1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 6.02
  6. Installation manual

Netscape DIRECTORY SERVER 6.02 Installation Manual

Hide thumbs Also See for NETSCAPE DIRECTORY SERVER 6.02:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Administrator's Manual, Configuration Manual

Installation Guide

Netscape Directory Server
Version 6.02
May 2002

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.02

Summary of Contents for Netscape NETSCAPE DIRECTORY SERVER 6.02

  • Page 1: Installation Guide

    Installation Guide Netscape Directory Server Version 6.02 May 2002...
  • Page 2 Netscape Communications Corporation ("Netscape") and its licensors retain all ownership rights to the software programs offered by Netscape (referred to herein as "Software") and related documentation. Use of the Software and related documentation is governed by the license agreement for the Software and applicable copyright law. Your right to copy this documentation is limited by copyright law.

  • Page 3: Table Of Contents

    Contents About This Guide ............. . . 7 Prerequisite Reading .
  • Page 4 Verifying Required System Modules ..........24 Installing Patches .
  • Page 5 Migrating a Replicated Site ............. . 64 Constraints .
  • Page 6 Netscape Directory Server Installation Guide • May 2002...

  • Page 7: About This Guide

    About This Guide Welcome to Netscape Directory Server (Directory Server). This manual provides a high-level overview of design and planning decisions you need to make before installing the Directory Server, and describes the different installation methods that you can use. This preface contains the following sections: •...

  • Page 8: Conventions Used In This Guide

    Conventions Used In This Guide • Directory Server Console—An improved management console that dramatically reduces the effort of setting up and maintaining your directory service. The directory console is part of Netscape Console, the common management framework for Netscape servers. •...

  • Page 9: Related Information

    Related Information Related Information The document set for Directory Server also contains the following guides: • Netscape Directory Server Administrator’s Guide. Contains procedures for the day-to-day maintenance of your directory service. Includes information on configuring server-side plug-ins. • Netscape Directory Server Deployment Guide. Contains procedures for the day-to-day maintenance of your directory service.
  • Page 10 Related Information Netscape Directory Server Installation Guide • May 2002...

  • Page 11: Chapter 1 Preparing For A Directory Server Installation

    Chapter 1 Preparing for a Directory Server Installation Before you begin installing Netscape Directory Server (Directory Server), you should have an understanding of the various Directory Server components and the design and configuration decisions you need to make. To help you prepare for your Directory Server installation, you should be familiar with the concepts contained in the following sections: •...

  • Page 12: Configuration Decisions

    Configuration Decisions • Netscape Administration Server—Administration Server is a common front-end to all Netscape servers. It receives communications from Netscape Console and passes those communications on to the appropriate Netscape server. Your site will have at least one Administration Server for each server root in which you have installed an Netscape server.

  • Page 13: Choosing Unique Port Numbers

    Configuration Decisions Choosing Unique Port Numbers Port numbers can be any number from 1 to 65535. Keep the following in mind when choosing a port number for your Directory Server: • The standard Directory Server (LDAP) port number is 389. •...

  • Page 14: Deciding The User And Group For Your Netscape Servers (Unix Only)

    Configuration Decisions Deciding the User and Group for Your Netscape Servers (UNIX only) For security reasons, it is always best to run UNIX-based production servers with normal user privileges. That is, you do not want to run Directory Server with root privileges.
  • Page 15 Configuration Decisions • Directory Manager DN and password. The Directory Manager DN is the special directory entry to which access control does not apply. Think of the directory manager as your directory’s superuser. (In former releases of Directory Server, the Directory Manager DN was known as the root DN).

  • Page 16: Determining Your Directory Suffix

    Configuration Decisions Determining Your Directory Suffix A directory suffix is the directory entry that represents the first entry in a directory tree. You will need at least one directory suffix for the tree that will contain your enterprise’s data. It is common practice to select a directory suffix that corresponds to the DNS host name used by your enterprise.

