Download Print this page

Sun Microsystems Netscape Enterprise Server Administrator's Manual

Table Of Contents

page of 532

/ 532
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

Download this manual

Cha

security

World Wide Web

URL

merchant system

server

community system

TCP/IP

HTML

Administrator's Guide

Inter

Personal

Proxy

Netscape Enterprise Server

Version 4.0

SSL

806-2823-10

September 1999

IStore

Publishing

mail

Internet

secure sockets layer

http://www

encryption

HTML

electronic commerce

comp.sys

JavaScript

directory server

certificate

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the Netscape Enterprise Server and is the answer not in the manual?

Questions and answers

Summary of Contents for Sun Microsystems Netscape Enterprise Server

Page 1 World Wide Web merchant system server community system navigator TCP/IP HTML ublishing Administrator’s Guide Inter Personal Proxy Netscape Enterprise Server Version 4.0 806-2823-10 September 1999 Mozilla IStore Publishing mail Internet secure sockets layer http://www encryption HTML electronic commerce comp.sys...
Page 2 Copyright © 1999 Sun Microsystems, Inc. Some preexisting portions Copyright © 1999 Netscape Communications Corp. All rights reserved. Sun, Sun Microsystems, the Sun Logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. Netscape and the Netscape N logo are registered trademarks of Netscape Communications Corporation in the U.S.
Page 3: Table Of Contents
Chapter 1 Introduction to Enterprise Server ........33 Netscape Enterprise Server .................33 Enterprise Server Features ................34 Administering and Managing Enterprise Servers ...........35 Netscape Enterprise Server Architecture ............36 Content Engines ....................37 Server Extensions ....................37 Runtime Environments ..................38 Application Services ..................38 How Enterprise Server is Configured ..............39 Enterprise Server Component Options ............39...
Page 4 Shutting Down Enterprise Administration Server ..........68 Changing Network Settings ................68 Changing the User Account and Password ........... 69 Changing the Port Number ................69 Changing the Superuser Settings ................ 70 Enabling Distributed Administration ..............71 iv Netscape Enterprise Server Administrator’s Guide...
Page 5 Configuring Secure Sockets Layer (SSL) ............73 Activating SSL ....................73 Setting Encryption Preferences ..............73 Setting Stronger Ciphers ................74 Specifying Log File Options ................75 Viewing the Access Log File ................76 Viewing the Error Log File ................77 Archiving Log Files ..................
Page 6 Client and Server Authentication ............116 How Enterprise Server Uses Certificates to Authenticate Users .... 116 128-Bit Step-Up Certificates ..............117 Configuring Enterprise Server for SSL ............117 Creating a New Server Instance ............... 118 vi Netscape Enterprise Server Administrator’s Guide...
Page 7 Creating a Certificate Trust Database ............... 119 Requesting a Certificate ..................120 Required CA Information ................122 Installing and Managing Certificates ..............123 Managing Certificates ................... 126 Using Secure Sockets Layer (SSL) ..............127 Activating SSL ....................128 Specifying Ciphers ..................128 Setting Security (SSL) Preferences ..............
Page 8 Configuring Network Settings ................167 Changing the Server’s Location (Unix) ............167 Changing the Server’s User Account (Unix) ..........167 Changing the Server’s User Account (Windows NT) ......... 168 Changing the Server Name ................169 viii Netscape Enterprise Server Administrator’s Guide...
Page 9 Changing the Server Port Number ............... 169 Changing the Server Binding Address ............170 Changing the Server’s MTA Host ..............170 Customizing Error Responses ................170 Working with Dynamic Configuration Files ............ 171 Using .htaccess Files ..................171 Activating .htaccess checking ..............171 Using .nsconfig Files ................
Page 10 Configuration ....................223 Performance Report ..................223 Miscellaneous magnus.conf Directives ............225 Multi-process Mode ..................225 Accept Thread Information ................227 CGIStub Processes (Unix) ................227 Buffer Size ..................... 228 Native Thread Pool Size ................229 x Netscape Enterprise Server Administrator’s Guide...
Page 11 About RqThrottle ....................229 The perfdump Utility ..................231 Sample Output ....................232 Using perfdump Statistics to Tune Your Server ..........233 ListenSocket Information ................234 Address ..................... 235 ActiveThreads ................... 235 WaitingThreads ..................235 BusyThreads ..................... 235 Thread limits <min/max> ................ 236 KeepAlive Information .................
Page 12 Improving Servlet Performance ................ 254 Thread Pools ....................255 Common Performance Problems ..............256 Low-Memory Situations ................256 Under-Throttled Server ................. 256 Checking ....................256 Tuning ...................... 257 Cache Not Utilized ..................257 Checking ....................257 xii Netscape Enterprise Server Administrator’s Guide...
Page 13 KeepAlive Connections Flushed ..............258 Checking ....................258 Tuning ...................... 258 Log File Modes ..................... 258 Using Local Variables ................... 259 Benchmarking the Netscape Enterprise Server ..........259 SPECweb96 Tuning ..................260 WebStone Tuning ..................261 Sizing Issues ...................... 262 Processors ..................... 262 Memory ......................
Page 14 Chapter 12 Working With Configuration Styles ......303 Creating a Configuration Style ................304 Removing a Configuration Style ............... 306 Editing a Configuration Style ................307 Assigning a Configuration Style ............... 307 Listing Configuration Style Assignments ............308 xiv Netscape Enterprise Server Administrator’s Guide...
Page 15 Part 5 Managing Content and Access Chapter 13 Managing Server Content ..........311 Changing the Primary Document Directory ............ 312 Setting Additional Document Directories ............312 Customizing User Public Information Directories (Unix) ....... 313 Enabling Remote File Manipulation ..............315 Configuring Document Preferences ..............
Page 16 Indexing and Updating Properties ..............372 Changing the Web Publishing State ..............375 Maintaining Web Publishing Data ..............376 Unlocking Files ....................378 Adding Custom Properties ................379 Managing Properties ..................381 Customizing Your Netshare Home Page ............382 xvi Netscape Enterprise Server Administrator’s Guide...
Page 17 Customizing the Web Publisher User Interface ..........382 The Web Publisher Attributes ..............383 The Web Publisher Pattern Files ............. 385 Pointing Pattern Variables ............... 386 Conditional Variables ................387 Chapter 16 Using Search ................. 391 About Search ..................... 391 Configuring Text Search ...................
Page 18 User-defined Pattern Variables ..............440 Configuration File Variables ..............441 Macros and Generated Pattern Variables ..........444 Appendixes Appendix A HyperText Transfer Protocol ........449 About HyperText Transfer Protocol (HTTP) ........... 449 Requests ......................450 xviii Netscape Enterprise Server Administrator’s Guide...
Page 19 Request Method .................... 450 Request Header .................... 451 Request Data ....................451 Responses ......................451 Status Code ....................452 Response Header ..................453 Response Data ....................453 Appendix B ACL File Syntax ..............455 ACL File Syntax ....................456 Authentication Statements ................457 Authorization Statements ................
Page 20 Installing FrontPage Server Extensions on Windows NT Systems ..... 484 Installing FrontPage97 Server Extensions on Unix Systems ....... 488 Installing FrontPage98 Server Extensions on Unix Systems ....... 492 Further Information ................... 494 Glossary ......................495 Index ........................ 505 xx Netscape Enterprise Server Administrator’s Guide...
Page 21: About This Guide
This guide is divided into five parts, plus various appendices, a glossary, and a comprehensive index. If you are new to Netscape Enterprise Server, begin with Part I, “Server Basics” for an overview of the Netscape Enterprise Server. If you About This Guide 21...
Page 22: Part I: Server Basics
How This Guide Is Organized are already familiar with Netscape Enterprise Server, skim the material in Part I, “Server Basics” before going on to Part II, “Using Enterprise Administration Server.” Once you are familiar with the fundamentals of using Enterprise Administration Server, you can refer to Part III, “Configuring and Monitoring,”...
Page 23: Part Iii: Configuring And Monitoring
Enterprise Servers. The following chapters are included: • Chapter 7, “Configuring Server Preferences,” describes how to configure server preferences for your Netscape Enterprise Server. • Chapter 8, “Understanding Log Files,” describes how to monitor your Enterprise Server using the Hypertext Transfer Protocol (HTTP), by recording and viewing log files, or by using the performance monitoring tools provided with your operating system.
Page 24: Part Iv: Using Programs And Objects
• Chapter 16, “Using Search,” describes how to search the contents and attributes of documents on the server. In addition, this chapter describes how to create a customized text search interface that’s tailored to your user community. 24 Netscape Enterprise Server Administrator’s Guide...
Page 25: Appendixes
• Appendix E, “Enterprise Server User Interface,” describes the elements in the user interface of Enterprise Administration Server and Server Manager of Netscape Enterprise Server 4.0. This appendix is available in the online version only. In addition, a Glossary is included to define frequently used terms that may be unfamiliar to Netscape Enterprise Server administrators.
Page 26: Using The Enterprise Server Documentation
Using the Enterprise Server Documentation The following table lists the tasks and concepts that are described in the Netscape Enterprise Server printed manuals and online readme file. If you are trying to accomplish a specific task or learn more about a specific concept, refer to the appropriate manual.
Page 27 Using the Enterprise Server Documentation Table 1 Enterprise Server Documentation For information about See the following The administration server and global information on topics Managing Servers such as encryption, access control, and performance with Netscape Console monitoring. Note that if you install Netscape Console, an online version of this manual is available as well as the hard copy version that is shipped with Netscape Enterprise Server 4.0.
Page 28: Further Reading
To access these documents, use the following URL: http://home.netscape.com/eng/server Click the Server link to see the documents pertaining to the web server. To access the Enterprise Server 4.0 Release Notes, use the following URL: http://home.netscape.com/eng/server/webserver/4.0 28 Netscape Enterprise Server Administrator’s Guide...
Page 29: Contacting Technical Support
Contacting Technical Support Contacting Technical Support For product-specific Technical Support assistance, please see the Product Support Page for the Netscape Enterprise Server at: http://help.netscape.com/products/server/enterprise/index.html. For general Technical Support assistance, please see the Netscape Technical Support Page at: http://help.netscape.com. About This Guide 29...
Page 30 Contacting Technical Support 30 Netscape Enterprise Server Administrator’s Guide...
Page 31: Part 1 Server Basics
Server Basics • Introduction to Enterprise Server • Administering Enterprise Servers Part 1, Server Basics 31...
Page 32 32 Netscape Enterprise Server Administrator’s Guide...
Page 33: Chapter 1 Introduction To Enterprise Server
C h a p t e r Introduction to Enterprise Server Chapter 1 This chapter introduces Netscape Enterprise Server and discusses some of the fundamental server concepts. Read it to obtain an overview of how Enterprise Server works. This chapter includes the following sections: •...
Page 34: Enterprise Server Features
Directory Server. For more information, see Managing Servers with Netscape Console. • Security—Users can establish encrypted and authenticated transactions between clients and the server through the Secure Sockets Layer (SSL) 3.0 protocol. In addition, Enterprise Server employs the following security- 34 Netscape Enterprise Server Administrator’s Guide...
Page 35: Administering And Managing Enterprise Servers
Netscape Enterprise Server based standards: Public Key Cryptography Standard (PKCS) #11, which defines the interface used for communication between SSL and PKCS #11 modules; Federal Information Processing Standards (FIPS)-140; and special certificates that work with 40, 56, or 128 bits, depending on the capability of the client.
Page 36: Netscape Enterprise Server Architecture
