Complete Contents
About This Guide
Chapter 1
Introduction to iPlanet Web Server
Chapter 2
Administrating iPlanet Web Servers
Chapter 3
Setting Administration Preferences
Chapter 4
Managing Users and Groups
Chapter 5
Working with Server Security
Chapter 6
Managing Server Clusters
Chapter 7
Configuring Server Preferences
Chapter 8
Understanding Log Files
Chapter 9
Using SNMP to Monitor Servers
Chapter 10
Configuring the Server for Performance
Chapter 11
Extending Your Server with Programs
Chapter 12
Working with Configuration Styles
Chapter 13
Managing Server Content
Chapter 14
Controlling Access to Your Server
Chapter 15
Configuring Web Publishing
Chapter 16
Using Search
Appendix A
HyperText Transfer Protocol
Appendix B
ACL File Syntax
Appendix C
Internationalized iPlanet Web Server
Appendix D
Server Extensions for Microsoft FrontPage
Appendix E
iPlanet Web Server User Interface
Glossary
Index
Contents
Index
Bookshelf
Contents
About This Guide
What's In This Guide?
How This Guide Is Organized
Server Basics
Using the Administration Server
Configuring and Monitoring
Using Programs and Objects
Managing Content and Access
Appendixes
Conventions Used In This Guide
Using the iPlanet Web Server Documentation
Further Reading
Contacting Technical Support
Part 1
Server Basics
Chapter 1
Introduction to iPlanet Web Server
iPlanet Web Server
iPlanet Web Server Features
Administering and Managing iPlanet Web Servers
iPlanet Web Server Architecture
Content Engines
Server Extensions
Runtime Environments
Application Services
How iPlanet Web Server is Configured
iPlanet Web Server Component Options
iPlanet Web Server Configuration Files
Single-Server Configuration
All Platforms
Unix and Linux Platforms
Multiple-Server Configuration
Administration Server
Server Manager
Accessing the Server Manager
Using the Resource Picker
Wildcards Used in the Resource Picker
Netscape Console
Sending Error Information
Details on Data Collected by the Quality Feedback Agent
Using the Quality Feedback Agent
Editing master.ini
Editing magnus.conf
Chapter 2
Administering iPlanet Web Servers
Accessing the Administration Server
Unix/Linux Platforms
Windows NT Platforms
Adding a Server: Running Multiple Servers
Hardware Virtual Servers
Configuring Multiple Hardware Virtual Servers on the Same IP Address
Software Virtual Servers
Multiple Server Instances
Installing Multiple Instances of the Server
Removing a Server
Migrating a Server From a Previous Version
Part 2
Using the Administration Server
Chapter 3
Setting Administration Preferences
Shutting Down the Administration Server
Changing Network Settings
Changing the User Account and Password
Changing the Port Number
Changing the Superuser Settings
Enabling Distributed Administration
Configuring Secure Sockets Layer (SSL)
Activating SSL
Setting Encryption Preferences
Setting Stronger Ciphers
Specifying Log File Options
Viewing the Access Log File
Viewing the Error Log File
Archiving Log Files
Using Cron Controls (Unix/Linux)
Configuring Directory Services
Restricting Server Access
Chapter 4
Managing Users and Groups
About Users and Groups
Creating Users
Guidelines for Creating User Entries
How to Create a New User Entry
Directory Server User Entries
Managing Users
Finding User Information
Building Custom Search Queries
Search Attribute Options
Search Type Options
Editing User Information
Managing a User's Password
Managing User Licenses
Renaming Users
Removing Users
Creating Groups
Static Groups
Guidelines for Creating Static Groups
To Create a Static Group
Dynamic Groups
How iPlanet Web Server Implements Dynamic Groups
Groups Can Be Static and Dynamic
Dynamic Group Impact on Server Performance
Guidelines for Creating Dynamic Groups
To Create a Dynamic Group
Managing Groups
Finding Group Entries
The "Find all groups whose" Field
Editing Group Attributes
Adding Group Members
Adding Groups to the Group Members List
Removing Entries from the Group Members List
Managing Owners
Managing See Alsos
