|
Installing Netscape Directory
Services for SIMS
|
SIMS 4.0 supports both the Netscape Directory Services (NSDS) 4.1 and the Sun Directory Services 3.1. The NSDS is the preferred directory server to use with SIMS 4.0 in the SPARC/Solaris operating environment.
This chapter provides you with step-by-step instructions that you can use to install NSDS 4.1 and configure it for SIMS 4.0. It also gives you the guidelines to install SIMS 4.0 with NSDS 4.1 and shows the post installation configuration that you may need to perform if you have installed SIMS before installing NSDS.
Topics in this chapter include:
|
|
Overview of the Netscape Directory installation |
|
|
Installing Netscape Directory Services 4.1 |
|
|
Configuring Netscape Directory Services 4.1 |
|
|
Disabling the Netscape Directory Services uid uniqueness |
|
|
Guidelines for installing SIMS with the Netscape Directory |
|
|
Post SIMS installation configuration |
To install Netscape Directory Services 4.1 with SIMS 4.0:
|
1. |
Install Netscape Directory Services 4.1. |
|
2. |
Configure Netscape Directory Services 4.1. |
|
3. |
Disable the NSDS uid Uniqueness. |
Note - You are required to install NSDS before installing SIMS 4.0.
After you install NSDS, read "Guidelines for Installing SIMS with the Netscape Directory" on page 115 for the specific information for which you will be asked by the SIMS installation GUI while installing SIMS with the Netscape Directory.
If, however, you install NSDS after you installed SIMS 4.0, read "Post SIMS Installation Configuration" on page 118 for instructions that you can use to manually configure the Netscape configuration.
To install NSDS 4.1, you must first display the Netscape Directory Server Installation page. While installing NSDS, you may need to accept the default values for all fields, except the following, which you will be using during the SIMS installation:
|
|
Installation Location |
|
|
Computer Name |
|
|
Directory Server Network Port |
|
|
Directory Server Identifier |
|
|
Administrator ID |
|
|
Suffix |
|
|
Directory Manager |
To install NSDS:
|
1. |
Ensure that you have set the DISPLAY variable. |
|
2. |
To install NSDS 4.1, insert the NSDS 4.1 CD-ROM (included in the SIMS 4.0 packaging) into the disk drive. |
|
3. |
Untar the directry.tar file on the NSDS CD into a temporary directory.
% tar -xvf /cdrom/directry_41ue/solaris/directry/directry.tar
|
|
|
4. |
Change to this temporary directory. |
|
5. |
At the command line, execute the setup command as root.
|
This displays the NSDS installation page.
|
6. |
Accept the default values to all the questions asked: |
Note - You need to record the information to the following six questions so that you can use the answers while installing SIMS with NSDS. You may either accept the default values or enter different information. In either case, you must record this data.
|
a. |
Installation Location [/usr/netscape/server4] - The directory path to which the
NSDS files will be copied. You may change this path, otherwise
/usr/netscape/server4 will be the default directory where the NSDS files
will be installed.
|
|
b. |
Computer Name [<hostname>.<domainname>] - The fully qualified domain
name of the directory server on which you are installing the Netscape Directory
Services software. Make a note of this name.
|
|
c. |
Directory Server Network Port [portnumber] - The port number on which the
Netscape Directory server will be running. By default, the LDAP directory should
run on port 389. If this port is being used by another directory server, you will see
a different port number assigned. Make a note of this number.
|
|
|
Directory Server Network Port is the same as the LDAP Port field on the Directory Services Information page of the SIMS installation GUI. |
|
d. |
Directory Server Identifier [hostname] - By default, the host name of the
machine on which you are installing NSDS is appended to the word slapd
(slapd-<hostname>) to create a sub-directory under the Installation Location
directory path (specified in 5.a above), where the NSDS files will be installed. For
example, /usr/netscape/server/slapd-<hostname> will be an instance
name of this directory path. You may change hostname to any name.