“Netscape Console” or Managing Servers with Netscape Console. Netscape Enterprise Server Architecture The Netscape Enterprise Server incorporates a modular architecture that integrates seamlessly with all of the products in the Netscape family of servers. All Netscape servers share a single interface for administrative functions: the Enterprise Administration Server (formerly, the Administrative Server).
Page 37: Content Engines
Netscape Enterprise Server Architecture Content Engines Enterprise Server content engines are designed for manipulating customer data. The following three content engines make up the Web Publishing layer of the Enterprise Server architecture: HTTP (Web Server), Content Management, and the Search (Verity).
Page 38: Runtime Environments
• NSAPI Engine • Java Virtual Machine (JVM) • JavaScript Virtual Machine Application Services Finally, the Enterprise Server architecture includes a set of application services for various application-specific functions. These application services include the following: 38 Netscape Enterprise Server Administrator’s Guide...
Page 39: How Enterprise Server Is Configured
• Mail Service How Enterprise Server is Configured Netscape Enterprise Server is configured to enable you to turn on or off various features, determine how to respond to individual client requests, and write programs that run on and interact with the server’s operation. The instructions (called directives) which identify these options are stored in configuration files.
Page 40: Enterprise Server Configuration Files
(such as browsers). Enterprise Server reads this file every time it processes a client request. For more information, see “Viewing Server Settings,” on page 166 in Chapter 7, “Configuring Server Preferences.” 40 Netscape Enterprise Server Administrator’s Guide...
Page 41: Single-Server Configuration
How Enterprise Server is Configured For more information about the actual file syntax and the specific directives used by the obj.conf and magnus.conf configuration files, see the NSAPI Programmer’s Guide for Enterprise Server 4.0. mime.types: the MIME (Multi-purpose Internet Mail Extension) type configuration file.
Page 42 Working copies are kept here. For more information on magnus.conf and obj.conf, see the NSAPI Programmer’s Guide for Enterprise Server 4.0. • logs contains any error or access log files. 42 Netscape Enterprise Server Administrator’s Guide...
Page 43 How Enterprise Server is Configured • startsvr.bat is the script that starts the Server Manager. The Server Manager lets you configure all servers installed in the server root directory. • stopsvr.bat is the script that stops the Server Manager. • https- server_id are the directories for each server you have installed on the machine.
Page 44: Unix-Only Platforms
• restart is the script that restarts the Server Manager. • start is the script that starts the Server Manager. The Server Manager lets you configure all servers installed in the server root directory. 44 Netscape Enterprise Server Administrator’s Guide...
Page 45: Multiple-Server Configuration
Enterprise Administration Server • startconsole launches a browser to the Enterprise Administration Server page. • stop is the script that stops the Server Manager. Multiple-Server Configuration You can also have multiple Web servers running on the same server—all of which can be configured from a single-server administration interface called Enterprise Administration Server, or from the client-side application, Netscape Console.
Page 46: Server Manager
JavaScript forms you use to configure individual instances of Netscape Enterprise Server. This section includes the following topics: • Accessing the Server Manager • Using the Resource Picker • Wildcards Used in the Resource Picker 46 Netscape Enterprise Server Administrator’s Guide...
Page 47: Accessing The Server Manager
Server Manager Accessing the Server Manager You can access the Server Manager for Enterprise Server by performing the following steps: Install and start your Enterprise Server. Enterprise Server displays the Enterprise Administration Server Servers page. In the Manage Servers area, select the desired server and click Manage. Enterprise Server displays the Server Manager Preferences page, as shown in the following illustration: Figure 1.1 The Enterprise Server 4.0 Server Manager...
Page 48: Using The Resource Picker
These pages include the Resource Picker, shown in Figure 1.2, at the top. The Resource Picker lets you specify what resource to configure. Figure 1.2 Resource Picker 48 Netscape Enterprise Server Administrator’s Guide...
Page 49: Wildcards Used In The Resource Picker
Server Manager Pick a resource from the drop-down list for configuration. Click Browse to browse your primary document directory; clicking Options allows you to choose other directories. Click Wildcard to configure files with a specific extension. Wildcards Used in the Resource Picker In many parts of the server configuration, you specify wildcard patterns to represent one or more items to configure.
Page 50: Netscape Console
You can log in from any system connected to your network to manage a remote server or to make changes in a centralized directory. 50 Netscape Enterprise Server Administrator’s Guide...
Page 51 Netscape Console Netscape Console provides access to all resources under your control Figure 1.3 For any given instance of Netscape Console, the limits of the network it can Note administer are defined by the set of resources whose configuration information is stored in the same configuration directory.
Page 52: Sending Error Information To Netscape
Sending Error Information to Netscape Sending Error Information to Netscape Netscape Enterprise Server 4.0 includes an error-handling mechanism called the Quality Feedback Agent. The Quality Feedback Agent enables you to automatically send error information (stack and register dump) to Netscape if your Enterprise Server crashes.
Page 53: Using The Quality Feedback Agent
Sending Error Information to Netscape Table 1.2 Data Collected by Quality Feedback Agent Data Collected OS-specific Data Reason for Data Collection OS Version Windows: Provides the OS version. This Windows Version information is necessary because the Unix: Unix way the Enterprise Server interacts with Version different versions of an OS can cause different kinds of failures.
Page 54: Editing Master.ini
In addition, there are two optional magnus.conf file variables for the Quality Feedback Agent: • TalkbackMaxIncidents: If the server crashes more often than this number within a time interval, the Quality Feedback Agent will be turned off automatically. The default is 5. 54 Netscape Enterprise Server Administrator’s Guide...
Page 55 Sending Error Information to Netscape • TalkbackInterval: The interval used by the parameter above, in seconds. The default is 86400 seconds (24 hours). Note that both variables have no effect unless the Quality Feedback Agent is turned on. Once you restart the server, the counters are reset and the whole process starts over.
Page 56 Sending Error Information to Netscape 56 Netscape Enterprise Server Administrator’s Guide...
Page 57: Chapter 2 Administering Enterprise Servers
C h a p t e r Administering Enterprise Servers Chapter 2 This chapter describes how to administer your Enterprise Servers with Enterprise Administration Server. Using the Enterprise Administration Server, you can manage servers, add and remove servers, and migrate servers from a previous release.
Page 58: Unix Platforms
Enterprise Server then displays a window prompting you for a username and password. Type the administration username and password you specified during installation. Enterprise Server displays the Enterprise Administration Server page, as shown in Figure 2.1: 58 Netscape Enterprise Server Administrator’s Guide...
Page 59 Accessing Enterprise Administration Server Figure 2.1 The Enterprise Administration Server Page For more information, see “Enterprise Administration Server,” in the online help. You must enable cookies in your browser to run the CGI programs necessary Note for configuring your server. You can also access the Enterprise Administration Server from a remote location as long as you have access to client software such as Netscape Navigator.
Page 60: Adding A Server: Running Multiple Servers
Like hardware virtual servers, software virtual servers all must have the same configuration. For more information on software virtual servers, see “Setting up Software Virtual Servers,” on page 322 in Chapter 13, “Managing Server Content.” 60 Netscape Enterprise Server Administrator’s Guide...
Page 61: Multiple Server Instances
Installing Multiple Instances of the Server Multiple Server Instances Multiple server instances enables you to define separate types of configuration information for each server. For example, one instance of the server could have security features or web publishing enabled while another server could have them disabled.
Page 62: Removing A Server
For details, check with your product documentation. To remove a server from your machine, perform the following steps: Access the Enterprise Administration Server and choose the Servers tab. Click Remove Server. 62 Netscape Enterprise Server Administrator’s Guide...
Page 63: Migrating A Server From A Previous Version
Migrating a Server From a Previous Version The Enterprise Administration Server subsequently deletes the server’s configuration files, Server Manager forms, and the following directory (and any subdirectories): server_root /<servertype>-<id> For more information, see “The Remove Server Page,” in the online help. Migrating a Server From a Previous Version You can migrate an Enterprise Server from 3.6 to 4.0.
Page 64 Migrating a Server From a Previous Version 64 Netscape Enterprise Server Administrator’s Guide...
Page 65: Part 2 Using Enterprise Administration Server
Using Enterprise Administration Server • Setting Administration Preferences • Managing Users and Groups • Working with Server Security • Managing Server Clusters Part 2, Using Enterprise Administration Server 65...
Page 66 66 Netscape Enterprise Server Administrator’s Guide...
Page 67: Chapter 3 Setting Administration Preferences
C h a p t e r Setting Administration Preferences Chapter 3 This document describes the administration forms available via the Preferences and Global Settings tabs in Enterprise Administration Server that you use to configure your Enterprise Servers. Note that you must enable cookies in your browser to run the CGI programs necessary for configuring your server.
Page 68: Shutting Down Enterprise Administration Server
“Off.” Changing Network Settings Network settings affect the way Enterprise Administration Server works with your Enterprise Servers. You can change the system user account and password and port number for Enterprise Administration Server. 68 Netscape Enterprise Server Administrator’s Guide...
Page 69: Changing The User Account And Password
Changing Network Settings Changing the User Account and Password To change the system user account, you must use the Server Manager forms. For more information, see “Configuring Network Settings,” on page 167 in Chapter 7, “Configuring Server Preferences.” You can also change the password that the server uses when the service starts. Make sure that the user account has a password and has both administrative and “log on as a service”...
Page 70: Changing The Superuser Settings
The superuser’s username and password are kept in a file called server_root /admin-serv/config/admpw. If you forget the username, you can view this file to obtain the actual name; however, note that the password is encrypted and unreadable. The file has the format username:password. 70 Netscape Enterprise Server Administrator’s Guide...
Page 71: Enabling Distributed Administration
Enabling Distributed Administration If you forget the password, you can edit the admpw file and simply delete the Warning encrypted password. You can then go to the Server Manager forms and specify a new password. Because you can do this, it is very important that you keep the server computer in a secure place and restrict access to its file system.
Page 72 Choose the Preferences tab. Click the Distributed Admin link. Make the desired changes and click OK. For more information, see “The Distributed Administration Page,” in the online help. 72 Netscape Enterprise Server Administrator’s Guide...
Page 73: Configuring Secure Sockets Layer (Ssl)
Configuring Secure Sockets Layer (SSL) Configuring Secure Sockets Layer (SSL) Using Enterprise Administration Server, you can activate the Enterprise Server encryption feature and set various encryption preferences. For more information regarding Enterprise Server encryption features, see “About Enterprise Server Security,” on page 114 in Chapter 5, “Working with Server Security.”...
Page 74: Setting Stronger Ciphers
For more information, see “The Encryption Preferences Page,” in the online help. Setting Stronger Ciphers You can set stronger ciphers via the Stronger Ciphers option on the Server Manager Preferences tab in both domestic and export versions of the server. 74 Netscape Enterprise Server Administrator’s Guide...
Page 75: Specifying Log File Options
Specifying Log File Options In the domestic version of Enterprise Server, the Stronger Ciphers option presents a choice of 168, 128, or 56-bit secret keysize restriction, or no restriction. In the export version, this option presents a choice of 56-bit secret keysize or no restriction.
Page 76: Viewing The Access Log File
