| Previous Contents Index Next |
| iPlanet Web Server, Enterprise Edition Administrator's Guide |
The Preferences Tab
The Preferences tab contains the following pages:
The Shut Down Page
The Superuser Access Control Page
The Shut Down Page
The Shut Down page allows you to stop the Administration Server. To start the server again, restart the service or use the icon in the program manager for Windows NT, or type ./start from the server_root/servertype-admserv directory for Unix/Linux.The following element is displayed:
Shut Down the Administration Server. Shuts down the Administration Server.
The Edit Listen Sockets Page
Before the server can process a request, it must accept the request via a listen socket, then direct the request to the correct connection group and virtual server. This page allows you to edit listen socket settings.If you are accessing this page from the Server Manager, see The Edit Listen Sockets Page in the Server Manager section.
For more information, see Editing Listen Socket Settings and Listen Sockets.
The following elements are displayed:
Action. Determines whether a listen socket is being created, edited, or deleted.
ID. The internal name for the listen socket. Used to define the listen socket(s) a virtual server is bound to. You cannot change this name.
IP. The IP address of the listen socket. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, or ANY or INADDR_ANY (all IP addresses). Configuring an SSL listen socket to listen on 0.0.0.0 is required if more than one virtual server is configured to it.
Port. The port number to create the listen socket on. Legal values are 1 - 65535. On Unix, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL listen socket to listen on port 443 is recommended.
Security. Turns security on for the listen socket selected.
Once Security is turned on, the Attributes link will appear. Clicking the Attributes link will take you to The Security Settings of Listen Socket Page. Security must be turned on before security settings can be enabled. If security is on for a listen socket configured with more than one virtual server, the listen socket must have IP address of 0.0.0.0 and the non-default virtual servers configured to it must have IP addresses.
Turing on SSL for a listen socket turns on the security setting in magnus.conf. For more information, see the NSAPI Programmer's Guide.
Acceptors. The number of acceptor threads for the listen socket. The recommended value is the number of processors in the machine. The default is 1, legal values are 1 - 1024.
Advanced. Click the Groups button to bring up a page where you can specify connection group settings.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Connection Group Settings Page
Each listen socket has at least one connection group associated with it. This page allows you to edit the settings for each group.If you are accessing this page from the Server Manager, see The Connection Group Settings Page in the Server Manager section.
For more information, see Connection Groups.
The following elements are displayed:
Option. Edit or delete the existing connection group, or add a new one. You can only add new connection groups if the listen socket's IP address is ANY or 0.0.0.0. You cannot delete the default connection group.
IP. The IP address of the connection group. To associate a particular virtual server with a particular IP address, enter the address here and the virtual server in the Default VS field. If the IP field is set to default, the virtual server associated with the default IP is the one displayed if the request does not use another specific IP address named in other connection groups. If the listen socket itself has a specific IP address, you only have the default IP connection group. For more information, see Virtual Server Selection for Request Processing.
Servername. The server name to put in the host name section of any URLs the server sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.
Default VS. The default virtual server for this connection group. The list contains all available virtual servers in the Administration Server. The useradmin virtual server is for making individual virtual server information available to end users. For more information, see Allowing Users to Monitor Individual Virtual Servers.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Quit. Takes you back to the previous page.
The Security Settings of Listen Socket Page
The Security Settings of Listen Socket Page allows you to set security for each listen socket. For more information, see Setting Security Preferences.If you have an external module installed you will be warned to only do this on your local machine. You will need to enter the password for the external module and click OK for the external module to be made accessible for management.
The following elements are displayed:
IP. Specifies the IP address of the listen socket.
CertificateName. Allows you to select an installed certificate from the drop-down list to use for this listen socket.
Client Auth. Allows you to require client authentication on this listen socket. Click the Off link to turn client authentication on.
Ciphers. Allows you to select which cipher suites this listen socket will use: SSL2 or SSL3/TLS. Clicking on the SSL2 or SSL3/TLS links will take you to The Security Features Page.
Default. Clicking the Cipher Default link enables the default ciphers for this listen socket.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Security Features Page
Either the SSL2 Encryption or the SSL3/TLS Encryption page will be displayed based on which link you clicked. For more information, see Setting Security Preferences.The following elements are displayed:
Allow. Allows you to select the SSL version by checking or unchecking the boxes. The default versions will already be checked for you.
The following elements are displayed:
SSL ciphers. Lists all of the various ciphers within this suite. You may select the ciphers you wish to enable for the listen socket you are editing by checking or unchecking the boxes. The default versions will already be checked for you.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Quit. Takes you back to the previous page.
The Server Settings Page
On Unix/Linux systems, you can use the Server Settings page to change the Administration Server user name.The following elements are displayed:
Admin Server User. Specifies the user name under which the server runs. The server user should have restricted access to your system resources. You can often use a user named nobody in this situation. On some systems, however, nobody is not a valid user name. You may not want to give the user nobody group access to all files. If you do not use nobody, create a new Unix/Linux user, such as adm, to be the server user.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Superuser Access Control Page
The Superuser Access Control page allows you to configure superuser access for the Administration Server. These settings affect only the superuser account. If the Administration Server uses distributed administration, you must set up access control for the administrators.For more information, see Changing the Superuser Settings.
The following elements are displayed:
Hostnames to allow. Allows the specified host name to access the Administration Server. You can use wildcard patterns to match multiple systems in a domain. For example, *iplanet.com matches a.iplanet.com and a.corp.iplanet.com. You can list multiple hosts by separating them with commas. Using host names is flexible; if a system's IP address changes, you will not need to update the server.