  • Page 17: Determining The Location Of The User Directory

    Configuration Decisions Also, as with any directory installation, consider replicating the configuration directory to increase availability and reliability. See the Netscape Directory Server Deployment Guide for information on using replication and DNS round robins to increase directory availability. CAUTION Corrupting the configuration directory tree can result in the necessity of reinstalling all other Netscape servers that are registered in that configuration directory.

  • Page 18: Determining The Administration Domain

    Installation Process Overview Determining the Administration Domain The administration domain allows you to logically group Netscape servers together so that you can more easily distribute server administrative tasks. A common scenario is for two divisions in a company to each want control of their individual Netscape servers.

  • Page 19: Selecting An Installation Process

    Installation Process Overview The sections that follow outline the installation processes available, how to upgrade from an earlier release of Directory Server, and how to unpack the software to prepare for installation. Selecting an Installation Process You can install Directory Server software using one of the four different installation methods provided in the program: setup...

  • Page 20: Upgrade Process

    Installation Privileges Upgrade Process Directory Server supports migration from previous releases of Directory Server. The migration process is described in Chapter 6, “Migrating From Previous Versions.” For information on migrating servers involved in replication agreements, refer to the Netscape Directory Server Administrator’s Guide. Unpacking the Software If you have obtained Directory Server software from the web site, you will need to unpack it before beginning installation.

  • Page 21: Chapter 2 Computer System Requirements

    Chapter 2 Computer System Requirements Before you can install Netscape Directory Server (Directory Server), you must make sure that the systems on which you plan to install the software meet the minimum hardware and operating system requirements. These requirements are described in detail for each platform in the following sections: •...

  • Page 22: Hardware Requirements

    Hardware Requirements Hardware Requirements On all platforms, you will need: • Roughly 200 MB of disk space for a minimal installation. For production systems, you should plan at least 2GB to support the product binaries, databases, and log files (log files require 1 GB by default); 4GB and greater may be required for very large directories.

  • Page 23: Dsktune Utility

    Operating System Requirements dsktune Utility For UNIX platforms, Directory Server provides a utility named that can dsktune help you verify whether you have the appropriate patches installed on your system. The utility also provides useful information and advice on how to tune your kernel parameters for best performance.

  • Page 24: Verifying Required System Modules

    Operating System Requirements Verifying Required System Modules Directory Server requires the use of a SPARC v8+ or an UltraSPARC (SPARC v9) processor, as these processors include support for high performance and multiprocessor systems. Earlier SPARC processors are not supported. If you run Directory Server on a 64-bit Sun Solaris 8 UltraSPARC machine, it will run as a 32-bit application.
  • Page 25 Operating System Requirements Solaris 8 Patch List (Continued) Table 2-1 108993-03: SunOS 5.8: nss and ldap patch 109091-04: SunOS 5.8: /usr/lib/fs/ufs/ufsrestore patch 109137-01: SunOS 5.8: /usr/sadm/install/bin/pkginstall patch 109181-03: SunOS 5.8: /kernel/fs/cachefs patch 109277-01: SunOS 5.8: /usr/bin/iostat patch 109279-13: SunOS 5.8: /kernel/drv/ip patch 109318-12: SunOS 5.8: suninstall patch 109320-03:...

  • Page 26: Tuning The System

    Operating System Requirements Solaris 8 Patch List (Continued) Table 2-1 110934-01: SunOS 5.8: pkgtrans, pkgadd, pkgchk and libpkg.a patch 110939-01: SunOS 5.8: /usr/lib/acct/closewtmp patch 110943-01: SunOS 5.8: /usr/bin/tcsh patch 110945-01: SunOS 5.8: /usr/sbin/syslogd patch 110951-01: SunOS 5.8: /usr/sbin/tar and /usr/sbin/static/tar patch 111071-01: SunOS 5.8: cu patch 111111-01:...

  • Page 27: Tuning Tcp Parameters

    Operating System Requirements CAUTION This parameter should not be raised above 4096 without first consulting your Sun Solaris support representative as it may affect the stability of the system. Tuning TCP Parameters By default, the TCP/IP implementation in a Solaris kernel is not correctly tuned for Internet or Intranet services.