To view the access log file, perform the following steps: Access the Enterprise Administration Server and choose the Preferences tab. Click the View Access Log link and click OK. For more information, see “The View Error Log Page,” in the online help. 76 Netscape Enterprise Server Administrator’s Guide...
Page 77: Viewing The Error Log File
Specifying Log File Options Viewing the Error Log File The error log file, located in admin/logs in the server root directory, lists all the errors the server has encountered since the log file was created. It also contains informational messages about the server, such as when the server was started and who tried unsuccessfully to log in to the server.
Page 78: Using Cron Controls (Unix Only)
Access the Enterprise Administration Server and choose the Global Settings tab. Click the Cron Control link. Click Restart, Start, or Stop to change the cron controls. Note that any time you add a task to Netscape cron, you need to restart the daemon. 78 Netscape Enterprise Server Administrator’s Guide...
Page 79: Configuring Directory Services
Configuring Directory Services Configuring Directory Services You can manage all your user information from a single source via an open- systems server protocol called the Lightweight Directory Access Protocol (LDAP). You can also configure the server to allow your users to retrieve directory information from multiple, easily accessible network locations.
Page 80 Enterprise Administration Server displays the access control rules for the server you specified. Make the desired access control changes and click OK. For more information, see “The Restrict Access Page,” in the online help. 80 Netscape Enterprise Server Administrator’s Guide...
Page 81: Chapter 4 Managing Users And Groups
C h a p t e r Managing Users and Groups Chapter 4 This chapter describes how to use the forms in Enterprise Administration Server Users and Groups tab. This chapter includes the following sections: • About Users and Groups •...
Page 82: About Users And Groups
Enterprise Servers. Netscape Enterprise Server 4.0 does not support local LDAP. In order to add users and groups, you must have a directory server installed, such as Netscape Directory Server.
Page 83: Creating Users
Creating Users Creating Users Use the Users and Groups tab of Enterprise Administration Server to create or modify user entries. A user entry contains information about an individual person or object in the database. This section includes the following topics: •...
Page 84: How To Create A New User Entry
The following user entry notes may be of interest to the directory administrator: • User entries use the inetOrgPerson, organizationalPerson, and person object classes. • By default, the distinguished name for users is of the form: cn=full name, ou=organization, ...,o=base organization, c=country 84 Netscape Enterprise Server Administrator’s Guide...
Page 85 Creating Users For example, if a user entry for Billie Holiday is created within the organizational unit Marketing, and the directory’s base DN is o=Ace Industry, c=US, then the person’s DN is: cn=Billie Holiday, ou=Marketing, o=Ace Industry, c=US However, note that you can change this format to a uid-based distinguished name.
Page 86: Managing Users
If no such entries are found, all entries that contain the search string will be found. If no such entries are found, any entries that sounds like the search string are found. • A user ID. 86 Netscape Enterprise Server Administrator’s Guide...
Page 87: Building Custom Search Queries
Managing Users • A telephone number. If you enter only a partial number, any entries that have telephone numbers ending in the search number will be returned. • An email address. Any search string containing an at (@) symbol is assumed to be an email address.
Page 88: Search Attribute Options
To display all of the users entries contained in the Look Within directory, enter either an asterisk (*) or simply leave this text field blank. Search Attribute Options The available search attribute options are described in the following table: 88 Netscape Enterprise Server Administrator’s Guide...
Page 89: Search Type Options
Managing Users Table 4.3 Search Attribute Options Option Name Description Search each entry’s full name for a full name match. Search each entry’s last name, or last name surname for a match. Search each entry’s user id for a user id match.
Page 90: Editing User Information
Display the user entry as described in “Finding User Information,” on page 86. Edit the field corresponding to the attribute that you wish to change. For more information, see “The Edit Users Page,” in the online help. 90 Netscape Enterprise Server Administrator’s Guide...
Page 91: Managing A User's Password
Managing Users It is possible that you will want to change an attribute value that is not Note displayed by the edit user form. In this situation, use the Directory Server ldapmodify command line utility, if available. In addition, note that you can change the user’s first, last, and full name field from this form, but to fully rename the entry (including the entry’s distinguished name), you need to use the Rename User form.
Page 92: Managing User Licenses
To rename a user entry, perform the following steps: Access the Enterprise Administration Server and choose the Users & Groups tab. Display the user entry as described in “Finding User Information,” on page 86. 92 Netscape Enterprise Server Administrator’s Guide...
Page 93: Removing Users
Creating Groups Note that if you are using common name-based DNs, specify the user’s full name. If you are using uid-based distinguished names, enter the new uid value that you want to use for the entry. Click the Rename User button. Change the Given Name, Surname, Full Name, or UID fields as is appropriate to match the new distinguished name for the entry.
Page 94: Static Groups
Guidelines for Creating Static Groups Consider the following guidelines when using the Enterprise Administration Server forms to create new static groups: • Static groups can contain other static or dynamic groups. 94 Netscape Enterprise Server Administrator’s Guide...
Page 95: To Create A Static Group
Creating Groups • You can optionally also add a description for the new group. • If any organizational units have been defined for your directory, you can specify where you want the new group to be placed using the Add New Group To list.
Page 96: How Enterprise Server 4.0 Implements Dynamic Groups
ACL). For example, if you want base access rights on membership in a group named “staff,” the ACL code looks up an object that has an object class of groupOf <anything> and a CN set to “staff.” 96 Netscape Enterprise Server Administrator’s Guide...
Page 97: Groups Can Be Static And Dynamic
Creating Groups The object defines the members of the group, either by explicitly enumerating the member DNs (as is done for groupOfUniqueNames for static groups), or by specifying LDAP URLs (for example, groupOfURLs). Groups Can Be Static and Dynamic A group object can have both objectclass = groupOfUniqueMembers and objectclass = groupOfURLs;...
Page 98 URL. If you do not want to specify any attributes, you still need to include the question marks delimiting that field. • You can optionally also add a description for the new group. 98 Netscape Enterprise Server Administrator’s Guide...
Page 99: To Create A Dynamic Group
Managing Groups • If any organizational units have been defined for your directory, you can specify where you want the new group to be placed using the Add New Group To list. The default location is your directory’s root point, or top- most entry.
Page 100: Finding Group Entries
In the Format field, choose either On-Screen or Printer. Click Find. All the groups matching your search criteria are displayed. In the resulting table, click the name of the entry that you want to edit. 100 Netscape Enterprise Server Administrator’s Guide...
Page 101: The "Find All Groups Whose" Field
Managing Groups The “Find all groups whose” Field The Find all groups whose field allows you to build a custom search filter. Use this field to narrow down the search results that are otherwise returned by Find groups. For more information regarding how to build a custom search filter, see “Building Custom Search Queries,”...
Page 102: Adding Group Members
• Enter either an asterisk (*) or simply leave this text field blank to see all of the entries or groups currently residing in your directory. • Any LDAP search filter. Any string that contains an equal sign (=) is considered to be a search filter. 102 Netscape Enterprise Server Administrator’s Guide...
Page 103: Adding Groups To The Group Members List
Managing Groups Click Find and Add to find all the matching entries and add them to the group. If the search returns any entries that you do not want add to the group, click the box in the Remove from list? column. You can also construct a search filter to match the entries you want removed and then click Find and Remove.
Page 104: Removing Entries From The Group Members List
“Adding Group Members,” on page 102. Add groups to the owners “Adding Groups to the Group Members List,” list on page 103. Remove entries from the “Removing Entries from the Group Members owners list List,” on page 104. 104 Netscape Enterprise Server Administrator’s Guide...
Page 105: Managing See Alsos
Managing Groups Managing See Alsos “See alsos” are references to other directory entries that may be relevant to the current group. They allow users to easily find entries for people and other groups that are related to the current group. You manage see alsos the same way as you manage the group members list.
Page 106: Renaming Groups
To create an organizational unit, perform the following steps: Access the Enterprise Administration Server and choose the Users & Groups tab. Click the New Organizational Unit link and enter the required information. 106 Netscape Enterprise Server Administrator’s Guide...
Page 107: Managing Organizational Units
Managing Organizational Units For more information, see “The New Organizational Unit Page,” in the online help. The following notes may be of interest to the directory administrator: • New organizational units are created using the organizationalUnit object class. • The distinguished name for new organizational units is of the form: ou=new organization, ou=parent organization, ...,o=base organization, c=country For example, if you create a new organization called Accounting within the...
Page 108: The "Find All Units Whose" Field
“Building Custom Search Queries,” on page 87. To display all of the group entries contained in the Look Within directory, enter either an asterisk (*) or simply leave this text field blank. 108 Netscape Enterprise Server Administrator’s Guide...
Page 109: Editing Organizational Unit Attributes
Managing Organizational Units Editing Organizational Unit Attributes To change a organizational unit entry, access the Enterprise Administration Server and perform the following steps: Locate the organizational unit you want to edit as described in “Finding Organizational Units,” on page 107. The organizational unit edit form is displayed.
Page 110: Deleting Organizational Units
Enterprise Server displays the Language Selection List. In the Languages in the Selection List field, click the Add to List checkbox to add each language you want specified as part of the Preferred Language List. 110 Netscape Enterprise Server Administrator’s Guide...
Page 111 Managing a Preferred Language List Click the Default value for the language you want to specify as the default language in the Preferred Language List. Click Save Changes. Chapter 4, Managing Users and Groups 111...
Page 112 Managing a Preferred Language List 112 Netscape Enterprise Server Administrator’s Guide...
Page 113: Chapter 5 Working With Server Security
C h a p t e r Working with Server Security Chapter 5 This chapter describes how to activate the Secure Sockets Layer (SSL) protocol and other features designed to safeguard your data, deny intruders access, and designate who has access to the server. Enterprise Server incorporates the security architecture of all Netscape servers: it’s built on industry standards and public protocols for maximum interoperability and consistency.
Page 114: About Enterprise Server Security
All Netscape 4.0 servers support the SSL protocol for encrypted communication and PKCS #11 APIs for communication with software or hardware modules that perform cryptographic operations. You need to configure the Enterprise Administration Server for SSL if you want to enable encryption and other 114 Netscape Enterprise Server Administrator’s Guide...
Page 115: Fips-140 Compliance
About Enterprise Server Security cryptographic operations. For more information regarding how to enable SSL for Enterprise Server, see “Configuring Secure Sockets Layer (SSL),” on page 73 in Chapter 3, “Setting Administration Preferences.” FIPS-140 Compliance You can configure Enterprise Server to be Federal Information Processing Standards (FIPS)-140 compliant.
Page 116: Client And Server Authentication
Navigator or Netscape Communicator and the certificate is expired, the client warns the user before sending the out-of-date certificate. Most Netscape servers will log an error, reject the certificate, and return a message to the client.) 116 Netscape Enterprise Server Administrator’s Guide...
Page 117: 128-Bit Step-Up Certificates
Configuring Enterprise Server for SSL This section explains how to get client certificate authentication working with Netscape Enterprise Server. When you have finished following the procedures outlined in this chapter, you will have a web server that requires a user to present a valid client SSL certificate in order to access restricted areas on the server.
Page 118: Creating A New Server Instance