Removing Groups
Renaming Groups
Creating Organizational Units
Managing Organizational Units
Finding Organizational Units
The "Find all units whose" Field
Editing Organizational Unit Attributes
Renaming Organizational Units
Deleting Organizational Units
Managing a Preferred Language List
Chapter 5
Working with Server Security
About iPlanet Web Server Security
Encryption
SSL Protocol
FORTEZZA Encryption
FIPS-140 Compliance
Certificates
Client and Server Authentication
How iPlanet Web Server Uses Certificates to Authenticate Users
Configuring iPlanet Web Server for SSL
Creating a New Server Instance
Creating a Certificate Trust Database
Requesting a Certificate
Required CA Information
Installing and Managing Certificates and Certificate Lists
Installing Certificates
Managing Certificates
Managing Certificate Lists
Obtaining a CRL or CKL
Adding a CRL or CKL to the Trust Database
Managing CRLs
Using Secure Sockets Layer (SSL)
Activating SSL
Specifying Ciphers
Setting Security (SSL) Preferences
Adding a PKCS#11Module
Guidelines for Installing a PKCS#11 Module
To Import a PKCS#11 Module
Adding a FORTEZZA PKCS#11 Module
Using SSL Configuration File Directives
Security
SSL2
SSL3
Ciphers
SSL3Ciphers
SSL3SessionTimeout
SSLCacheEntries
SSLClientAuth
SSLSessionTimeout
Using Client Certificates
Mapping Client Certificates to LDAP
Using the certmap.conf File
Creating Custom Properties
Example Mappings
Changing the Trust Database/Key Pair File Password
Migrating Enterprise Server 3.x Certificates
Additional Server Security Considerations
Limit Physical Access
Limit Administration Access
Choose Good Passwords
Guidelines for Creating Hard-to-Crack Passwords
Secure Your Key-Pair File
Limit Other Applications on the Server
Prevent Clients from Caching SSL Files
Limit Ports
Know Your Server's Limits
Consider Additional Measures for Unprotected Servers
Chapter 6
Managing Server Clusters
About Clusters
Preliminary Guidelines for Using Server Clusters
Setting up a Cluster
Adding a Server to the Server List
Modifying Cluster Information
Removing Servers from a Cluster
Managing Server Clusters
Part 3
Configuring and Monitoring
Chapter 7
Configuring Server Preferences
Starting and Stopping the Server
Setting the Termination Timeout
Restarting the Server (Unix/Linux)
Restarting With Inittab (Unix/Linux)
Restarting With the System RC Scripts (Unix/Linux)
Restarting the Server Manually (Unix/Linux)
Stopping the Server Manually (Unix/Linux)
Restarting the Server (Windows NT)
Using the Automatic Restart Utility (Windows NT)
Viewing Server Settings
Adding and Using Thread Pools
The Native Thread Pool and Generic Thread Pools (Windows NT)
Thread Pools (Unix/Linux)
Editing Thread Pools
Using Thread Pools
Configuring Network Settings
Changing the Server's Location (Unix/Linux)
Changing the Server's User Account (Unix/Linux)
Changing the Server's User Account (Windows NT)
Changing the Server Name
Changing the Server Port Number
Changing the Server Binding Address
Changing the Server's MTA Host
Customizing Error Responses
Working with Dynamic Configuration Files
Using
.htaccess
Files
Activating
.htaccess
checking
Using
.nsconfig
Files
Restricting Symbolic Links (Unix/Linux)
Using the Watchdog
(uxwdog)
Process (Unix/Linux)
Chapter 8
Understanding Log Files
About Log Files
Viewing an Access Log File
Viewing the Error Log File
Monitoring the Server Using HTTP
Archiving Log Files
Internal-daemon Log Rotation
Cron-based Log Rotation
Setting Log Preferences
Easy Cookie Logging
Relaxed Logging
Flushing the Log Buffer
Running the Log Analyzer
Using Performance Monitor (Windows NT)
Viewing Events (Windows NT)
Chapter 9
Using SNMP to Monitor Servers
SNMP Basics
SNMP Subagent
SNMP Master Agent
How SNMP Works
Netscape/iPlanet MIBs
The iPlanet Web Server MIB
Types of SNMP Messages
The iPlanet Web Server MIB
Setting Up SNMP
Using a Proxy SNMP Agent (Unix/Linux)
Installing the Proxy SNMP Agent
Starting the Proxy SNMP Agent
Restarting the Native SNMP Daemon