  • Page 28: Hp-Ux 11.0 Operating System

    Operating System Requirements HP-UX 11.0 Operating System This section contains the following information: • Verifying Disk Space Requirements • Verifying Required System Modules • Installing Patches • Tuning the System • Installing Third-Party Utilities Verifying Disk Space Requirements Ensure that you have sufficient disk space before downloading the software. Download drive: 120 MB Installation drive: 2 GB Verifying Required System Modules...
  • Page 29 Operating System Requirements PHKL_18543: PM/VM/UFS/async/scsi/io/DMAPI/JFS/perf cumulative patch PHCO_23651: fsck_vxfs(1M) cumulative patch PHCO_19666: libpthread cumulative patch PHKL_20228: Large data 7/8 patch PHKL_21039: semget;large data space;msgmnb;SEMMSL PHKL_23409: NFS, Large Data Space, kernel memory leak patch PHCO_16629: libc cumulative patch (superceded by PHCO_20765) PHCO_20765: libc cumulative patch (supercedes PHCO_16629 and is superceded by PHCO_24148)

  • Page 30: Tuning The System

    Operating System Requirements PHNE_26771: Cumulative ARPA Transport patch The following patches are dependencies of patch PHNE_26771: PHKL_21857 and PHNE_22566. • Run the utility and see if you need to install any other patches. The dsktune utility helps you to verify whether you have the appropriate patches installed on your system and provides useful information and advice on how to tune your kernel parameters for best performance.

  • Page 31: Installing Third-Party Utilities

    Operating System Requirements Installing Third-Party Utilities You will need the utility to unpack the directory server software. The GNU gunzip programs are described in more detail at gzip gunzip and can be obtained from http://www.gnu.org/software/gzip/gzip.html many software distribution sites. You may need Adobe Acrobat Reader to read the documentation. If you do not have it installed, you can download it from: http://www.adobe.com/products/acrobat/readstep2.html DNS and NIS Requirements (UNIX only)
  • Page 32 Operating System Requirements Netscape Directory Server Installation Guide • May 2002...

  • Page 33: Chapter 3 Using Express And Typical Installation

    Chapter 3 Using Express and Typical Installation This chapter describes how to perform basic installation activities. This chapter contains the following sections: • Using Express Installation (page 33) • Using Typical Installation (page 35) Using Express Installation Use express installation if you are installing Directory Server to evaluate or test the product.
  • Page 34 Using Express Installation Run the program. You can find it in the directory in which you untarred setup or unzipped the binary files. On a UNIX system, issue the following command: ./setup Select “yes” to continue with installation, then select “yes” to agree to the license.

  • Page 35: Using Typical Installation

    Using Typical Installation o=NetscapeRoot Do not modify the contents of the directory under the o=NetscapeRoot suffix. Either create data under the first suffix or create a new suffix to be used for this purpose. For details on how to create new suffixes for your Directory Server, see the Netscape Directory Server Administrator’s Guide.
  • Page 36 Using Typical Installation When you are asked what type of installation you would like to perform, press Enter to select the default, Typical Installation. For server root, enter a full path to the location where you want to install your server.
  • Page 37 Using Typical Installation program then asks you for the System User and the System Group setup names. Enter the identity under which you want the servers to run. For more information on the user and group names that you should use when running Netscape servers, see “Deciding the User and Group for Your Netscape Servers (UNIX only),”...
  • Page 38 Using Typical Installation For a directory suffix, enter a distinguished name (DN) meaningful to your enterprise. This string is used to form the name of all your organization’s directory entries. Therefore, pick a name that is representative of your organization. It is recommended that you pick a suffix that corresponds to your internet DNS name.
  • Page 39 Using Typical Installation The server is configured to use the following suffixes: • The suffix that you configured. • o=NetscapeRoot Do not modify the contents of the directory under the suffix. o=NetscapeRoot Either create data under the first suffix or create a new suffix to be used for this purpose.
  • Page 40 Using Typical Installation Netscape Directory Server Installation Guide • May 2002...