Access the Enterprise Administration Server and choose the Servers tab. Click the Add Server link. Enter the desired information for the specified fields. For more information, see “The Add Server Page,” in the online help. 118 Netscape Enterprise Server Administrator’s Guide...
Page 119: Creating A Certificate Trust Database
Creating a Certificate Trust Database Creating a Certificate Trust Database A certificate database is a key-pair and certificate database installed on the local host. When you use an internal token, the certificate database is the database into which you install the key and certificate. In Enterprise Server 4.0, each server instance (including the Enterprise Administration Server) has its own certificate/key pair which is referred to as a trust database.
Page 120: Requesting A Certificate
In the form that Enterprise Server displays, specify if this is a new certificate or a renewal. Many certificates expire after a set period of time, such as six months or a year. Some CAs will automatically send you a renewal. 120 Netscape Enterprise Server Administrator’s Guide...
Page 121 Requesting a Certificate Perform the following steps to specify how you want to submit the request for the certificate: If the CA expects to receive the request in an email message, check CA Email and enter the email address of the CA. For a list of CAs, click List of available certificate authorities.
Page 122: Required Ca Information
• Organization is the official, legal name of your company, educational institution, partnership, and so on. Most CAs require that you verify this information with legal documents (such as a copy of a business license). 122 Netscape Enterprise Server Administrator’s Guide...
Page 123: Installing And Managing Certificates
Installing and Managing Certificates • Organizational Unit is an optional field that describes an organization within your company. This can also be used to note a less formal company name (without the Inc., Corp., and so on). • Locality is an optional field that usually describes the city, principality, or country for the organization.
Page 124 Service CA” is the name of the CA, and “VeriSign Class 2 Primary CA” describes both the CA and the type of certificate. If the certificate is for “this server,” the Enterprise Administration Server uses the name Server-Cert. 124 Netscape Enterprise Server Administrator’s Guide...
Page 125 Installing and Managing Certificates Either type the full pathname to the saved email or paste the email text in the field called Message text. If you copy and paste the text, be sure to include the headers “Begin Certificate” and “End Certificate”—including the beginning and ending hyphens.
Page 126: Managing Certificates
/alias. To view more information about a certificate, click the link for the certificate. A window appears, containing information about that certificate. Figure 5.2 shows a sample. 126 Netscape Enterprise Server Administrator’s Guide...
Page 127: Using Secure Sockets Layer (Ssl)
Using Secure Sockets Layer (SSL) Figure 5.2 Certificate information includes the owner and who issued it. To trust the CA, click Trust. If the CA is already trusted, you can click Do Not Trust. By default, all CAs are not trusted. To delete the certificate, click the Delete Certificate button.
Page 128: Activating Ssl
Improvements were made to the protocol after version 2 that improve security and performance; you should not use SSL 2 unless you have a real need to service clients that are not capable of using SSL 3. Client certificates are not 128 Netscape Enterprise Server Administrator’s Guide...
Page 129: Setting Security (Ssl) Preferences
Using Secure Sockets Layer (SSL) guaranteed to work with SSL 2 ciphers. To specify which ciphers your server can use, check them in the list. Unless you have a compelling reason not to use a specific cipher, you should check them all. Another reason for not enabling all ciphers is to prevent SSL connections with less than optimal encryption.
Page 130: Guidelines For Installing A Pkcs#11 Module
The server always tries to start with the certificate named “Server-Cert.” However, certificates in external PKCS#11 modules include one of the module’s token names in their identifier. For example, a sever certificate installed on an external smartcard reader called “smartcard0” would be named “smartcard0:Server-Cert.” 130 Netscape Enterprise Server Administrator’s Guide...
Page 131: To Import A Pkcs#11 Module
Using Secure Sockets Layer (SSL) To tell the server to start with that server certificate instead, you must edit magnus.conf and add the following line anywhere in the file: CERTDefaultNicknae $TOKENNAME:Server-Cert To find out what value to use for $TOKENNAME, go to the server’s Security tab and select the Manage Certificates link.
Page 132: Ssl2
The Ciphers directive specifies the ciphers enabled for your server. Ciphers +rc4,+rc4export,+rc2,+rc2export,+des,+desede3 Syntax A + means the cipher is active, and a - means the cipher is inactive. Any cipher with export as part of its name is not stronger than 40 bits. 132 Netscape Enterprise Server Administrator’s Guide...
Page 133: Ssl3Ciphers
Using Secure Sockets Layer (SSL) SSL3Ciphers The SSL3Ciphers directive specifies which SSL 3 ciphers are enabled for your server. Syntax SSL3Ciphers +rsa_rc4_128_md5,+rsa_3des_sha,+rsa_des_sha,+rsa_rc4_40_m d5,+rsa_rc2_40_md5,-rsa_null_md5,+rsa_des_56_sha,+rsa_rc4_56_sha A + means the cipher is active, and a - means the cipher is inactive. Any cipher with 40 as part of its name is 40 bits. SSL3SessionTimeout The SSL3SessionTimeout directive controls SSL3 session caching.
Page 134: Using Client Certificates
Enterprise Server 4.0. Mapping Client Certificates to LDAP This section describes the process Netscape Enterprise Server uses to map a client certificate to an entry in an LDAP directory. When the server gets a request from a client, it asks for the client’s certificate before proceeding.
Page 135 Using Client Certificates After the server checks that the certificate’s CA is trusted, the server performs the following steps to map the certificate to an LDAP entry: It maps the subject (user’s) DN from the user’s cert to a branch point in the LDAP directory.
Page 136: Using The Certmap.conf File
DN of the CA who issued the client certificate. For example, the following two issuerDN lines differ only in the spaces separating the attributes, but the server treats these two entries as different: certmap moz1 ou=Mozilla Certificate Authority,o=Netscape,c=US certmap moz2 ou=Mozilla Certificate Authority, o=Netscape, c=US 136 Netscape Enterprise Server Administrator’s Guide...
Page 137 Using Client Certificates The second and subsequent lines in the named mapping match properties with values. The certmap.conf file has six default properties (you can use the certificate API to customize your own properties): • DNComps is a list of comma-separated attributes used to determine where in the LDAP directory the server should start searching for entries that match the user’s information (that is, the owner of the client certificate).
Page 138 DNComps and FilterComps mappings. This approach to matching a certificate to an LDAP entry is useful when it’s difficult to match entries using DNComps and FilterComps. 138 Netscape Enterprise Server Administrator’s Guide...
Page 139: Creating Custom Properties
Using Client Certificates • Library is a property whose value is a pathname to a shared library or DLL. You only need to use this property if you create your own properties using the certificate API. For more information, see the NSAPI Programmer’s Guide for Enterprise 4.0.
Page 140 DN listed in the first line of the mapping. In the previous example, a certificate from an issuer DN that is o=United States Postal Service,c=US won’t match because there isn’t a space between the o and the c attributes. 140 Netscape Enterprise Server Administrator’s Guide...
Page 141: Changing The Trust Database/Key Pair File Password
Changing the Trust Database/Key Pair File Password Example #3 The following example uses the CmapLdapAttr property to search the LDAP database for an attribute called certSubjectDN whose value exactly matches the entire subject DN taken from the client certificate. certmap myco ou=My Company Inc, o=myco, c=US myco:CmapLdapAttr certSubjectDN myco:DNComps o, c...
Page 142: Migrating Enterprise Server 3.X Certificates
Manager’s Security tab. The certificate and key database files are now named after the server instance that uses them. If multiple 3.6 server instances use the same alias, when you migrate each instance the certificate/key pair are migrated and named for the new server instance. 142 Netscape Enterprise Server Administrator’s Guide...
Page 143: Additional Server Security Considerations
Additional Server Security Considerations The migration not only migrates the server certificate, it migrates the whole trust database associated with the server instance. All the Certificate Authorities (CAs) in your 3.6 database are migrated to the 4.0 database. If they duplicate the 4.0 CAs, you use the 3.6 CA until it expires, then the 4.0 CA.
Page 144: Limit Administration Access
There are some simple guidelines that will help you create a stronger password. It is not necessary to incorporate all of the following rules in one password, but the more of the rules you use, the better your chances of making your password hard to crack: 144 Netscape Enterprise Server Administrator’s Guide...
Page 145: Secure Your Key-Pair File
Additional Server Security Considerations • Passwords should be 6-14 characters long. • Mac passwords cannot be longer than 8 characters. • Do not use the “illegal” characters: *, ", or spaces. • Do not use dictionary words (any language). • Do not make common letter substitutions (like replacing 3’s for E’s and 1’s for L’s) within dictionary words.
Page 146: Prevent Clients From Caching Ssl Files
The server offers secure connections between the server and the client. It can’t control the security of information once the client has it, nor can it control access to the server machine itself and its directories and files. 146 Netscape Enterprise Server Administrator’s Guide...
Page 147: Consider Additional Measures For Unprotected Servers
Additional Server Security Considerations Being aware of these limitations helps you know what situations to avoid. For example, you might acquire credit card numbers over an SSL connection, but are those numbers stored in a secure file on the server machine? What happens to those numbers after the SSL connection is terminated? You should be responsible for securing any information clients send to you through SSL.
Page 148 Additional Server Security Considerations Figure 5.3 Example Chroot Directory Structure For more information regarding how to implement chroot in the magnus.conf file, see the NSAPI Programmer’s Guide for Enterprise Server 4.0. 148 Netscape Enterprise Server Administrator’s Guide...
Page 149: Chapter 6 Managing Server Clusters
C h a p t e r Managing Server Clusters Chapter 6 This chapter describes the concept of clustering Netscape Enterprise servers and explains how you can use them to share configurations among servers. This chapter includes the following sections: •...
Page 150: Preliminary Guidelines For Using Server Clusters
Enterprise Servers per cluster, you would first need to install all of the servers on the computers where they’ll run, and then you would configure one of the Enterprise Servers in each cluster as the Enterprise Administration Server, and 150 Netscape Enterprise Server Administrator’s Guide...
Page 151 Preliminary Guidelines for Using Server Clusters then you’ll need to configure one single cluster’s administration server as the master Enterprise Administration Server for all clusters. It doesn’t matter which server you choose as the master administration server. The following list provides some guidelines for configuring groups of servers into clusters: •...
Page 152: Setting Up A Cluster
After changing the configuration for a remote server, restart the remote server. Note For more information about how to use the Server Manager forms, see “Server Manager,” in the online help. 152 Netscape Enterprise Server Administrator’s Guide...
Page 153: Adding A Server To The Server List
Adding a Server to the Server List Adding a Server to the Server List When you add a server to a cluster, you specify its Enterprise Administration Server and port number. If that Enterprise Administration Server contains information about more than one server, all of its servers are added to the cluster.
Page 154: Modifying Cluster Information
Enterprise Administration Server server uses, if it has changed. If applicable, type the new hostname for the remote Enterprise Administration Server. If applicable, type the new port number that the remote Enterprise Administration Server uses. Click OK. 154 Netscape Enterprise Server Administrator’s Guide...
Page 155: Removing Servers From A Cluster
Removing Servers from a Cluster For more information, see “The Modify Server Settings in Cluster Database Page,” in the online help. Removing Servers from a Cluster To remove a server from the cluster, perform the following steps: Go to the master Enterprise Administration Server and choose the Cluster Mgmt tab.
Page 156 Configure the servers using the form elements specific to the type of server you selected. Most Netscape servers let you start, stop, or restart the server by clicking the corresponding buttons on the form. For more information, see “The Cluster Control Page,” in the online help. 156 Netscape Enterprise Server Administrator’s Guide...