|
|
e. |
Administrator ID (admin) - Either accept the default (admin) or enter another
name. Enter a password for this administrator as well. You will be using the
Administrator ID later to log into the Netscape Console that will be explained
later in this chapter.
|
|
f. |
Suffix - The Directory Component (DC) tree root. Enter o=internet instead of
accepting the default value if you are using the SIMS DC tree with the default
value internet. Suffix is the same as the Domain Component Tree Root field that
appears on the first configuration page of the SIMS installation GUI. Make a note
of this entry.
|
|
g. |
Directory Manager - The directory administrator name. Either accept the default
value or change to another name. Enter a password for this administrator. This
password must be at least eight characters. For example, you may enter
nssecret. Make a note of this entry.
|
|
|
Directory Manger is the same as Directory Administrator Name that appears on the first configuration page of the SIMS installation GUI. |
You have now installed NSDS 4.1. The next step is to configure your Netscape configuration files.
To configure your Netscape Directory, you need to:
|
|
Copy the SIMS configurations files to the NSDS configuration directory. |
|
|
Append the SIMS indexes to the NSDS configuration file. |
To configure NSDS:
|
1. |
Copy the SIMS 4.0 schema files to the NSDS configuration directory.
# cp /cdrom/sun_internet_mail_4_0/nsschema/sims*.conf
/usr/netscape/server4/slapd-<hostname>/config
|
|
|
|
slapd-<hostname> is an instance name assigned to this directory name. |
|
2. |
Stop the Netscape Directory Server
# /usr/netscape/server4/slapd-<hostname>/stop-slapd
|
. |
|
3. |
Open the NSDS' slapd.conf configuration file using an editor of your choice.
# vi /usr/netscape/server4/slapd-<hostname>/config/slapd.conf
|
|
|
4. |
Include the SIMS 4.1 schema files into the slapd.conf file. |
|
|
Find the last
include "/usr/netscape/server4/slapd-<hostname>/config/
sims-sisp.at.conf"
include "/usr/netscape/server4/slapd-<hostname>/config/
sims-sisp.oc.conf"
include "/usr/netscape/server4/slapd-<hostname>/config/
sims.at.conf"
include "/usr/netscape/server4/slapd-<hostname>/config/
sims.oc.conf"
|
include statement and then insert the following four lines after that line. |
Note - The sequence of the include statements are important. The at.conf files must precede the oc.conf files.
|
5. |
Save the slapd.conf file and exit. |
|
6. |
Append the SIMS indexes to the NSDS configuration files.
# cat /cdrom/sun_internet_mail_4_0/nsschema/nsds.index.conf >>
/usr/netscape/server4/slapd-<hostname>/config/slapd.ldbm.conf
|
|
|
7. |
Start the Netscape Directory Server if you would like to start the server now, otherwise, proceed to the next section and then start the server
# /usr/netscape/server4/slapd-<hostname>/start-slapd
|
. |
After installing and configuring NSDS, the next step is to disable the uid uniqueness feature in the NSDS configuration.
By default, NSDS enforces unique user IDs throughout its entire directory tree (that is, from the root tree at the o=internet node down).
Since SIMS 4.0 provides domain hosting, it must be able to use the same user ID within different domains. For this reason, you need to disable the uid uniqueness settings here.
Note - If you are going to use SIMS within one domain and will not be using it for domain hosting or with multiple domains, you may bypass the instructions in this section.
To disable NSDS uid uniqueness:
|
1. |
Start the Netscape Console.
# /usr/netscape/server4/start-admin
# /usr/netscape/server4/startconsole &
|
|
|
2. |
Log into the Netscape Console. |
-
The login uid and password are the same as the Administrator ID that you entered in step 5.e in "Installing Netscape Directory Services 4.1" on page 110.
|
3. |
Expand <hostname>.<domainame> on the Netscape Console screen. |
|
|
Where <hostname>.<domainame> is the domain name in which the host name is located. |
|
5. |
Double click Directory Server. |
|
6. |
Select the Configuration tab. |
|
9. |
Uncheck Enable Plugin. |
|
11. |
Select Console->Exit. |
|
12. |
Restart the Netscape Directory Server
# /usr/netscape/server4/slapd-<hostname>/stop-slapd
# /usr/netscape/server4/slapd-<hostname>/start-slapd
|
. |
Since Netscape Directory Services software is installed separately, the specific information about the setup of NSDS is not available to SIMS. This section lists the criteria specific to Netscape Directory Services that you will need to enter during the installation of SIMS.