  • Page 41: Chapter 4 Silent Installation

    Chapter 4 Silent Installation Silent installation allows you to use a file to predefine all the answers that you would normally supply to the setup program interactively. This provides you with the ability to script the installation of your Netscape Directory Servers (Directory Servers).

  • Page 42: Preparing Silent Installation Files

    Preparing Silent Installation Files Prepare the file that will contain your installation directives; for details, see “Preparing Silent Installation Files,” on page 42. Run the program with the command line options: setup setup -s -f filename where the option indicates the silent mode of installation and filename specifies the name of the INF file that contains your installation directives.

  • Page 43: Creating Silent Installation Files

    Preparing Silent Installation Files NOTE Any distinguished names (DNs) in the files must be in the UTF-8 character set encoding. Creating Silent Installation Files The best way to create a file for use with silent installation is to use the setup program to interactively create a server instance of the type that you want to duplicate.

  • Page 44: A Typical Installation

    Preparing Silent Installation Files NOTE Be sure to protect files since they contain passwords in install.inf clear. For complete information on the directives you can use in a silent installation file, see “Installation Directives,” on page 46. A Typical Installation The following is the file that is generated for a typical installation: install.inf...

  • Page 45: Using An Existing Configuration Directory

    Preparing Silent Installation Files [nsperl] Components= nsperl553 [perldap] Components= perldap14 Using an Existing Configuration Directory The following is the file that is generated when you perform a typical install.inf installation and you choose to use an existing Directory Server as the configuration directory: [General] FullMachineName=...

  • Page 46: Installing The Standalone Netscape Console

    Installation Directives ServerAdminID= admin ServerAdminPwd= admin Components= admin,admin-client [base] Components= base,base-client,base-jre [nsperl] Components= nsperl553 [perldap] Components= perldap14 Installing the Standalone Netscape Console The following is the file that is generated when you install just install.inf Netscape Console: [General] FullMachineName= dir.example.com ConfigDirectoryLdapURL= ldap://dir.example.com:389/o=NetscapeRoot SuiteSpotUserID=...

  • Page 47: Silent Installation File Format

    Installation Directives • Silent Installation File Format • [General] Installation Directives • [Base] Installation Directives • [slapd] Installation Directives • [admin] Installation Directives Silent Installation File Format When you use silent installation, you provide all the installation information in a file.

  • Page 48: [General] Installation Directives

    Installation Directives [General] Installation Directives [General] installation directives specify information of global interest to the Netscape servers installed at your site. That is, the information you provide here will be common to all your Netscape servers. The [General] installation directives are: Table 4-1 [General] Installation Directives Directive...

  • Page 49: [Base] Installation Directives

    Installation Directives [General] Installation Directives (Continued) Table 4-1 Directive Description Specifies the password for the UserDirectoryAdminID. UserDirectoryAdminPwd Specifies the LDAP URL that is used to connect to the UserDirectoryLdapURL directory where your user and group data is stored. If this directive is not supplied, the configuration directory is used for this purpose.

  • Page 50: [Slapd] Installation Directives

    Installation Directives Table 4-2 [Base] Installation Directive Directive Description Specifies the base components to be installed. The base Components components are: • base—install the shared libraries used by all Server Consoles. You must install this package if you are also installing some other Netscape server. •...

  • Page 51: Optional [Slapd] Installation Directives

    Installation Directives Required [slapd] Installation Directives (Continued) Table 4-3 Directive Description Specifies the server identifier. This directive is required. ServerIdentifier This value is used as part of the name of the directory in which the Directory Server instance is installed. For example, if your machine’s host name is phonebook, then this name is the default and selecting it will cause the Directory Server instance to be installed into a...

  • Page 52: [Admin] Installation Directives

    Installation Directives Table 4-4 Optional [slapd] Installation Directives Directive Description If set to Yes, this directive causes the example.ldif AddSampleEntries sample directory to be loaded. Use this directive if you are installing the Directory Server for evaluation purposes and you do not already have an LDIF file to populate your directory with.
  • Page 53 Installation Directives [admin] Installation Directives (Continued) Table 4-5 Directive Description Specifies the IP address that the Administration Server ServerIpAddress will listen to. Use this directive if you are installing on a multi-homed system and you do not want to use the first IP address for your Administration Server.
  • Page 54 Installation Directives Netscape Directory Server Installation Guide • May 2002...