Page 157: Part 3 Configuring And Monitoring
Configuring and Monitoring • Configuring Server Preferences • Understanding Log Files • Using SNMP to Monitor Servers • Configuring the Server for Performance Part 3, Configuring and Monitoring 157...
Page 158 158 Netscape Enterprise Server Administrator’s Guide...
Page 159: Chapter 7 Configuring Server Preferences
C h a p t e r Configuring Server Preferences Chapter 7 This chapter describes how to configure server preferences for your Netscape Enterprise Server. This chapter contains the following sections: • Starting and Stopping the Server • Viewing Server Settings •...
Page 160: Starting And Stopping The Server
The advantages to configuring this value is that the server will wait longer for connections to complete. However, because servers often have connections open from nonresponsive clients, increasing the termination timeout may increase the time it takes for the server to shut down. 160 Netscape Enterprise Server Administrator’s Guide...
Page 161: Restarting The Server (Unix)
Starting and Stopping the Server Restarting the Server (Unix) You can restart the server using one of the following methods: • Automatically restart it from the inittab file. Note that if you are using a version of Unix not derived from System V (such as SunOS 4.1.3), you will not be able to use the inittab file.
Page 162: Restarting With Inittab (Unix)
The -i option runs the server in inittab mode, so that if the server process is ever killed or crashed, inittab will restart the server for you. This option also prevents the server from putting itself in a background process. 162 Netscape Enterprise Server Administrator’s Guide...
Page 163: Stopping The Server Manually (Unix)
Starting and Stopping the Server If the server is already running, the start command will fail. You must stop Note the server first, then use the start command. Also, if the server startup fails, you should kill the process before trying to restart it. Stopping the Server Manually (Unix) If you used the etc/inittab file to restart the server you must remove the line starting the server from /etc/inittab and type kill -1 1 before you...
Page 164 If the file does not exist, you will be prompted for the password. If password.txt exists but the password is incorrect, the server will add an entry to the error log and exit. 164 Netscape Enterprise Server Administrator’s Guide...
Page 165: Using The Automatic Restart Utility (Windows Nt)
Starting and Stopping the Server If you have an NTFS file system, you should protect the directory that contains Warning password.txt by restricting its access, even if you do not use the file. The directory should have read/write permissions for the administration server user and the web server user.
Page 166: Viewing Server Settings
\config. For more information about the magnus.conf and obj.conf files, see the NSAPI Programmer’s Guide for Enterprise Server 4.0. To view your server settings, see the View Server Settings page in the Server Manager. 166 Netscape Enterprise Server Administrator’s Guide...
Page 167: Configuring Network Settings
Configuring Network Settings The content settings displayed in the View Server Settings page depend on how you’ve configured your server. Common server content settings include the server’s document directory, its index filenames, name and location of its access log, and default MIME type. Configuring Network Settings You can change the following network settings on your server: server user, server name, server port, bind to address, and MTA host.
Page 168: Changing The Server's User Account (Windows Nt)
In the Service pop-up, in the Log on As section, click the This Account radio button. Type the user account you want the web server to use. Type the password for that account; type it again for confirmation. Click OK. 168 Netscape Enterprise Server Administrator’s Guide...
Page 169: Changing The Server Name
Configuring Network Settings Restart the server using the Services program or the Server Administration page. Changing the Server Name The server name is the full hostname of your server machine. When clients access your server, they use this name. The format for the server name is machinename.yourdomain.domain .
Page 170: Changing The Server Binding Address
For example, if a client tries repeatedly to connect to a part of your server protected by access control, you might return an error file with information on how to get an account. 170 Netscape Enterprise Server Administrator’s Guide...
Page 171: Working With Dynamic Configuration Files
Working with Dynamic Configuration Files Before you can enable a custom error response, you must create the HTML file to send or the CGI program to run in response to an error. After you do this, enable the response in the Network Settings page in the Enterprise Administration Server.
Page 172 After editing the configuration file, stop and start your server. Apply your configuration file changes in the Enterprise Server by clicking the Apply button. Subsequent accesses to the server will be subject to .htaccess access control in the specified directories. 172 Netscape Enterprise Server Administrator’s Guide...
Page 173 14, “Controlling Access to Your Server.” Converting Existing .nsconfig Files to .htaccess Files The Netscape Enterprise Server includes a script for converting your existing .nsconfig files to .htaccess files. To convert your files, at the command prompt, enter the path to Perl on your system, the path to the script, and the path to your obj.conf file.
Page 174 The following example shows an .htaccess file: <Limit> GET POST order deny,allow deny from all allow from all </Limit> <Limit> PUT DELETE order deny,allow deny from all </Limit> AuthName mxyzptlk.kawaii.com AuthUserFile /server_root/mxyz-docs/service.pwd AuthGroupFile /server_root/mxyz-docs/service.grp 174 Netscape Enterprise Server Administrator’s Guide...
Page 175: Using .Nsconfig Files
Working with Dynamic Configuration Files Using .nsconfig Files With .nsconfig files, you can allow end users to apply access control or customize error messages without allowing them to use CGI or parsed HTML. The format and capability of these dynamic configuration files is described in “Writing .nsconfig Files”...
Page 176 The .nsconfig files consist of sets of directives that control the server. These directives are surrounded by Files directives that tell the server which files in the configuration file’s directory the directives apply to. For example: 176 Netscape Enterprise Server Administrator’s Guide...
Page 177 Working with Dynamic Configuration Files <Files PATTERN1 ... directives ... </Files <Files PATTERN2 ... directives ... </Files PATTERN1 and PATTERN2 are wildcard patterns that tell the server which filesystem paths to apply the directives to. For example, * would apply the directive to all filesystem pathnames.
Page 178 ErrorFile reason="Not Found" code="404" path="/errors/notfound.html" ErrorFile reason="Server Error" code="500" path="/errors/server-error.html" RestrictAccess method="(GET|HEAD|POST)" type="allow" ip="*" RestrictAccess method="(GET|HEAD|POST)" type="deny" ip="198.95.251.30" return-code="404" </Files <Files *.gif AddType exp=*.gif type=application/octet-stream </Files <Files *.txt RequireAuth dbm=" server_root /authdb/default" realm=Text userpat="user*" </Files 178 Netscape Enterprise Server Administrator’s Guide...
Page 179: Restricting Symbolic Links (Unix)
Restricting Symbolic Links (Unix) Restricting Symbolic Links (Unix) You can limit the use of the filesystem links in your server. Filesystem links are references to files stored in other directories or filesystems. The reference makes the remote file as accessible as if it were in the current directory. There are two types of filesystem links: •...
Page 180 In both cases, uxwdog sends SIGTERM to the ns-httpd process to shut down the server. For a restart operation, uxwdog then creates a new server process, passing it the file descriptors of the listen ports, and any passwords or PINs it has saved. 180 Netscape Enterprise Server Administrator’s Guide...
Page 181 Using the Watchdog (uxwdog) Process (Unix) The default behavior of the server watchdog process automatically restarts the server if the server process should terminate unexpectedly. You can revert to the previous default behavior, which was for the watchdog process to exit if the server terminates unexpectedly.
Page 182 Using the Watchdog (uxwdog) Process (Unix) 182 Netscape Enterprise Server Administrator’s Guide...
Page 183: Chapter 8 Understanding Log Files
C h a p t e r Understanding Log Files Chapter 8 You can monitor your server’s activity using several different methods. You can view the server’s status in real time by using the Hypertext Transfer Protocol (HTTP) or the Simple Network Management Protocol (SNMP). This chapter discusses how to monitor your server by recording and viewing log files or by using the performance monitoring tools provided with your operating system.
Page 184: About Log Files
- - [17/Feb/1999:1:04:38 -0800] “GET /docs/grafx/icon.gif HTTP/1.0” 204 342 wiley.a.com - - [20/Feb/1999:4:36:53 -0800] “GET /help HTTP/1.0” 401 571 arrow.a.com - john [29/Mar/1999:4:36:53 -0800] “GET /help HTTP/1.0” 401 571 Table 8.1 describes the last line of this sample access log. 184 Netscape Enterprise Server Administrator’s Guide...
Page 185: Viewing The Error Log File
Viewing the Error Log File Table 8.1 The fields in the last line of the sample access log file Access Log Field Example Hostname or IP address arrow.a.com. (In this case, the hostname is shown of client because the web server’s setting for DNS lookups is enabled;...
Page 186: Monitoring The Server Using Http
For a description of the various server statistics for which the interactive server monitor reports the totals, see the Monitor Current Activity page in the online help. To monitor your server, use launch the monitoring program from the Monitor Current Activity page. 186 Netscape Enterprise Server Administrator’s Guide...
Page 187: Archiving Log Files
Archiving Log Files Figure 8.1 The Interactive Server Monitor Archiving Log Files You can set up your log files to be automatically archived. At a certain time, or after a specified interval, your logs will be rotated. Enterprise Server saves the old log files and stamps the saved file with a name that includes the date and time they were saved.
Page 188: Internal-Daemon Log Rotation
For example, access might become access.24Apr-0430PM when it is rotates at 4:30 p.m. For more information about cron controls, see “Using Cron Controls (Unix Only)” on page 78. 188 Netscape Enterprise Server Administrator’s Guide...
Page 189: Setting Log Preferences
Setting Log Preferences Log rotation is initialized at server startup. If rotation is turned on, Enterprise Server creates a time-stamped access log file and rotation starts at server startup. Once the rotation starts, Enterprise Server creates a new time stamped log file when there is a request that needs to be logged to the access log file and it occurs after the prior-scheduled “next rotate time”.
Page 190: Easy Cookie Logging
If the accelerator is used, unavailable variables are logged as “-”. The server does not use the accelerator for dynamic content such as CGI scrips or SHTML pages, so all the variables are always logged correctly for these requests. 190 Netscape Enterprise Server Administrator’s Guide...
Page 191: Flushing The Log Buffer
Flushing the Log Buffer Flushing the Log Buffer You can flush the log buffer instantaneously or at a schedule other than the default time by setting buffer-flush in the logbufInit function in obj.conf. The value should be in milliseconds and greater that 0. For example: int logbuf_init(pblock *args) { char err[MAGNUS_ERROR_LEN];...
Page 192 500 Server Error status codes (Misconfiguration) u: total unique URL’s o: total unique hosts k: total kilobytes transferred c: total kilobytes saved by caches z: Do not count any items. -t [sx,mx,hx, xx,z]: Find general stats - Default:s5m5h24x10 192 Netscape Enterprise Server Administrator’s Guide...
Page 193: Using Performance Monitor (Windows Nt)
Choose Add to Chart from the Edit menu. The Add to Chart window appears. If the Netscape Enterprise Server you want to monitor is on a remote system, type its name in the Computer field. Choose Netscape Server from the Object pull-down menu.
Page 194 The Performance Monitor displays a chart with your selected items. A legend at the bottom of the page displays your choices. For more information about Performance Monitor, see the documentation for your operating system. 194 Netscape Enterprise Server Administrator’s Guide...
Page 195: Viewing Events (Windows Nt)
Viewing Events (Windows NT) Viewing Events (Windows NT) In addition to logging errors to the server error log (see “Viewing the Error Log File” on page 185), Enterprise Server logs severe system errors to the Event Viewer. The Event Viewer lets you monitor events on your system. Use the Event Viewer to see errors resulting from fundamental configuration problems, which can occur before the error log can be opened.
Page 196 Viewing Events (Windows NT) 196 Netscape Enterprise Server Administrator’s Guide...
Page 197: Chapter 9 Using Snmp To Monitor Servers
C h a p t e r Using SNMP to Monitor Servers Chapter 9 The majority of the content in this chapter is identical to the content in the SNMP chapter in Managing Netscape Servers with Netscape Console. However, some sections have been modified and new sections have been added to this chapter to make the content more specific to Enterprise Server 4.0.
Page 198: Snmp Basics