Use the notes in this section in accordance with Chapter 7, "Installing SIMS 4.0," which covers the instructions for installing SIMS with the Netscape Directory.
The following is a summary of the questions that you will be asked by the SIMS installation GUI while installing SIMS with NSDS. The instructions cover the specific fields on the Directory Services Information and Configuration Page 1 of the SIMS installation GUI, which is shown in FIGURE A-1.
To install SIMS with the Netscape Directory:
|
1. |
Make sure that the LDAP Server Name assigned to the Directory Services Server Name on the Directory Services Information page is where your NSDS software is located. |
FIGURE A-1 SIMS Installation Directory Services Information Page
-
By default, SIMS assumes that you have installed your NSDS software on the same machine that you are installing SIMS. If you have installed NSDS on a remote machine, you need to enter the fully qualified name of the server where NSDS resides.
|
2. |
Type the Directory Services Server Port, which is the port number that you used during the NSDS installation. |
|
3. |
Select netscape as the Directory Services Server Type that appears on the Directory Services Information page of the SIMS 4.0 Installation GUI. |
|
4. |
Make sure that the name assigned to the Directory Administrator Name on the Configuration Page 1 is specified as Directory Manager, as shown in FIGURE A-2. |
FIGURE A-2 SIMS Installation Configuration Page 1
|
5. |
Type the password for the Directory Administrator Password. |
|
6. |
Make sure that the Domain Component tree root is specified as internet, if you are using the SIMS DC tree with the default value internet. |
Note - If you need to enter this name, do not use the o=internet syntax. Instead, type internet, because o= is automatically prepended to the entry.
The SIMS installation procedure automatically creates the Directory Information Tree (DIT) that SIMS supports and adds the access control instructions (ACIs) to your NSDS configuration files.
If you installed SIMS before installing NSDS, the SIMS installation will be unable to create this DIT and add the ACIs to the NSDS configuration.
This section describes the commands that you can type manually to:
|
|
Add the SIMS Directory Information Tree (DIT) |
|
|
Add the Access Control Instructions (ACIs) |
Note - The steps covered in this section are only applicable if for any reason SIMS installation has not added the DIT and ACIs.
Adding the SIMS Directory Information Tree (DIT)
Type the following command to create the DIT for your directory:
# /opt/SUNWconn/bin/ldapadd -c -h <hostname>
-p <portnumber> -D "cn=<Directory Manager>" -w <passwd>
-f /etc/opt/SUNWmail/slapd.ldif
|
See Chapter 6, "Domain Hosting with SIMS," in the Sun Internet Mail Server 4.0 Concepts Guide for a definition of the DIT and how the information is mapped out.
Adding the Access Control Instructions
Access control is the mechanism by which you can set permissions for the entire directory, a subset of the directory, specific entries in the directory, a specific set of entry attributes, or configuration tasks for any 4.x Netscape Server. When the server evaluates an incoming request, it determines the access type based on the access control instructions (ACIs) that you define. The collection of ACIs within a single suffix (The DC tree root) is called an access control list (ACL). See the Netscape documentation for more information about ACIs.
To add the ACIs to your Netscape Directory configuration:
# /usr/netscape/server4/shared/bin/ldapmodify -h <hostname>
-p <portnumber> -D "cn=<Directory Manager>" -w <passwd>
-f /etc/opt/SUNWmail/nsds.acl.ldif
|
Copyright © 1999 Sun Microsystems, Inc. All Rights Reserved.