant to copy settings to (the target servers), then click OK.
Creating a New Server Instance
Once you have a server installed in a server root, you can create a new instance, or additional server of the same type, in the same server root. This is useful for testing purposes, and for when you need to share one server for two purposes.

For example, a company's Human Resources and Finance departments each need a Web server. Since each department has limited publishing requirements, one host can serve both departments' needs. The administrator installs one Web server, and the instance is for the Human Resources Department. The administrator then creates a new instance of the Web server for the Finance Department.

Note. You cannot create a new instance of the Administration Server because each server root can have only one Administration Server.

To create a new instance:

  1. In Netscape Console, select the server group that will contain the new server instance.
  2. From the Object menu, select Create Instance Of.
  3. In the Select Server window, choose the server from which you want to create the new instance, then click OK.
Removing a Server Instance
You can remove an instance of any server, other than the Directory and Administration Servers, from the navigation tree. This is not the same as uninstalling the server. When you uninstall the server, its program files are deleted from the host computer.

To remove a server instance:

  1. In the Navigation Tree, select the server instance you want to remove.
  2. From the Object menu, select Remove Server.
Uninstalling a Netscape Server
To remove a server from the navigation tree, you must uninstall the server.

To uninstall a server:

Unix. At the server root, enter./uninstall.

Windows NT. Use the Add/Remove Programs utility:

    1. In the Start Menu, from the Settings menu, choose Control Panel.
    2. In the Control Panel, choose Add/Remove Programs.
    3. In the Add/Remove Program Properties window, choose Netscape Server Family 4.0, then click Remove.
    4. In the Netscape Server Uninstall window, select the Netscape servers and components you want to uninstall, then click Uninstall.

Merging Configuration Data from Two Directory Servers
Netscape Console 4.1 or higher
Once you've installed and deployed a number of Netscape servers, you might find it necessary to merge the existing configuration directory with a new one. For example, when you purchase a new server product that requires major changes in the existing configuration directory, you can stage or test the product against a pilot Directory Server. You can make adjustments to the pilot directory without impacting other servers or the existing directory in the enterprise. If you're using Netscape Console 4.1 or higher, once you're satisfied with the pilot directory, you can merge its configuration data into the configuration directory that's already deployed.

The Merge Configuration Directory utility copies all server instance entries (SIEs) in a Server Group, their configuration data, and all task entries in the pilot or source configuration directory. The utility then merges the data into the existing or destination configuration directory.

To merge configuration data from two Directory Servers:

  1. In Netscape Console, in the navigation tree, right-click the Server Group containing the pilot (source) configuration directory, and then choose Merge Configuration.
  2. In the Merge Configuration Directory Server Information window, enter information about the configuration directory you want to merge to:
  3. Destination Domain. Enter the domain name for the existing configuration directory that you want to merge into. Example: Airius.com

    Destination LDAP Host. Enter the fully qualified host for the existing configuration directory you specified above.
    Example: Zeus.Airius.com

    Destination LDAP Port. Enter the port number for the existing configuration directory.

    Secure Connection. Select this option if the destination configuration directory uses the Secure Sockets Layer (SSL) protocol.

    Destination LDAP Bind DN. Enter the Distinguished Name for the user who has access to the destination configuration directory.

    Destination Bind Password. Enter the password for the user above.

After you merge the configuration directories, the affected SIE's will use the destination directory you specified. If you want the instances to switch back to the original configuration directory, you must manually modify the local configuration files. See "Changing the Configuration Directory Server" on page 142 for more information.


Customizing Your View of Netscape Console
To customize the appearance of Netscape Console, select or deselect items in the View menu. Select a menu item to display it, and deselect the item to hide it.

You can also customize the display of the navigation tree. This is useful when you want to show only those elements of your enterprise you access routinely, and hide elements you access infrequently.

To customize your view of the navigation tree:

  1. From the View menu, choose New.
  2. In the Edit View window, select an object from the tree on the left, then drag and drop it in the column on the right. In this example, the administrator has created a view named Messaging Servers, and built a view that includes only Messaging servers and their hosts. .

  3. Continue adding objects to the new view in this manner, and then click OK.
You can use multiple views to suit your needs. For example, an administrator frequently manages the company's two Messaging Servers. He has a view named Messaging Servers that displays only on Messaging Servers and their respective hosts. When the administrator needs to see all the servers in the navigation tree, he can go back to the Default view.