For example, if you had Directory Server, Enterprise Server, and the Messaging Server installed on the same host, the subagents for each of the servers would communicate with the same master agent. 198 Netscape Enterprise Server Administrator’s Guide...
Page 199: How Snmp Works
SNMP Basics Figure 9.1 Interaction between the network management station and a host computer. How SNMP Works A managed entity, such as a server, stores variables pertaining to network management. Variables that the master agent can access are known as managed objects.
Page 200: Netscape Mibs
MIB extensions. An enterprise can then create product-specific subtrees under its subtree. MIBs created by companies are located under the enterprises (1) node. The Netscape MIBs are located under the enterprises (1) node. 200 Netscape Enterprise Server Administrator’s Guide...
Page 201: The Enterprise Server Mib
SNMP Basics For detailed information about Enterprise Server’s network management variables, see “The Enterprise Server MIB” on page 202. The Enterprise Server MIB The Enterprise Server MIB is a file named netscape-http.mib. This file lists each object identifier for all servers currently supported by Netscape.
Page 202: The Enterprise Server Mib
A description of the server (includes httpEntityDescr operating system information). The enterprise subtree for vendors (for httpEntityId example, Netscape’s MIB has an object identifier of 1.3.6.1.4.1.1450). The HTTP version number. httpEntityProtocol The server software version number. httpEntityVersion 202 Netscape Enterprise Server Administrator’s Guide...
Page 203 The Enterprise Server MIB Table 9.1 netscape-http.mib managed objects and descriptions Managed object Description The organization responsible for the httpEntityOrganization server. The full path for the server. httpEntityLocation The person(s) responsible for the server httpEntityContact and contact information. The IP address of the machine the server httpEntityAddress is running on.
Page 204 The number of 500-level status requests httpStatisticsNum5xx handled by the server. The number of 200 (Transfer OK) httpStatisticsNum200 requests. The number of 302 (Moved Temporarily) httpStatisticsNum302 requests. The number of 304 (Not Modified) httpStatisticsNum304 requests. 204 Netscape Enterprise Server Administrator’s Guide...
Page 205: Setting Up Snmp On A Netscape Server
Setting Up SNMP on a Netscape Server Table 9.1 netscape-http.mib managed objects and descriptions Managed object Description The number of 401 (Unauthorized) httpStatisticsNum401 requests. The number of 403 (Forbidden) requests. httpStatisticsNum403 Setting Up SNMP on a Netscape Server In general, to use SNMP you must have a master agent and at least one subagent installed and running on a your system.
Page 206 Enable the subagent for each server installed on the system. • Native agent is currently running Reconfigure the SNMP native agent. • SMUX supported Enable the subagent for each server installed on the system. 206 Netscape Enterprise Server Administrator’s Guide...
Page 207: Using A Proxy Snmp Agent (Unix)
Using a Proxy SNMP Agent (Unix) Using a Proxy SNMP Agent (Unix) You need to use a proxy SNMP agent when you already have a native agent running, and you want to use continue using it concurrently with a Enterprise Server master agent.
Page 208: Installing The Proxy Snmp Agent
AGENT AT PORT 1161 WITH COMMUNITY public SUBTREES 1.3.6.1.2.1.1, 1.3.6.1.2.1.2, 1.3.6.1.2.1.3, 1.3.6.1.2.1.4, 1.3.6.1.2.1.5, 1.3.6.1.2.1.6, 1.3.6.1.2.1.7, 1.3.6.1.2.1.8 FORWARD ALL TRAPS; Starting the Proxy SNMP Agent To start the proxy SNMP agent, at the command prompt, enter: # sagt -c CONFIG& 208 Netscape Enterprise Server Administrator’s Guide...
Page 209: Restarting The Native Snmp Daemon
Reconfiguring the SNMP Native Agent Restarting the Native SNMP Daemon After starting the proxy SNMP agent, you need to restart the native SNMP daemon at the port you specified in the CONFIG file. To restart the native SNMP daemon, at the command prompt, enter # snmpd -P port_number where port_number is the port number specified in the CONFIG file.
Page 210 In the Server Manager, the SNMP Master Agent Community page from the choose Global Settings tab. The Community Strings page appears. Type the community string for the master agent. Choose an operation for the community. Click OK. 210 Netscape Enterprise Server Administrator’s Guide...
Page 211: Enabling And Starting The Snmp Master Agent
Enabling and Starting the SNMP Master Agent Enabling and Starting the SNMP Master Agent Master agent operation is defined in an agent configuration file named CONFIG. You can edit the CONFIG file using the Server Manager, or you can edit the file manually.You must install the master SNMP agent before you can enable the SNMP subagent.
Page 212: Editing The Master Agent Config File
ALLOW ALL OPERATIONS MANAGER nms2 SEND ALL TRAPS TO PORT 162 WITH COMMUNITY public INITIAL sysLocation “Server room 501 East Middlefield Road Mountain View, CA 94043 USA” INITIAL sysContact “John Doe email: jdoe@netscape.com” 212 Netscape Enterprise Server Administrator’s Guide...
Page 213: Configuring The Snmp Master Agent
Enabling and Starting the SNMP Master Agent Configuring the SNMP Master Agent To start the SNMP master agent using the Server Manager, Log in as root. Check whether an SNMP daemon (snmpd) is running on port 161. If an SNMP daemon is running, make sure you know how to restart it and which MIB trees it supports.
Page 214: Starting The Snmp Master Agent
TRANSPORT extraordinary SNMP OVER UDP SOCKET AT PORT 11161 After editing the CONFIG file manually, you should start the master agent manually by typing the following at the command prompt: # magt CONFIG INIT& 214 Netscape Enterprise Server Administrator’s Guide...
Page 215: Starting The Snmp Master Agent Using Enterprise Admin Server
Configuring the SNMP Master Agent Method two: Edit the /etc/services file to allow the master agent to accept connections at the standard port as well as a nonstandard port. Starting the SNMP Master Agent Using Enterprise Administration Server To start the SNMP master agent using the Enterprise Administration Server, perform the following steps: Log in to Enterprise Administration Server.
Page 216: Configuring Trap Destinations
SNMP master agent from Netscape Enterprise Server. You can also view, edit, and remove the trap destinations you have already configured. When you configure trap destinations using Enterprise Server, you are actually editing the CONFIG file. 216 Netscape Enterprise Server Administrator’s Guide...
Page 217: Enabling The Subagent
Enabling the Subagent Enabling the Subagent After you have installed the master agent that comes with Enterprise Administration Server, you must enable the subagent for your server instance before you attempt to start it. For more information on installing the master agent, see “Installing the SNMP Master Agent”...
Page 218 Enabling the Subagent 218 Netscape Enterprise Server Administrator’s Guide...
Page 219: Chapter 10 Configuring The Server For Performance
Always backup your configuration files first. Some internal Enterprise Server 4.0 tuning parameters are different from those Note in previous versions of Netscape Enterprise Server. This chapter includes the following sections: • About Server Performance • Performance Issues •...
Page 220: About Server Performance
Server continues to lead in this area, by setting a new standard for performance. Netscape Enterprise Server 4.0 was designed to meet the needs of the most demanding, high traffic sites in the world. It flexibly runs on both Unix and Windows NT and can serve both static and dynamically generated content.
Page 221: Unix Platform-Specific Issues
Unix Platform-Specific Issues Encrypting your Enterprise Server’s data streams with SSL makes an enormous difference to your site’s credibility for electronic commerce and other security-conscious applications, but it also can seriously impact your CPUs performance. Note that SSL always has a significant impact on throughput, so minimize your use of SSL for best performance.
Page 222: Performance Buckets
Records the statistics for accelerated cache functions. All the static content requests served using the accelerator cache are counted in this bucket. • default-bucket. Records statistics for the functions not associated with any user defined or built-in bucket. 222 Netscape Enterprise Server Administrator’s Guide...
Page 223: Configuration
Performance Buckets Configuration All the configuration information for performance buckets is specified in the obj.conf file. By default the feature is disabled. To enable performance measurement add the following line in obj.conf file: Init fn="perf-init" enable=true The following examples show how to define new buckets. Init fn="define-perf-bucket"...
Page 224 • Total Response Time(in seconds) The sum of Function Processing Time and Latency. • Percent column displays of Number of Requests is calculated with reference to the Total number of requests. 224 Netscape Enterprise Server Administrator’s Guide...
Page 225: Miscellaneous Magnus.conf Directives
Miscellaneous magnus.conf Directives Miscellaneous magnus.conf Directives You can use the following magnus.conf directives to configure your server to function more effectively: • RqThrottle (See “About RqThrottle” on page 229) • PostThredsEarly (See “PostThreadsEarly” on page 243) • MaxProcs (See “Multi-process Mode” on page 225) •...
Page 226 (pthreads). Since the kernel has knowledge of these threads, and since the kernel is responsible for scheduling these threads, programs written to the pthreads API can be scheduled on all processors in a multi-processor system. Enterprise Server 4.0 now uses HP’s kernel-level threads. 226 Netscape Enterprise Server Administrator’s Guide...
Page 227: Accept Thread Information
Miscellaneous magnus.conf Directives MaxProcs (Unix) Use this directive to set your Unix server in multi-process mode, which allows for higher scalability on multi-processor machines. If, for example, you are running on a four-processor CPU, setting MaxProcs to 4 improves performance: one process per processor. If you are running Enterprise Server 4.0 in multi-process mode, you cannot run LiveWire, Web Publisher, and WAI.
Page 228: Buffer Size
MinCGIStubs it does not kill any more processes. Buffer Size SndBufSize/RcvBufSize You can specify the size of the send buffer (SndBufSize) and the receiving buffer (RcvBufSize) at the server’s sockets. For more information regarding these buffers, see your Unix documentation. 228 Netscape Enterprise Server Administrator’s Guide...
Page 229: Native Thread Pool Size
About RqThrottle Native Thread Pool Size NativePoolStackSize/NativePoolQueueSize/ NativePoolMaxThreads/NativePoolMinThreads In preiveous versions of Enterprise Server, you could control the native thread pool by setting the system environment variables NSCP_POOL_STACKSIZE, NSCP_POOL_THREADMAX, and NSCP_POOL_WORKQUEUEMAX. In Enterprise Server 4.0, you can use the directives in magnus.conf to control the size of the native kernel thread pool.
Page 230 RqThrottle to 1 and then using a high value for MaxProcs, such as 48 or greater, but this will adversely impact your server’s performance. 230 Netscape Enterprise Server Administrator’s Guide...
Page 231: The Perfdump Utility
The perfdump Utility Tuning There are two ways to tune the thread limit: through editing the magnus.conf file and through the Server Manager. If you edit the magnus.conf file, RqThrottleMinPerSocket is the minimum value and RqThrottle is the maximum value. The minimum limit is a goal for how many threads the server attempts to keep in the WaitingThreads state.
Page 232: Sample Output
5 seconds: http://yourhost/.perf?refresh=5 Sample Output ns-httpd pid: 133 ListenSocket #0: ------------------ Address https:\\INADDR_ANY:80 ActiveThreads WaitingThreads BusyThreads Thread limits 48/512 KeepAliveInfo: ------------------ KeepAliveCount 0/200 KeepAliveHits KeepAliveFlushes KeepAliveTimeout 30 seconds CacheInfo: ------------------ enabled CacheEntries 0/4096 CacheSize(bytes) 0/10485760 232 Netscape Enterprise Server Administrator’s Guide...
Page 233: Using Perfdump Statistics To Tune Your Server
Using perfdump Statistics to Tune Your Server Hit Ratio 0/1 ( 0.00) pollInterval maxFileSize 537600 Native Thread Pool Data: ------------------------ Idle/Peak/Limit 1/1/100 Work queue length/Limit 0/2147483647 Peak work queue length Work queue rejections Server DNS cache disabled Using perfdump Statistics to Tune Your Server This section describes the information available through the perfdump utility and discusses how to tune some parameters to improve your server’s...
Page 234: Listensocket Information
There are two ways to create virtual servers: Using the virtual.conf file and using the obj.conf file. If you use the virtual.conf method, the 512 default maximum threads are available to all virtual servers on an as-needed 234 Netscape Enterprise Server Administrator’s Guide...
Page 235: Address
Using perfdump Statistics to Tune Your Server basis. If you use the obj.conf method, the 512 threads are allocated equally to each of the defined virtual servers. For example, if you had two servers, each would have 256 threads available. This is less efficient. To maximize performance in this area, use the virtual.conf method.
Page 236: Thread Limits
To deal with this problem, the server maintains a “Maximum number of ‘waiting’ keepalive connections” counter. A ‘waiting’ keepalive connection is a connection that has fully completed processing of the previous request over the 236 Netscape Enterprise Server Administrator’s Guide...