  • Page 55: Chapter 5 Post Installation

    Chapter 5 Post Installation This chapter describes the post-installation procedures for launching the online help and populating the directory tree. This chapter has the following sections: • Launching the Help System (page 55) • Populating the Directory Tree (page 56) Launching the Help System The help system for Directory Server is dependent upon Netscape Administration Server.

  • Page 56: Populating The Directory Tree

    Populating the Directory Tree Proxy authorized on Administration Server. If you use proxies for your HTTP connections on the client machine running Directory Server Console, you need to do one of the following: • Remove proxies on the machine running Directory Server Console. This allows the client machine to access Administration Server directly.
  • Page 57 Populating the Directory Tree • Start your Directory Server with an empty database and import data over LDAP—This method requires you to populate your directory using an LDAP client such as Directory Server Gateway or the command-line ldapmodify utility. Use this method if you have just a few entries to add at a time. For information on setting up the Directory Server Gateway, check the Netscape Directory Server Gateway Customization Guide.
  • Page 58 Populating the Directory Tree Netscape Directory Server Installation Guide • May 2002...

  • Page 59: Chapter 6 Migrating From Previous Versions

    Chapter 6 Migrating From Previous Versions You can upgrade to Netscape Directory Server 6.x from a previous release of Directory Server, for example, from Directory Server versions 4.0, 4.1, 4.11, 4.12, 4.13, or 5.0. This chapter describes the upgrade process in the following sections: •...

  • Page 60: Migration Prerequisites

    Migration Prerequisites The migration script performs the following tasks in sequence: • Checks the schema configuration files and notifies you of any changes between the standard configuration files and the ones present on your system. • Creates a database for each suffix stored in the legacy Directory Server. (In Directory Server 5.x and 6.x you can have multiple databases, but just one suffix per database).

  • Page 61: Identifying Custom Schema

    Identifying Custom Schema • If you want to continue to run your legacy Directory Server, when you install the new Directory Server choose different ports for LDAP traffic and for secured connections from the ones used by your legacy Directory Server. If you will not be running your legacy Directory Server, use the same port numbers to ensure that any directory clients that have static configuration information (including Directory Server port numbers) will continue to work.
  • Page 62 Identifying Custom Schema While the migration will complete in this situation, you will probably find that you cannot modify your data in Directory Server 6.02. Therefore, you are strongly recommended to copy your custom schema into separate files before you perform the migration.

  • Page 63: Migration Procedure

    Migration Procedure Migration Procedure The migration script will automatically back up your Directory Server configuration. • If you are migrating from Directory Server 4.x, all of the files with a .conf extension in the directory are backed /usr/netscape/server4/slapd-serverID • If you are upgrading from Directory Server 5.0, all of the configuration files in will be backed up to a /usr/netscape/servers/slapd-serverID/config directory named...

  • Page 64: Migrating A Replicated Site

    Migrating a Replicated Site oldServerPath is the path to the legacy Directory Server directory (for example, /usr/netscape/server4/slapd-serverID newServerPath is the path to the Directory Server 6.02 directory (for example, /usr/netscape/servers/slapd-serverID The following is an example of a command you would use on a UNIX machine to migrate a 4.11 Directory Server to Directory Server 6.02: migrateInstance6 -D "cn=Directory Manager"...

  • Page 65: Constraints

    Migrating a Replicated Site The manual procedure described in this section explains the migration path that you can follow to migrate a replication topology of 4.x servers to a replication topology of 6.x Directory Servers. You can migrate instances of Directory Server 4.0, 4.1, 4.11, 4.12, and 4.13 because these releases of the Directory Server can replicate to a Directory Server 6.x configured as a consumer.

