Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)
Previous Next

Configuring Sun Java System Directory Server Using idsconfig

Creating a Checklist Based on Your Server Installation

During the server installation process, you will have defined crucial variables, with which you should create a checklist similar to the one below before launching idsconfig. You can use the blank checklist provided in Blank Checklists.

Note - The information included below will serve as the basis for all examples that follow in the LDAP related chapters. The example domain is of an widget company, Example, Inc. with stores nationwide. The examples will deal with the West Coast Division, with the domain west.example.com

Table 11-1 Server Variables Defined

Variable

Definition for Example Network

Port number at which an instance of the directory server is installed

389 (default)

Name of server

myserver (from the FQDN myserver.west.example.com or 192.168.0.1)

Replica server(s) (IPnumber:port number)

192.168.0.2 [for myreplica.west.example.com]

Directory manager

cn=directory manager (default)

Domain name to be served

west.example.com

Maximum time (in seconds) to process client requests before timing out

-1-

Maximum number of entries returned for each search request

-1-

Note - If you are using hostnames in defining defaultServerList or preferredServerList, you MUST ensure LDAP is not used for hosts lookup. This means ldap must not be in /etc/nsswitch.conf hosts line.

Table 11-2 Client Profile Variables Defined

Variable

Definition for Example Network

Profile name (the default name is default)

WestUserProfile

Server list (defaults to the local subnet)

192.168.0.1

Preferred server list (listed in order of which server to try first, second, and so on)

none

Search scope (number of levels down through the directory tree. 'One', the default, or 'Sub')

one (default)

Credential used to gain access to server. Default is anonymous

proxy

Follow Referrals? ( a pointer to another server if the main server is unavailable) Default is no.

Y

Search time limit (default is 30 seconds) for waiting for server to return information.

default

Bind time limit (default is 10 seconds) for contacting the server.

default

Authentication method Default is none.

simple

Note - Client profiles are defined per domain. At least one profile must be defined for a given domain.

Attribute Indexes

idsconfig indexes the following list of attributes for improved performance.

membernisnetgroup

pres,eq,sub

nisnetgrouptriple

pres,eq,sub

ipHostNumber

pres,eq,sub

uidNumber

pres,eq

gidNumber

pres,eq

ipNetworkNumber

pres,eq

automountkey

pres,eq

oncRpcNumber

pres,eq

Schema Definitions

idsconfig(1M) automatically adds the necessary schema definitions. Unless you are very experienced in LDAP administration, do not manually modify the server schema. See Chapter 14, LDAP General Reference (Reference) for an extended list of schemas used by the LDAP naming service.

Using Browsing Indexes

The browsing index functionality of the Sun Java System Directory Server, otherwise known as the virtual list view (VLV), provides a way in which a client can view a select group or number of entries from very long list, thus making the search process less time consuming for each client. Browsing indexes provide optimized, predefined search parameters with which the Solaris LDAP naming client can access specific information from the various services more quickly. Keep in mind that if you do not create browsing indexes, the clients may not get all the entries of a given type because the server limits for search time or number of entries might be enforced.

VLV indexes are configured on the directory server and the proxy user has read access to these indexes.

Before configuring browsing indexes on the Sun Java System Directory Server, consider the performance cost associated with using these indexes. For more information, refer to the Administration Guide for the version of Sun Java System Directory Server that you are using.

idsconfig creates entries for several VLV indexes. Use the directoryserver script to stop the server and to create the actual VLV indexes. See the idsconfig(1M) and the directoryserver(1M) man pages for more information. Refer to the output of the idsconfig command to determine the VLV entries created by idsconfig and the syntax of the corresponding directoryserver commands that you need to run. See Example idsconfig Setup for sample idsconfig output.
Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire