iPlanet Delegated Administrator for Messaging and Collaboration 1.1 Installation and Administration Guide: Chapter 3 Administering the iPlanet Delegated Administrator

Previous Contents Index DocHome Next

iPlanet Delegated Administrator for Messaging and Collaboration 1.1 Installation and Administration Guide

Chapter 3 Administering the iPlanet Delegated Administrator

This chapter includes the following sections:

"Uninstalling Delegated Administrator"

"Changing the iPlanet Delegated Administrator Privileged User Password"

"Changing the LDAP Server and Port"

"Changing the Messaging Server Host or Administration Server Port"

"Restarting the iPlanet Delegated Administrator Web Server"

"Adding Single Sign-on"

"Adding Secure Socket Layer"

"Changing the Input Validation Servlets"

Uninstalling Delegated Administrator

When you run the uninstall program, the following occurs:

All Delegated Administrator binaries are removed.

The web server configuration reverts to the way it was before Delegated Administrator was installed.

The web server is restarted.

All Delegated Administrator files that were generated after initial installation remain on your computer system.

All data that was added to the directory when Delegated Administrator was installed, and any data that was added subsequently, remains in the directory.

To uninstall Delegated Administrator, run the uninstall program:

Both Directory Server and Web Server should be installed and running when you uninstall Delegated Administrator.

In Unix, cd to the install directory and enter ./uninstall

For Windows NT, execute the uninst.exe program.

Changing the iPlanet Delegated Administrator Privileged User Password

During installation, a privileged user (DN: cn=NDAUser, ou=config,o=<root of Org Tree) is created in the directory. This user is employed by the Delegated Administrator to bind to the directory in order to do anonymous searches. A default password (auth) is also created for this user. If you want to change the password, you'll need to change it as described below.

Go to the directory where the file resource.properties is stored:

DelegatedAdmin_root/nda/classes/netscape/nda/servlet/

In the file resource.properties, change the password for the following entry:

NDABasicAuth-uidrespw=auth

Be sure that only authorized personnel have access to this password!

Use ldapmodify to change the password for the NDAUser entry. In the directory DirectoryServer_root/shared/bin, enter the following:

ldapmodify -h host_name -p port_number -D "cn=directory manager" -w password

At the prompt, enter the following:

dn: uid=NDAUser, ou=config, o=base_suffix
changetype: modify
replace: userpassword
userpassword: newpassword

To complete the command:

On Unix, enter <Ctrl-D>.

On Windows NT, enter <Ctrl-Z>.

Restart Web Server.

Changing the LDAP Server and Port

If you change the LDAP Server host or port to which the iPlanet Delegated Administrator points (specified during the iPlanet Delegated Administrator installation, see "Install Screen 7—LDAP Server Host & Port"), modify the attributes LDAPDatabaseInterface-ldaphost and LDAPDatabaseInterface-ldapport as required. The attributes are located in the file resource.properties at
DelegatedAdmin_root/nda/classes/netscape/nda/servlet/

Changing the Messaging Server Host or Administration Server Port

If you change the Messaging Server host or the Administration Server port which the iPlanet Delegated Administrator supports (specified during Messaging Server installation), modify the attributes MsgSvr0-name (host name) and MsgSvr0-adminurl (Administration Server URL) as required. The attributes are located in the file resource.properties at
DelegatedAdmin_root/nda/classes/netscape/nda/servlet/

Restarting the iPlanet Delegated Administrator Web Server

If the iPlanet Delegated Administrator Web Server process hangs, stop and start it by executing the following commands:
root_of_web_server/https-fully-qualified_machine_name/stop
root_of_we_server/https-fully-qualified_machine_name/start
Example:
/export/servers/enterpriseserver/https-red.iplanet.com/stop
/export/servers/enterpriseserver/https-red.iplanet.com/start

Adding Single Sign-on

To enable single sign-on for iPlanet Delegated Administrator for Messaging and Collaboration 1.1 refer to Chapter 2 of the iPlanet Messaging Server Administrator's Guide.

Adding Secure Socket Layer

To configure the iPlanet Delegated Administrator to use SSL-based connections, refer to Secure Sockets Layer (SSL) section in Chapter 4 of the iPlanet Delegated Administrator 4.5 Deployment and Customization Guide at http://docs.iplanet.com/docs/manuals/deladmin/45/html/04_conf.htm#22559

Adding User Directory Failover

Refer to the User Directory Failover section in Chapter 4 of the iPlanet Delegated Administrator 4.5 Deployment and Customization Guide at http://docs.iplanet.com/docs/manuals/deladmin/45/html/04_conf.htm#27796

Changing the Input Validation Servlets

When data is input to certain attribute fields in the iPlanet Delegated Administrator, a validation servlet or routine may verify that the data is of a specific type such as alphabetic or alpha-numeric before accepting the data.
Some attributes may have validation routines that you may wish to modify. For example, the default validation for the telephone number is numeric-punctuation, and you may wish it to be alpha-numeric-punctuation.
Although these validation routines can be changed or removed, please think carefully before doing this as some routines may be important to the proper functioning of the Delegated Administrator for Messaging.
To change the validation routine for a particular attribute, modify the appropriate attribute/validation pair in the resource.properties file at
DelegatedAdmin_root/nda/classes/netscape/nda/servlet
and restart the web server that supports the Delegated Administration for Messaging binaries.
Each attribute/validation pair has the following format:
validateAttr-attribute=java_servlet
Examples:
validateAttr-givenname=netscape.nda.util.ValAlphaNumericPunctuation
validateAttr-surname=netscape.nda.util.ValAlphaNumericPunctuation
validateAttr-telephonenumber=netscape.nda.util.ValNumericPunctuation
validateAttr-fax=netscape.nda.util.ValTelephone
Depending on the deployment needs, the validation routines can be changed. For example, givenname can be restricted to only alphabetic characters with the following attribute-value pair setting:
validateAttr-givenname=netscape.nda.util.ValAlpha
Validation can also be removed entirely by deleting the line or commenting it out with a hash mark, "#"at the beginning of the line.
The validation routines are as follows:

netscape.nda.util.ValAlpha - tests for valid alphabetic string

netscape.nda.util.ValAlphaNumeric - tests for valid alpha-numeric string

netscape.nda.util.ValAlphaNumericPunctuation - tests for valid alpha-numeric or punctuated string

netscape.nda.util.ValNumericPunctuation - tests for valid numeric or punctuated string

netscape.nda.util.ValPositiveInteger - tests for "0" or positive integer

netscape.nda.util.ValTelephone - tests for a string with numbers or the following punctuation marks: ) ( -
The following validation routines are for internal use only. Lines with these routines should not be modified.
netscape.nda.util.ValAccess
netscape.nda.util.ValBroadcaster
netscape.nda.util.ValBroadcasterPolicy
netscape.nda.util.ValDomain
netscape.nda.util.ValMailAddress
netscape.nda.util.ValMailAutoReplyMode
netscape.nda.util.ValMailDeliveryOption
netscape.nda.util.ValIMSStatus
netscape.nda.util.ValQuota
netscape.nda.util.ValExtendedQuota
netscape.nda.util.ValVacationDate

Previous Contents Index DocHome Next
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.

Last Updated May 11, 2001