  • Page 66: Example: Detail Of Steps

    Migrating a Replicated Site Retire the 4.x supplier. The Directory Server 6.x that you configured in Step 1 is now the only supplier in the topology. Example: Detail of Steps Consider a fairly simple replication topology: • One supplier Server A •...
  • Page 67 Migrating a Replicated Site Upgrade Server C to Directory Server 6.x, and make it a read-only replica of Server D. Retire Server A. Disable legacy consumer settings on server D. This leaves Server D as the single supplier for consumer servers B and C. When you have completed the migration of your replication topology, you can evolve it to use multi-master replication.
  • Page 68 Migrating a Replicated Site Netscape Directory Server Installation Guide • May 2002...

  • Page 69: Chapter 7 Uninstalling Directory Server

    Chapter 7 Uninstalling Directory Server You may need to remove an instance of Netscape Directory Server (Directory Server) or uninstall the entire server altogether. The Directory Server provides a utility that enables you to uninstall the software as a whole or to remove selected components.

  • Page 70: Uninstalling Directory Server

    Uninstalling Directory Server From the Object menu, select Stop; you can also right-click to choose this option from the pop-up menu. When the server has stopped, from the Object menu, choose Remove Server. You can also right-click to choose this option from the pop-up menu. When prompted, confirm that you want to remove the server instance.
  • Page 71 Uninstalling Directory Server Server Core Components nsPerl PerLDAP When prompted, enter the administrator ID and password for the configuration directory to authorize removal of Directory Server. The uninstallation utility starts removing files. After the utility has finished removing files, a message is displayed indicating that some files have not been removed from your system.
  • Page 72 Uninstalling Directory Server Netscape Directory Server Installation Guide • May 2002...

  • Page 73: Chapter 8 Troubleshooting

    Chapter 8 Troubleshooting This chapter describes the most common installation problems and how to solve them. It also provides some tips on checking patch levels and kernel parameter settings for your system. This chapter has the following sections: • Running dsktune (page 73) •...
  • Page 74 Running dsktune The following is an example of output that generates. Note that dsktune dsktune does not itself make any changes to the system. Netscape Directory Server system tuning analysis version 25-SEP-2001. NOTICE : System is usparc-sun-solaris5.8 (SUNW,Ultra-5_10) (1 processor). NOTICE : Patch 109320-01 is not installed.

  • Page 75: Common Installation Problems

    Common Installation Problems ndd -set /dev/tcp tcp_smallest_anon_port 8192 WARNING: tcp_deferred_ack_interval is currently 100 milliseconds. This will cause Solaris to insert artificial delays in the LDAP protocol. It should be reduced during load testing. This line can be added to the /etc/init.d/inetinit file: ndd -set /dev/tcp tcp_deferred_ack_interval 5 WARNING: There are only 1024 file descriptors available, which limit the number of simultaneous connections.
  • Page 76 Common Installation Problems This error occurs when a machine is not correctly configured to use DNS naming. The default fully qualified host and domain name presented during installation is not correct. If you accept the defaults, you receive the LDAP authentication error. To successfully install, you need to provide a fully qualified domain name that consists of a local host name along with its domain name.