Page 237: Accepttimeout
Using perfdump Statistics to Tune Your Server connection and is now waiting for a new request to arrive on the same connection. If the server has more than the maximum waiting connections open when a new connection starts to wait for a keepalive request, the server closes the oldest connection.
Page 238: Keepalivecount
URI. If multiple virtual servers are set up, the key also includes the virtual server’s host ID and the port number. 238 Netscape Enterprise Server Administrator’s Guide...

Page 239: Enabled
Using perfdump Statistics to Tune Your Server enabled If the cache is disabled, the rest of this section is not displayed. Tuning To disable the server cache, add the following line to the obj.conf file: Init fn=cache-init disable=true CacheEntries <CurrentCacheEntries / MaxCacheEntries>...
Page 240: Pollinterval
Init fn=cache-init MaxCachedFileSize=xxxxx DNS Cache Information Server DNS cache disabled The DNS cache caches IP addresses and DNS names. enabled If the cache is disabled, the rest of this section is not displayed. 240 Netscape Enterprise Server Administrator’s Guide...
Page 241: Cacheentries
Using perfdump Statistics to Tune Your Server Tuning By default, the DNS cache is off. Add the following line to obj.conf to enable the cache: Init fn=dns-cache-init CacheEntries <CurrentCacheEntries / MaxCacheEntries> The number of current cache entries and the maximum number of cache entries.