Display Preferences
By default, when you exit Netscape Console, it saves any display changes you've made in the session, such as

You can store the display settings on the network or on your local disk to suit your individual needs.

Storing Display Preferences
To specify how and where you want settings stored:

  1. In Netscape Console, from the Edit menu, choose Preferences.
  2. Indicate how and where you want the display settings saved, then click OK.
  3. Save Now. Saves your most recent changes immediately.

    Reset. Reverts to all default display settings.

Setting Display Fonts
You can set preferences for fonts displayed in Netscape Console. You can save different sets of font preferences, or profiles, for multiple users of the same computer system.

To set display font preferences:

  1. In Netscape Console, from the Edit menu, choose Preferences.
  2. Enter font preferences, click OK.
  3. Profile. Enter a name for this set of preferences. If don't enter a name, a default name is provided for you.

    Save As. Saves the profile under the name you specify.

    Remove. Deletes a selected profile from the list.

    Change Font. displays a dialog box for setting your font preferences. In the Select Font dialog box, make font selections, then click OK.


Administration Express
Netscape Console 4.2 or higher
The Administration Express page is an HTML-based console that provides a means for quickly accessing servers. In the Administration Express page, you can perform four of the most routine administration tasks:

Important
The Administration Express page was designed to provide specialized and limited server access. Keep the following in mind when you use the Administration Express page:

To access the Administration Express page:

  1. Open a browser, and enter the qualified host name and port number for the Administration Server you want to access.
  2. In the Administration page, under Services for Administrators, click Netscape Administration Express. See Figure 3.4 on the next page.

Figure 3.4    The Administration Express page.


Create New Administration Domain
Use this dialog box when you want to manage one or more hosts in a group. For example, you might want to create a separate domain for each division in your company. Each domain might include all host computers used by that division.

Domain Name.. Enter a fully qualified domain name.
Example: Airius.mcom.com

Description. Enter a name that helps you identify this domain.

User Directory. Specify the location of the user directory using the fully qualified domain name and port number. For authentication purposes, you can enter more than one user directory location separated by spaces.

Example: Eros.Airius.com:389 Zeus.Airius.com:389

See
"User Authentication and Directory Failover Support" on page 154 for more information.

Secure Connection. Select this option if the any user directory port you've entered is already enabled for SSL communication.

User Directory Subtree. Enter the location of the new user directory. Example: =mcom.com

Bind DN. Enter the distinguished name for a user who has access permisions to the new user directory. Example: uid=ginac, ou=people, o=Airius.com.

Bind Password. Enter the password of the user above.


Add Pre-4.0 Server
Use this dialog box when you want to manage a 2.x or 3.x version of a Netscape server from Netscape Console.

Administration Server URL. Enter the URL for the Administration Server installed in the same server root as the pre-4.0 server. Use the form: http[s]://host:port

Server Administrator ID. Enter the Administrator ID you use to access the Administration Server for the pre-4.0 server you're adding.

Password . Enter the Administrator's password associated with the Administration Server installed in the same server root as the pre-4.0 server.

Target Administration Domain. Enter the base DN of the configuration directory to which the pre-4.0 server will be added.

The pre-4.0 server will be added to the network topology. You can launch the server by double-clicking its server instance in Netscape Console. You'll manage the pre-4.0 server as usual, using its 2.x or 3.x Server Manager forms.


See Also

The Administration Domain

Server List
This list displays all servers in the server group that you can add to the navigation tree. By default, all servers are selected. Deselect the servers you do not want to add to the navigation tree.


License Tracking
Use this dialog box to count the number of users licensed for the servers in your enterprise. When you click the Refresh button, the number of licensed users per server displays.


Custom View Configuration
Use this dialog box to create or edit customized views of the navigation tree.

New. Displays a dialog box for naming the customized view you want to create.

Edit. Displays a dialog box for selecting objects in the navigation tree and building a customized view.

Rename. Displays a dialog for editing the name of a customized view.

Delete. Deletes the selected customized view.


See Also

"Customizing Your View of Netscape Console"

New View

View Name. Enter an alphanumeric string to identify the customized view you want to create.


Edit View
Use this dialog box to build a customized view of the navigation tree.


Rename View
Enter an alphanumeric string that identifies this customized view.


Preferences - Settings
By default, when you exit Netscape Console, it saves any display changes you've made, such as:

Use this dialog box to specify when and how you want such display preferences stored.