  • Page 77: Glossary

    Glossary access control instruction See ACI. ACI Access Control Instruction. An instruction that grants or denies permissions to entries in the directory. access control list See ACL. ACL Access control list. The mechanism for controlling access to your directory. access rights In the context of access control, specify the level of access granted or denied.
  • Page 78 attribute Holds descriptive information about an entry. Attributes have a label and a value. Each attribute also follows a standard syntax for the type of information that can be stored as the attribute value. attribute list A list of required and optional attributes for a given entry type or object class.
  • Page 79 browser Software, such as Netscape Navigator, used to request and view World Wide Web material stored as HTML files. The browser uses the HTTP protocol to communicate with the host server. browsing index Otherwise known as the virtual view index, speeds up the display of entries in the Directory Server Console.
  • Page 80 CIR See consumer-initiated replication. class definition Specifies the information needed to create an instance of a particular object and determines how the object works in relation to other objects in the directory. class of service See CoS. classic CoS A classic CoS identifies the template entry by both its DN and the value of one of the target entry’s attributes.
  • Page 81 DAP Directory Access Protocol. The ISO X.500 standard protocol that provides client access to the directory. Data Master The server that is the master source of a particular piece of data. database link An implementation of chaining. The database link behaves like a database but has no persistent storage.
  • Page 82 DNS alias A DNS alias is a hostname that the DNS server knows points to a different host—specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as might point to a real machine called www.[yourdomain].[domain] where the server currently exists.
  • Page 83 HTML Hypertext Markup Language. The formatting language used for documents on the World Wide Web. HTML files are plain text files with formatting codes that tell browsers such as the Netscape Navigator how to display text, position graphics and form items, and display links to other pages. HTTP Hypertext Transfer Protocol.
  • Page 84 LDAPv3 Version 3 of the LDAP protocol, upon which Directory Server bases its schema format LDAP client Software used to request and view LDAP entries from an LDAP Directory Server. See also browser. LDAP Data Interchange Format See LDAP Data Interchange Format. LDAP URL Provides the means of locating directory servers using DNS and then completing the query via LDAP.
  • Page 85 matching rule Provides guidelines for how the server compares strings during a search operation. In an international search, the matching rule tells the server what collation order and operator to use. MD5 A message digest algorithm by RSA Data Security, Inc., which can be used to produce a short digest of data, that is unique with high probability, and is mathematically extremely hard to produce a piece of data that will produce the same message digest.
  • Page 86 network management station See NMS. NIS Network Information Service. A system of programs and data files that Unix machines use to collect, collate, and share specific information about machines, users, file systems, and network parameters throughout a network of computers. NMS Network Management Station.
  • Page 87 permission In the context of access control, the permission states whether access to the directory information is granted or denied, and the level of access that is granted or denied. See access rights. PDU Protocol Data Unit. Encoded messages which form the basis of data exchanges between SNMP devices.
  • Page 88 RDN Relative distinguished name. The name of the actual entry itself, before the entry’s ancestors have been appended to the string to form the full distinguished name. referential integrity Mechanism that ensures that relationships between related entries are maintained within the directory. referral (1) When a server receives a search or update request from an LDAP client that it cannot process, it usually sends back to the client a pointer to the LDAP sever that can process the request.
  • Page 89 root The most privileged user available on Unix machines. The root user has complete access privileges to all files on the machine. root suffix The parent of one or more sub suffixes. A directory tree can contain more than one root suffix. schema Definitions describing what types of information can be stored as entries in the directory.
  • Page 90 slapd LDAP Directory Server daemon or service that is responsible for most functions of a directory except replication. See also ns-slapd. SNMP Simple Network Management Protocol. Used to monitor and manage application processes running on the servers, by exchanging data about network activity.
  • Page 91 symmetric encryption Encryption that uses the same key for both encrypting and decrypting. DES is an example of a symmetric encryption algorithm. system index Cannot be deleted or modified as it is essential to Directory Server operations. target In the context of access control, the target identifies the directory information to which a particular ACI applies.
  • Page 92 Netscape Directory Server Installation Guide • May 2002...

  • Page 93: Index

    Index administration domain, defined 18 express install defined 19 administration port number 38 using 33 administration server 12 administration server user 15 authentication entities 14 fonts, in this book 8 configuration decisions 12 configuration directory administrator 15 configuration directory, defined 16 conventions, in this book 8 glossary of terms 77–91 creating silent install files 43...
  • Page 94 preparing for 11 process overview 18 removing the directory server 69 new installations 19 replicated site requirements 21 migration 65 installation directory, default 13 requirements computer system 21 root DN (directory manager) 15 running server, users and groups 14 LDAP Data Interchange Format (LDIF) creating databases using 56 LDIF, See LDAP Data Interchange Format schema, migrating 61...
  • Page 95 uninstalling the directory server 69 upgrading prerequisites for 60 upgrading schema 61 upgrading the directory server 59 user and groups to run servers as 14 user directory, defined 17 Index...
  • Page 96 Netscape Directory Server Installation Guide • May 2002...

Table of Contents