IP Addresses to allow. Specifies the IP address to match any host not explicitly defined. The access control for the most complete match will be used. You can also type wildcard patterns. For example, 198.95.* matches 198.95.11.6 and 198.95.11.2. You can separate IP addresses by using commas. Using IP addresses is reliable; if a DNS lookup fails for the connected client, host name restriction cannot be used.
Authentication user name. Specifies the user name of the "superuser" server administrator. (This is the user name you entered during installation.) Only this user name can be used to log in to the Administration Server. This information is stored in the admpw file.See Changing the Superuser Settings for more information.
Authentication Password. Specifies the password of the administrator. The password can have up to 8 characters and can include any character other than control characters. If you leave the password field blank, the password remains unchanged.
Authentication Password (again). Confirms the password specified in the Authentication Password field. If what you enter is different from what you entered in the Password field, you will be prompted to try again.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Distributed Administration Page
The Distributed Administration page allows you to configure your servers to let multiple administrators change specific parts of the server.For more information, see Allowing Multiple Administrators.
The following elements are displayed:
Activate Distributed Administration. Enables distributed administration.
Administrator Group. Allows the specified group of administrators to bypass the Administration Server and go directly to the Server Manager for a specific server. Users in the administrator group have full access to the Administration Server, but this access can limited using access control. A user in the administrator group can make changes that affect other users, such as adding users or changing access control.
Allow End User Access. Allows end-users to see a limited set of pages. This allows users to access the Administration Server using the same URL that administrators do, with the limitation that users only see a single page containing their own user information. End-users can then change their own passwords or update any other information stored in their own entry in the user database.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The Logging Options Page
If you are accessing this page from the Server Manager, see The Log Preferences Page in the Server Manager section.The Log Preferences page allows you to specify what information is recorded in the Administration Server logs. Server log files can help you monitor the server's activity and troubleshoot problems.
For more information, see Setting Log Preferences.
The following elements are displayed:
Editing. Specifies a resource to which custom logging is applied. If you choose a directory, custom logging applies only when the server receives a URL for that directory or any file in that directory.
Browse. Allows you to browse your file system.
Wildcard. Specifies a wildcard pattern. For information on using wildcard patterns, see Wildcards Used in the Resource Picker.
Log client accesses. Specifies whether to include client accesses in your log files.
Log File. Specifies the absolute path for the access log file. As a default, the log files are kept in the logs directory in the server root. If you specify a partial path, the server assumes the path is relative to the logs directory in the server root.
Record. Specifies whether the server should record domain names or IP addresses of the systems accessing the server in the access log.
Format. Specifies which type of log file format to use in the access log. You can select from the following:
Use Common Logfile Format. Includes client's host name, authenticated user name, date and time of request, HTTP header, status code returned to the client, and content length of the document sent to the client, or
Custom format. Allows you to create a customized format for your access log. For a list of customizable format parameters, see the NSAPI Programmer's Guide.Only log. Allows you to choose which information will be logged. You can choose from the following items:
Client hostname. The hostname (or IP address if DNS is disabled) of the client requesting access.
Authenticate user name. The authenticated user name listed in the access log if authentication was required.
System date. The date and time of the client request.
Full request. The exact request the client made.
Status. The status code the server returned to the client.
Content length. The content length, in bytes, of the document sent to the client.
HTTP header, "referer". The referer specifies the page from which the client accessed the current page. For example, if a user was looking at the results from a text search query, the referer would be the page from which the user accessed the text search engine. Referers allow the server to create a list of backtracked links.
HTTP header, "user-agent". The user-agent information—which includes the type of browser the client is using, its version, and the operating system it's running on—comes from the User-agent field in the HTTP header information the client sends to the server.
Method. The HTTP request method used (GET, PUT, POST, etc.).
URI. The Universal Resource Identifier. The location of a resource on the server. For example, for http://www.a.com:8080/special/docs, the URI is special/docs.
Query string of the URI. The text after the question mark in a URI. For example, for
http://www.a.com:8080/special/docs?find_this, the query string of the URI is find_this.Protocol. The transport protocol and version used.
OK. Displays the log entries in the lower section of this page.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
The View Access Log Page
If you are accessing this page from the Server Manager, see The View Access Log Page in the Server Manager section.If you are accessing this page from the Virtual Server Manager, see View Access Log Page in the Virtual Server Manager section.
The View Access Log page allows you to configure a customized view of the information about requests to the server and the responses from the server.
For more information, see the following sections:
About Log Files
The following elements are displayed:Number of entries. Specifies the number of entries to retrieve (starting with the most recent).
Only show entries with. Specifies a string or a character to filter the log entries. Case is important; the case of the string or character specified in this field must match the case of the entry in the access log. For example, if you want to see only access log entries that contain POST, type "POST."
OK. Displays the log entries in the lower section of this page.
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Last number accesses to access. Displays the access log entries with the parameters specified in the upper section of this page.
The View Error Log Page
If you are accessing this page from the Server Manager, see The View Error Log Page in the Server Manager section.If you are accessing this page from the Virtual Server Manager, see The View Error Log Page in the Virtual Server Manager section.
The View Error Log allows you to configure a customized view of the errors the server has encountered as well as the informational messages about the server, such as when the server was started and who has tried unsuccessfully to log in to the server.
For more information, see the following sections:
About Log Files
The following elements are displayed:Number of errors to view. Specifies the number of entries to retrieve (starting with the most recent).
Only show entries with. Specifies a string or a character to filter the log entries. Case is important; the case of the string or character specified in this field must match the case of the entry in the error log. For example, if you want to see only those error messages that contain warning, type "warning."
OK. Displays the log entries in the lower section of this page
Reset. Erases your changes and resets the elements in the page to the values they contained before your changes.
Last number errors. Displays the error log entries with the parameters specified in the upper section of this page.
Previous Contents Index Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated May 09, 2002