Reconfiguring the SNMP Native Agent
Installing the SNMP Master Agent
Enabling and Starting the SNMP Master Agent
Manually Configuring the SNMP Master Agent
Editing the Master Agent CONFIG File
Defining
sysContact
and
sysLocation
Variables
Configuring the SNMP Master Agent
Starting the SNMP Master Agent
Manually Starting the SNMP Master Agent
Starting the SNMP Master Agent Using the Administration Server
Configuring the SNMP Master Agent
Configuring the Community String
Configuring Trap Destinations
Enabling the Subagent
Chapter 10
Configuring the Server for Performance
About Server Performance
Performance Issues
Monitoring Performance
The
perfdump
Utility
Sample Output
Using
perfdump
Statistics to Tune Your Server
Listen Socket Information (Listen Queue)
Tuning
Address
ActiveThreads
WaitingThreads
BusyThreads
Thread limits <min/max>
KeepAlive Information
KeepAliveCount <KeepAliveCount/KeepAliveMaxCount>
KeepAliveHits
KeepAliveFlushes
KeepAliveTimeout
Cache Information
enabled
CacheEntries <CurrentCacheEntries / MaxCacheEntries>
CacheSize <CurrentCacheSize / MaxCacheSize>
Hit Ratio <CacheHits / CacheLookups (Ratio)>
pollInterval
DNS Cache Information
enabled
CacheEntries <CurrentCacheEntries / MaxCacheEntries>
HitRatio <CacheHits / CacheLookups (Ratio)>
Native Thread Pools
Additional Thread Pools
Idle/Peak/Limit
Work queue length/Limit
Peak work queue length
Work queue rejections
PostThreadsEarly
Native Thread Pool Size
Busy Functions
Asynchronous DNS Lookup (Unix/Linux)
Enable Asynchronous DNS to avoid Multiple Thread Serialization
Caching DNS Entries
Limit DNS Lookups to Asynchronous
enabled
NameLookups
AddrLookups
LookupsInProgress
Performance Buckets
Configuration
Performance Report
File and Accelerator Caches
Configuring the Accelerator Cache
Using the Reaper Parameters
Configuring the File Cache
Configuring
nsfc.conf
Using the
nocache
Parameter
File Cache Dynamic Control and Monitoring
Unix/Linux Platform-Specific Issues
Tuning Solaris for Performance Benchmarking
Tuning HP-UX for Performance Benchmarking
Miscellaneous magnus.conf Directives
Multi-process Mode
Accept Thread Information
Accept Timeout Information
CGIStub Processes (Unix/Linux)
Buffer Size
Strict HTTP Header Checking
About
RqThrottle
(Maximum Simultaneous Connections)
Miscellaneous
obj.conf
Parameters
find-pathinfo-forward
nostat
Tuning the ACL Cache
Using
magnus.conf
Directives
ACLCacheLifetime
ACLUserCacheSize
ACLGroupCacheSize
Verifying Settings Using LogVerbose
Common Performance Problems
Low-Memory Situations
Under-Throttled Server
Checking
Tuning
Cache Not Utilized
Checking
Tuning
KeepAlive Connections Flushed
Checking
Tuning
Log File Modes
Using Local Variables
Improving Servlet Performance
Sizing Issues
Processors
Memory
Drive Space
Networking
Part 4
Using Programs and Objects
Chapter 11
Extending Your Server With Programs
Overview of Server-Side Programs
Types of Server-Side Applications That Run on the Server
How Server-Side Applications Are Installed on the Server
Java Servlets and JavaServer Pages (JSP)
Overview of Servlets and JavaServer Pages
What the Server Needs to Run Servlets and JSPs
Enabling Servlets and JSP
Making JSPs Available to Clients
Making Servlets Available to Clients
Specifying Servlet Directories
Configuring Global Attributes
Configuring Servlet Attributes
Configuring Servlet Virtual Path Translations
Configuring JRE/JDK Paths
Configuring JVM Attributes
Deleting Version Files
Installing CGI Programs
Overview of CGI
Specifying a CGI Directory
Configuring a Unique CGI Directory for Each Software Virtual Server
Specifying CGI as a File Type
Downloading Executable Files
Installing Windows NT CGI Programs
Overview of Windows NT CGI Programs
Specifying a Windows NT CGI Directory
Specifying Windows NT CGI as a File Type
Installing Shell CGI Programs for Windows NT
Overview of Shell CGI Programs for Windows NT
Specifying a Shell CGI Directory (Windows NT)
Specifying Shell CGI as a File Type (Windows NT)