Where should preference settings be stored?.

When should preference settings be saved?


Preferences - Fonts
Use this dialog box to store your preferences for fonts displayed in Netscape Console. You can save font preferences or profiles for multiple users of the same computer system.

Profile. Enter a name for this set of preferences. If you don't enter a name, a default name is provided for you.

Save As. Saves the profile under the name you specify.

Remove. Deletes a selected profile from the list.

Change Font. Displays a dialog box for setting your font preferences.


Select Font
Use this dialog box to change the font for the selected display item. Make selections, and then click OK.


Select Server for Migration
This list displays the pre-4.0 servers you can migrate to 4.0.

Note. Before you begin, a 4.0 version server must be installed on the same system as the pre-4.0 server.

From the list, select the servers you want to migrate, and then click Migrate.


See Also

"Migrating a Pre-4.0 Server to a 4.0 Server"

Migrate Key and Certificate
Use this dialog box when you want to migrate a pre-4.0 server that runs with SSL. Enter the key database password that was used to install the encryption certificate.


See Also

"Obtaining and Installing a Certificate"

Select Target Servers for Cloning
This list displays all server instances in the topology that match the server you've selected to clone. From the list, select the server instance where you want to clone this server, and then click Clone.


See Also

"Cloning a Server"

Migrate Server Configuration
Enter the absolute path for the server root containing the pre-4.0 server.


See Also

"Migrating a Pre-4.0 Server to a 4.0 Server"

Migrate Key and Certificate
Use this dialog box when you want to migrate a pre-4.0 server that runs with SSL.


See Also

"Obtaining and Installing a Certificate"

Merge Configuration Directory Server Information
Use this dialog box when you need to merge configuration data from an existing Directory Server with configuration data from a pilot or staged Directory Server.

Destination Domain. Enter the domain name for the existing configuration directory that you want to merge into. Example: Airius.com

Destination LDAP Host. Enter the fully qualified host for the existing configuration directory you specified above.
Example: Zeus.Airius.com

Destination LDAP Port. Enter the port number for the existing configuration directory.

Secure Connection. Select this option if the destination configuration directory uses the Secure Sockets Layer (SSL) protocol.

Destination LDAP Bind DN. Enter the Distinguished Name for the user who has access to the destination configuration directory.

Destination Bind Password. Enter the password for the user above.

After you merge the configuration directories, the affected SIE's will use the destination directory you specified. If you want the instances to switch back to the original configuration directory, you must manually modify the local configuration files. See "Changing the Configuration Directory Server" on page 152 for more information.


See Also

"Merging Configuration Data from Two Directory Servers"

Administration Express
The Administration Express page provides a means for quickly accessing servers to perform four of the most routine administration tasks:

Important
The Administration Express page was designed to provide specialized and limited server access. Keep the following in mind when you use the Administration Express page:


Server Information
You can view, but not edit, the following information about the selected server:

Server Name. Indicates the name of the server as displayed in the navigation pane. The server name ususally indicates the type of server. Examples: Administration Server, Messaging Server, Directory Server.

Installation Date. Indicates date and time the server was installed.

Server Root. Indicates directory where the server binaries are installed.

Port. Indicates the port number the server is running on.

Product Name. Indicates the server's official product name.

Vendor. Indicates the server software maker or provider.

Version. Indicates the server product version number.

Build Number. Uniquely identifies a particular release of a server version. Use this as a reference number when you need to contact Netscape Technical Support.

Security Level. Indicates whether the server uses domestic (US based, 128-bit ciphers) or export (non-US based, 40-bit ciphers) encryption levels.

Additional Information. When information such as special server requirements or upgrades become available, links to the information are provided here.


Logs
Log files can help you monitor the Administration Server's activity, and can also help you troubleshoot server problems. Server logs use the Common Logfile Format, a commonly supported format that provides a fixed amount of information about the server.

To view log entries, indicate your viewing preferences, and then click OK.

Log to view. Use the drop-down list to select the type of log you want to view. The Administration Server generates the drop-down list based on the files that exist in a server's log directory. The Administration Server uses two logs: an access log and an error log.

Number of entries. Enter the number of log entries you want to view at any one time.

Only show entries with. Enter a character string for filtering log entries. Only entries containing the character string you specify will be displayed.

Reset. Resets log options to the values last saved.

 

©Copyright 1999 Netscape Communications Corporation