Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual page 67
Hide thumbs
Also See for SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010:
- Reference manual (232 pages)
Table of Contents
Advertisement
8 Ensure that you set the necessary ownership and permissions of the certificate file for each
failover LDAP sever.
Windows: Not applicable.
Linux/Solaris: Run the following commands:
chown esecadm:esec <Install_Directory>/config/<cert-file>
chmod 700 <Install_Directory>/config/<cert-file>
9 Add each failover LDAP server certificate to the keystore ldap_server.keystore that is created
in
Step 9
in section
page
62.
Windows:
"%ESEC_HOME%\jre64\bin\keytool.exe" -importcert -noprompt -trustcacerts -
file <certificate-file> -alias <alias_name> -keystore ldap_server.keystore
-storepass sentinel
Linux/Solaris:
$ESEC_HOME/jre64/bin/keytool -importcert -noprompt -trustcacerts -file
<certificate-file> -alias <alias_name> -keystore ldap_server.keystore -
storepass sentinel
where
<certificate-file>
is the alias name for the certificate to be imported.
<alias_name>
IMPORTANT: Ensure that you specify the alias. If no alias is specified, the keytool takes
as the alias by default. When you import multiple certificates into the keystore without
mykey
specifying an alias, the keytool reports an error that the alias already exists.
10 Start the Sentinel service.
/etc/init.d/sentinel start
Additional Configuration for Linux Platform
In Linux, the Sentinel 6.1 server times out before it finds that the primary LDAP server is down, and
hence does not connect to the failover LDAP server. To ensure that the Sentinel 6.1 server connects
to the failover LDAP server without timing out, perform the following steps:
1 Log in to the Sentinel 6.1 server as
2 Open the
sysct1.conf
vi /etc/sysctl.conf
3 Ensure that the net.ipv4.tcp_syn_retries value is set to 3. If the entry does not exist, add the
entry. Save the file:
net.ipv4.tcp_syn_retries = 3
4 Execute the following commands for the changes to take effect:
/sbin/sysctl -p
/sbin/sysctl -w net.ipv4.route.flush=1
5 Set the Sentinel 6.1 server time out value by adding the
parameter in
control_center.sh
directory:
control_center.sh:
"Configuring the Sentinel 6.1 Server for LDAP Authentication" on
is the LDAP certificate filename in Base64-encoded format and
user.
root
file for editing:
and
solution_designer.sh
-Desecurity.remote.timeout=60
in the
$ESEC_HOME/bin
Installing Sentinel 6.1 SP2
67
Advertisement
Table of Contents
Related Manuals for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010
Related Products for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010
- NOVELL ZENWORKS LINUX MANAGEMENT 7.3 IR2 - ADMINISTRATION GUIDE 02-12-2010
- NOVELL APPARMOR 2.0.1 - ADMINISTRATION GUIDE 05-2008
- NOVELL EDIRECTORY 8.8 - GUIDE 09-2006
- NOVELL IFOLDER 3.X - SECURITY ADMINISTRATOR GUIDE 08-15-2006
- NOVELL INTELLISYNC MOBILE SUITE 7.0 - SECURE GATEWAY ADMINISTRATOR GUIDE 04-2006
- NOVELL LINUX ENTERPRISE DESKTOP 10 SP1 - START UP GUIDE 03-15-2007
- NOVELL LINUX ENTERPRISE SERVER 10 - START-UP GUIDE 06-12-2006
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STARTUP GUIDE 05-08-2008
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STORAGE ADMINISTRATION GUIDE 05-15-2009
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - LAB GUIDE 01-19-2010
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - HIGH AVAILABILITY CONFIGURATION GUIDE 06-17-2009
- NOVELL PRIVILEGED USER MANAGER 2.2.1 - ADMINISTRATION GUIDE 03-31-2010
- NOVELL SERVER CONSOLIDATION MIGRATION TOOLKIT 1.2 - ADMINISTRATION GUIDE 09-2007
- NOVELL ZENWORKS APPLICATION VIRTUALIZATION 8.0 - INTEGRATION AND STREAMING GUIDE 05-07-2010
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - ADMINISTRATION GUIDE 09-25-2008
- NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 - INSTALLATION GUIDE 09-22-2008