Using the Query Handler
Server-Side JavaScript Programs
Activating Server-Side JavaScript
Running the Application Manager
Securing the Application Manager
Installing Server-Side JavaScript Applications
Application URLs
Controlling Access to a Server-Side JavaScript Application
Modifying Installation Parameters
Removing a Server-Side JavaScript Application
Starting, Stopping, and Restarting a Server-Side JavaScript Application
Running a Server-Side JavaScript Application
Configuring Default Settings
Enabling WAI Services
Chapter 12
Working With Configuration Styles
Creating a Configuration Style
Removing a Configuration Style
Editing a Configuration Style
Assigning a Configuration Style
Listing Configuration Style Assignments
Part 5
Managing Content and Access
Chapter 13
Managing Server Content
Changing the Primary Document Directory
Setting Additional Document Directories
Customizing User Public Information Directories (Unix/Linux)
Restricting Content Publication
Loading the Entire Password File on Startup
Using Configuration Styles
Enabling Remote File Manipulation
Configuring Document Preferences
Entering an Index Filename
Selecting Directory Indexing
Specifying a Server Home Page
Specifying a Default MIME Type
Parsing the Accept Language Header
Setting Up Hardware Virtual Servers
Setting Up Hardware Virtual Servers for ISPs
To Set Up Hardware Virtual Servers For an ISP
To Edit a Server Instance
To Remove a Server Instance
Migrating Hardware Virtual Server Configuration Files
Setting up Software Virtual Servers
Adding a Doc Root for Software Virtual Servers
Changing the Character Set
Chapter 14
Controlling Access to Your Server
What Is Access Control?
Setting ACL User Cache Time
User-Group Authentication
Username and Password Authentication
Client Certificate Authentication
Host-IP Authentication
Access Control Files
How Access Control Works
Restricting Access to Your Web Site
Setting Access Control Actions
Specifying Users and Groups
Specifying Host Names and IP Addresses
Setting Access Rights
Access to Programs
Writing Customized Expressions
Selecting "Access control on"
Responding When Access is Denied
Access Control Examples
Restricting Access to the Entire Server
Restricting Access to a Directory (Path)
Restricting Access to a URI (Path)
Restricting Access to a File Type
Restricting Access Based on Time of Day
Access Control For Web Publishing
Ownership of Files and Folders
Chapter 15
Configuring Web Publishing
Using Netshare
Setting Up the Server and Creating Netshare Home Directories
Before You Start
Server Features That Must Be Enabled
Netshare Directory Naming Conventions
The Netshare Configuration File
Marking Users As Licensed
Access Control For Netshare
Using the Server Manager
The Set Up Netshare Page
The Create Netshare Page
Accessing the Web Publisher Home Page
Setting Access Control For Web Publisher Owners
Indexing and Updating Properties
Changing the Web Publishing State
Maintaining Web Publishing Data
Unlocking Files
Adding Custom Properties
Managing Properties
Customizing Your Netshare Home Page
Customizing the Web Publisher User Interface
The Web Publisher Attributes
The Web Publisher Pattern Files
Pointing Pattern Variables
Conditional Variables
Chapter 16
Using Search
About Search
Configuring Text Search
Controlling Search Access
Mapping URLs
Deciding Which Words Not to Search
Turning Search On or Off
Configuring the Search Parameters
Configuring Your Pattern Files
Configuring Manually
The Configuration Files
Adjusting the Maximum Number of Attributes
Restricting Memory for Indexing
Restricting Your Index File Size
Removing Access to the Web Publishing Collection
Indexing Your Documents
About Collections
About Collection Attributes
Creating a New Collection
Configuring a Collection
Updating a Collection
Maintaining a Collection
Scheduling Regular Maintenance
Unscheduling Collection Maintenance
Performing a Search: The Basics
Search Home Page
A Search Query
Guided Search
Advanced Search
The Search Results
Listing Matched Documents
Sorting the Results
Displaying a Highlighted Document
Displaying Collection Contents
Using the Query Operators
Default Assumptions
Search Rules
Angle Brackets
Combining Operators
Using Query Operators as Search Words
Canceling Stemming
Modifying Operators
Determining Which Operators To Use
Using Wildcards
Non-alphanumeric Characters
Wildcards as Literals
Customizing the Search Interface
Dynamically Generated Headers and Footers
HTML Pattern Files
Search Function Syntax
URL Encodings
Required Search Arguments
Using Pattern Variables
User-defined Pattern Variables
Configuration File Variables
Macros and Generated Pattern Variables
Part 6
Appendixes
Appendix A
HyperText Transfer Protocol
About HyperText Transfer Protocol (HTTP)
Requests
Request Method
Request Header
Request Data
Responses
Status Code
Response Header
Response Data
Appendix B
ACL File Syntax
ACL File Syntax
Authentication Statements
Authorization Statements
Hierarchy of Authorization Statements
Attribute Expressions
Operators For Expressions
The Default ACL File
General Syntax Items
Referencing ACL Files in obj.conf
Appendix C
Internationalized iPlanet Web Server
General Information
Installing the Server
Entering 8-bit Text
File or Directory Names
LDAP Users and Groups
Using the Accept Language Header
Language Settings in Configuration Files
Server-side JavaScript Information
Specifying the Character Set for the Compiler
Specifying the Character Set With the
<META>
Tag
Using Server-side Javascript With Oracle's Japanese Database
Installing Oracle and Setting Up Your Environment
Verifying the Connection
Verifying the Language Setup
Putting the Oracle Client and Database Server On Separate Hosts
Search Information
International Search and Auto Catalog
Searching in Chinese, Japanese, and Korean
Query Operators
Document Formats
Searching in Japanese
Getting Support for Accented Characters in Filenames
Appendix D
Server Extensions for Microsoft FrontPage
Overview
Types of FrontPage Webs
Domain Names And FrontPage Webs
Security Issues
Downloading the Extensions
Space Requirements
Preliminary Tasks
Some Additional Considerations
Installing FrontPage Server Extensions
Installing FrontPage Server Extensions on Windows NT Systems
Installing FrontPage97 Server Extensions on Unix/Linux Systems
Installing FrontPage98 Server Extensions on Unix/Linux Systems
Installing FrontPage2000 Server Extensions on Unix/Linux Systems
Further Information
Appendix E
iPlanet Web Server User Interface
Administration Server
The Servers Tab
The Manage Servers Page
The Add Server Page
The Remove Server Page
Remove Server
The Migrate Server Page
Migrate Server
Installed Servers
The Migration Parameters Page
General Migration Parameters
Users and Groups
Keys and Certificates
Document Root
Web Publishing
Search Collections
Search Pattern Files
The Preferences Tab
The Shut Down Page
The Network Settings Page
The Superuser Access Control Page
The Distributed Administration Page
The Encryption On/Off Page
The Encryption Preferences Page
The Logging Options Page
The View Access Log Page
The View Error Log Page (Administration Server)
The Global Settings Tab
The Configure Directory Service Page
The Restrict Access Page
The Edit Access Control Page (Administration Server)
Upper Frame
Lower Frame
Allow/Deny
User/Group
From Host
Programs
Customized Expressions
Access Denied Response
The NS Cron Control Page (Unix/Linux)
The Configure JRE/JDK Paths Page
The Community Strings Page (Unix/Linux)
The Manager Entries Page (Unix/Linux)
The SNMP Master Agent Control Page (Unix/Linux)
The Users & Groups Tab
The New User Page
The Edit Users Page
General
Password
License
The Manage Users Page
The New Group Page
The Edit Groups Page
The Edit Members Page
The Group Cert Members Page
The Manage Groups Page
The New Organizational Unit Page
The Manage Organizational Units Page
The Edit Organizational Unit Page
The Manage Preferred Language List Page
The Security Tab
The Create a Trust Database Page
The Request a Server Certificate Page
The Install a Server Certificate Page
The Change the Key Pair File Password Page
The Manage Server Certificates Page (Administration Server)
The Install a Certificate Revocation List
The Manage Certificate Revocation Lists
The Install a New PKCS#11 Module Page
The Migrate a 3.x Cert Page
The Cluster Management Tab
The Cluster Control Page
The Add Remote Servers to Cluster Database Page
The Modify Server Settings in Cluster Database Page
The Remove Servers from Cluster Database Page
Server Manager
The Preferences Tab
The Server On/Off Page
The View Server Settings Page
The Restore Configuration Page
The Performance Tuning Page
The Native Thread Pool Page (NT)
The Generic Thread Pools Page (NT)
The Thread Pools Page (Unix/Linux)
The Global MIME Types Page
The Network Settings Page
The Custom Error Responses Page
The Dynamic Configuration Files Page
The Limit Symbolic Links Page (Unix/Linux)
The Access Control List Management Page
Pick a Resource
Pick an Existing ACL
Type in the ACL Name
The Edit Access Control Page
Upper Frame
Lower Frame
Allow/Deny
User/Group
From Host
Rights
Customized Expressions
Access Deny Response
The Encryption On/Off Page
The Encryption Preferences Page
The Enforce Strong Security Requirements Page
The Programs Tab
The CGI Directory Page
The CGI as a File Type Page
The Query Handler Page
The WAI Administration Page
The WINCGI Directory Page (Windows NT)
The Shell CGI Directory Page (Windows NT)
The Activate Server-Side JavaScript Page
The Information for "JavaScript" Page
The Modify "JavaScript" Page
The Add Application Page
The Default Values When Adding Applications Page
The Servlets Tab
The Enable Servlets/JSP Page
The Servlet Directory Page
The Legacy JSP Directory Page
The Configure Global Attributes for Servlets Page
The Configure Servlet Attributes Page
The Configure Servlet Virtual Path Translation Page
The Configure JVM Attributes Page
The Delete Version Files Page
The Security Tab
The Create a Trust Database Page
The Request a Server Certificate Page
The Install a Server Certificate Page
The Change the Key Pair File Password Page
The Manage Server Certificates Page
The Migrate a 3.x Cert Page
The Status Tab
The View Access Log Page
The View Error Log Page
The Monitor Current Activity Page
The Archive Log Files Page
The Log Preferences Page
The Generate Report Page
The SNMP Configuration Page
The SNMP Subagent Control Page (Unix/Linux)
The Styles Tab
The Create a New Style Page
The Remove a Style Page
The Edit a Style Page
The Assign a Style Page
The List Assignments Page
The Content Management Tab
The Primary Document Directory Page
The Additional Document Directories Page
The User Document Directories Page (Unix/Linux)
The File Manipulation Page
The Document Preferences Page
The URL Forwarding Page
Add Another Forward
Current Forwarding
The Hardware Virtual Servers Page
The Software Virtual Servers Page
The International Characters Page
The Document Footer Page
The Parse HTML Page
The Cache Control Directives Page
The Web Publishing Tab
The Set Up Netshare Page
The Create Netshare Page
The Web Publishing State Page
The Choose Web Publishing Language Page
The Maintain Web Publishing Data Page
The Unlock File Page
The Add Custom Property Page
The Manage Properties Page
The Index and Update Properties Page
Define Scope of Indexing
Set Properties To
The Search Tab
The Search State Page
The Create a Collection Page
The Configure Collection Page
Pattern Files for Displaying the Search Results
Pattern File for Displaying the Highlighted Document
The Update Collection Page
The Maintain Collection Page
The Schedule Collection Maintenance Page
The Remove Scheduled Collection Maintenance Page
The Search Configuration Page
The Search Pattern Files Page
Glossary
Index
© Copyright © 2000 Sun Microsystems, Inc. Some preexisting portions Copyright © 2000 Netscape Communications Corp. All rights reserved.