Page 242: Idle/Peak/Limit
Limit indicates the maximum number of native threads allowed in the thread pool, and is determined by the setting of the NSCP_POOL_THREADMAX environment variable. Tuning Modify the NSCP_POOL_THREADMAX environment variable. 242 Netscape Enterprise Server Administrator’s Guide...
Page 243: Work Queue Length/Limit
Using perfdump Statistics to Tune Your Server Work queue length/Limit These numbers refer to a queue of server requests that are waiting for the use of a native thread from the pool. The Work Queue Length is the current number of requests waiting for a native thread. Limit is the maximum number of requests that can be queued at one time to wait for a native thread., and is determined by the setting of the NSCP_POOL_WORKQUEUEMAX environment variable.
Page 244: Thread Pool Environmental Variables
“bigger is not always better.” If you are not saturating your CPU but you are seeing requests queue up, then increase this number. Typically, you will not need to increase this number. 244 Netscape Enterprise Server Administrator’s Guide...
Page 245: Busy Functions
Using perfdump Statistics to Tune Your Server Busy Functions The default busy function returns a “503 Service Unavailable” response and logs a message if LogVerbose is enabled. You may wish to modify this behavior for your application. You can specify your own busy functions for any NSAPI function in the obj.conf file by including a service function in the configuration file in this format: busy="<my-busy-function>"...
Page 246: Enabled
If asynchronous DNS is disabled, the rest of this section will not be displayed. Tuning Add “AsyncDNS on” to magnus.conf. NameLookups The number of name lookups (DNS name to IP address) that have been done since the server was started. This setting is not tunable. 246 Netscape Enterprise Server Administrator’s Guide...
Page 247: Addrlookups
File Cache in Enterprise Server 4.0 AddrLookups The number of address loops (IP address to DNS name) that have been done since the server was started. This setting is not tunable. LookupsInProgress The current number of lookups in progress. This setting is not tunable. File Cache in Enterprise Server 4.0 Enterprise Server 4.0 uses anew file cache module, NSFC, which caches static HTML, image, and sound files.
Page 248: Filecacheenable
The size (in bytes) of the largest file considered to be “small”. The contents of “small” files are cached by allocating heap space and reading the file into it. By default, this is set to 2048. 248 Netscape Enterprise Server Administrator’s Guide...
Page 249: Smallfilespace
File Cache in Enterprise Server 4.0 SmallFileSizeLimit=2048 SmallFileSpace The size of heap space (in bytes) used for the cache, including heap space used to cache small files. By default, this is set to 128000 (128 KB). SmallFileSpace=128000 MediumFileSizeLimit (Unix) The size (in bytes) of the largest file that is not a “small” file that is considered to be “medium”...
Page 250: File Cache Dynamic Control And Monitoring
• Amount of virtual memory space used to map file contents. • Total number of cache hits. • Number of hits on cached file information. • Number of hits on cached file contents. • Parameter setttings. • List of the current cache entries. 250 Netscape Enterprise Server Administrator’s Guide...
Page 251: Cache-Init
File Cache in Enterprise Server 4.0 The file listing includes the file name, a set of flags, the current number of references to the cache entry, the size of the file, and an internal file ID value. The flags are as follows: •...
Page 252 (optional) Maximum number of entries in the MaxNumberOfCachedFiles accelerator cache. The default is 4096, minimum is 32, maximum is 32. (optional) Maximum number of accel_file_cache MaxNumberOfCachedFiles entries with file_cache entries. Default is 512, minimum is 32, maximum is 32. 252 Netscape Enterprise Server Administrator’s Guide...
Page 253: File Cache Tuning
File Cache in Enterprise Server 4.0 (optional) Maximum size of a file that can be MaxCachedFileSize cached. Files larger than this size are not cached. The default is 525K. In Enterprise Server 4.0, this parameter is ignored. Use the MediumFileSizeLimit parameter in nsfc.conf instead.
Page 254: Maxage
Setting the value of this parameter to “1” will cause threads to remember that they are attached to the JVM, thus speeding up request processing by eliminating AttachCurrentThread and DetachCurrentThread calls. It can however have a side-effect as recycled 254 Netscape Enterprise Server Administrator’s Guide...
Page 255: Thread Pools
Improving Servlet Performance threads which may be doing other processing can be suspended by the garbage collector arbitrarily. Thread pools can be used to eliminate this side effect for othersubsystems. Thread Pools Enterprise Server 4.0 allows to specify a number of configurable native thread pools, by adding the following directives to the obj.conf: Init fn="thread-pool-init"...
Page 256: Common Performance Problems
The symptom of an under-throttled server is a server with a long response time. Making a request from a browser establishes a connection fairly quickly to the server, but on under-throttled servers it may take a long time before the response comes back to the client. 256 Netscape Enterprise Server Administrator’s Guide...
Page 257: Tuning
Common Performance Problems The best way to tell if your server is being throttled is to look at the WaitingThreads count. If this number is getting close to 0 or is 0, then the server is not accepting new connections right now. Also check to see if the number of ActiveThreads and BusyThreads are close to their limits.
Page 258: Keepalive Connections Flushed
“accelerated” path, the accelerated path will not be used at all. Therefore performance numbers will decrease significantly for requests that would typically benefit from the accelerator, for example static files and images. 258 Netscape Enterprise Server Administrator’s Guide...
Page 259: Using Local Variables
Benchmarking the Netscape Enterprise Server Enterprise Server 4.0 has a relaxed logging mode that easies the requirements of the log subsystem. Adding “relaxed. logname = anything ” to the “flex-init” line in obj.conf changes the behavior of the server in the following way: Logging variables other than the “blessed few”...
Page 260: Specweb96 Tuning
Increase the web server’s total cache size to be large enough to hold the entire SPECweb96 fileset. MaxTotalCachedFileSize = Step 1-Fileset size Increase the web server’s largest cached file size to be large enough to hold all SPECweb files. 260 Netscape Enterprise Server Administrator’s Guide...
Page 261: Webstone Tuning
Benchmarking the Netscape Enterprise Server MaxCachedFileSize = 1024000 (The largest single SPECweb96 file is 900 kB) Increase the cache poll interval. Change the PollInterval directive to increase the cache refresh interval (default is 5 seconds). For example, a value of 30000 (8 hours) should keep cache checks from happening within a SPECweb96 run.
Page 262: Sizing Issues
It’s also due in part to the fact that static HTML pages are mapped to shared memory, so cache flushes impact performance more heavily than in the more parallelizable SSL case. 262 Netscape Enterprise Server Administrator’s Guide...
Page 263: Memory
Sizing Issues Scaling of less than 25% would mean that the four-CPU server performs more slowly than the one-CPU server. This does not happen in our testing, but the 4- CPU static workload comes closest. Again, this is because the 100BaseT network was close to saturation, so the server CPU was not the bottleneck.
Page 264 50 Mbit/s of WAN bandwidth, consider configuring multiple 100BaseT interfaces, or look at Gigabit Ethernet technology. For an Intranet site, your network is unlikely to be a bottleneck. However, you can use the same calculations as above to decide. 264 Netscape Enterprise Server Administrator’s Guide...
Page 265: Part 4 Using Programs And Objects
Using Programs and Objects • Extending Your Server With Programs • Working With Configuration Styles Part 4, Using Programs and Objects 265...
Page 266 266 Netscape Enterprise Server Administrator’s Guide...
Page 267: Chapter 11 Extending Your Server With Programs
C h a p t e r Extending Your Server With Chapter 11 Programs This chapter discusses how to install programs on the Enterprise Server that dynamically generate HTML pages in response to requests from clients. These programs are known as server-side applications. (Client-side applications, which are downloaded to the client, run on the client machine.) This chapter includes the following sections: •...
Page 268: Overview Of Server-Side Programs
These programs, known as plug-ins, are written using the Netscape Server Application Programming Interface (NSAPI). For information about writing and installing plug-in programs, see the NSAPI Programmer’s Guide for Enterprise Server 4.0. 268 Netscape Enterprise Server Administrator’s Guide...
Page 269: How Server-Side Applications Are Installed On The Server
Java Servlets and JavaServerPages (JSP) How Server-Side Applications are Installed on the Server Each type of program is installed onto the server differently. The following list summarizes the procedures: • For Java servlets, you can configure your server to recognize all files in certain directories as servlets, and/or you can set up virtual pathnames for servlets.
Page 270: Overview Of Servlets And Javaserverpages
Server 4.0 includes support for JavaSoft’s Servlet API at the level of the Java Servlet Development Kit (JSDK) 2.1. To develop servlets, use Sun Microsystems’ Java Servlet API. For information about using the Java Servlet API, see the documentation provided by Sun Microsystems at: http://www.javasoft.com/products/servlet/index.html...
Page 271: What Does The Server Need To Run Servlets And Jsp
JDK to run JSP. If you want to run JSP, you must tell the Enterprise Server to use a custom JDK. Enterprise Server 4.0 requires you to use an official version of JDK1.2 or higher, available from Sun Microsystems at: http://www.javasoft.com/products/jdk/1.2/ You can specify the path to the JDK in either of the following ways: •...
Page 272: Making Servlets Available To Clients
/servlet/SimpleServlet You can register any number of servlet directories for the Enterprise Server. Initially, the web server has a single servlet directory per server instance, which server_id /docs/servlet/ 272 Netscape Enterprise Server Administrator’s Guide...
Page 273: Configuring Global Attributes
Java Servlets and JavaServerPages (JSP) The Enterprise Server expects all files in a registered servlet directory to be servlets. Any files, including applets, in that directory that have the .class extension will be treated as servlets. The Enterprise Server does not correctly serve other files, such as HTML files or JSPs, that reside in that directory.
Page 274: Configuring Servlet Attributes
.jar .zip URL to a directory.(You cannot specify a URL as a classpath for a zip or jar file.) If the servlet classpath is not a registered servlet directory, you must 274 Netscape Enterprise Server Administrator’s Guide...
Page 275: Configuring Servlet Virtual Path Translations
Java Servlets and JavaServerPages (JSP) additionally provide a servlet virtual path translation for it (as discussed in “Configuring Servlet Virtual Path Translations” on page 275) to make the servlet accessible to clients. Enterprise Server supports the specification of multiple directories, jars, zips, and URLs in the servlet classpath.
Page 276: Configuring Jre/Jdk Paths
Change JRE or JDK. Select either the JRE or JDK radio button as desired. Path. Enter the path for the JRE or JDK. This is the directory where you installed the JRE or JDK. 276 Netscape Enterprise Server Administrator’s Guide...
Page 277: Configuring Jvm Attributes
Java Servlets and JavaServerPages (JSP) Classpath. The class path includes the paths to the directories and jar files needed to run the servlet engine, the servlet examples, and any other paths needed by servlets that you add. Values are separated by semicolons. You can add new values to the existing class path, but don’t delete the existing value since it includes paths that are essential for servlet operation.
Page 278: Installing Cgi Programs
• Specifying CGI as a File Type • Downloading Executable Files In addition, the following sections discuss how to install Windows NT-specific CGI programs: • Installing Windows NT CGI Programs • Installing Shell CGI Programs for Windows NT 278 Netscape Enterprise Server Administrator’s Guide...
Page 279: Overview Of Cgi
Installing CGI Programs Overview of CGI Common Gateway Interface, or CGI, programs can be defined with any number of programming languages. On a Unix machine, you’re likely to find CGI programs written as Bourne shell or Perl scripts. Under Unix, there are extra CGIStub processes running that the server uses to Note aid in CGI execution.
Page 280: Specifying A Cgi Directory
CGI programs in URLs. For example, if you type cgi-bin as the URL prefix, then all URLs to these CGI programs have the following structure: http:// yourserver . domain . com /cgi-bin/ program-name 280 Netscape Enterprise Server Administrator’s Guide...
Page 281: Specifying Cgi As A File Type
Installing CGI Programs The URL prefix you specify can be different from the real CGI directory you Note specify in the next step. In the CGI Directory text field, type the location of the directory as an absolute path. Note that this directory doesn’t have to be under your document root.
Page 282: Downloading Executable Files
This section discusses how to install Windows NT CGI Programs. The following topics are included in this section: • Overview of Windows NT CGI Programs • Specifying a Windows NT CGI Directory • Specifying Windows NT CGI as a File Type 282 Netscape Enterprise Server Administrator’s Guide...
Page 283: Overview Of Windows Nt Cgi Programs
Installing Windows NT CGI Programs Overview of Windows NT CGI Programs Windows NT CGI programs are handled much as other CGI programs. You specify a directory that contains only Windows NT CGI programs, or you specify that all Windows NT CGI programs have the same file extension. Note that like other CGI programs, you can use both methods at the same time if you want to.
Page 284: Specifying A Windows Nt Cgi Directory
Note that this directory doesn’t have to be under your document root. This is the reason that you need to specify a URL prefix in Step 3. Click OK. Save and apply your changes. 284 Netscape Enterprise Server Administrator’s Guide...
Page 285: Specifying Windows Nt Cgi As A File Type
Installing Windows NT CGI Programs To remove an existing Windows NT CGI directory, click that directory’s Remove button in the Windows NT CGI Directory form. To change the URL prefix or Windows NT CGI directory of an existing directory, click that directory’s Edit button.
Page 286: Installing Shell Cgi Programs For Windows Nt
CGI files. However, you can also configure the server to associate specific file extensions with shell CGI by editing MIME types from the Enterprise Server. For information on setting Windows NT file extensions, see your Windows NT Note documentation. 286 Netscape Enterprise Server Administrator’s Guide...
Page 287: Specifying A Shell Cgi Directory (Windows Nt)
Installing Shell CGI Programs for Windows NT Specifying a Shell CGI Directory (Windows NT) To create a directory for your shell CGI files, perform the following steps: Create the shell directory on your computer. This directory doesn’t have to be a subdirectory of your document root directory. From the Server Manager, choose the Programs tab.
Page 288: Specifying Shell Cgi As A File Type (Windows Nt)
.exe for both a CGI program and a shell CGI program. If you need to, you can edit the other MIME type fields on the page so that the suffixes are unique. Click the New Type button. Save and apply your changes. 288 Netscape Enterprise Server Administrator’s Guide...
Page 289: Using The Query Handler
Using the Query Handler Using the Query Handler The use of Query Handlers is outdated. Although Enterprise Server and Note Netscape Navigator clients still support it, it is rarely used. It is much more common for people to use forms in their HTML pages to submit queries. You can specify a default query handler CGI program.
Page 290: Server-Side Javascript Programs
Activating Server-Side JavaScript To enable server-side JavaScript on the Enterprise Server, perform the following steps: From the Server Manager, choose the Programs tab. Click the Server Side JavaScript link. The Activate Server Side Javascript window appears. 290 Netscape Enterprise Server Administrator’s Guide...
Page 291: Running The Application Manager
Server-Side JavaScript Programs Under “Activate the Server Side JavaScript application environment”, click the Yes radio button. If you want to require the administration server username and password before allowing access to the Application Manager, select the second Yes radio button. For more information on securing the application manager, see “Securing the Application Manager,”...
Page 292 • The path of the application .web file on the server. (The .web file is the compiled JavaScript application.) • The default and initial pages for the application. • The number of built-in database connections allowed. 292 Netscape Enterprise Server Administrator’s Guide...
Page 293: Securing The Application Manager
Server-Side JavaScript Programs • The external libraries used by the application (if any). • The client object maintenance technique. • The status of the application: active or stopped. Users can run only active applications. Stopped applications are not accessible. Click the task buttons in the left frame to perform the indicated action on the selected application.
Page 294: Installing Server-Side Javascript Applications
In the Name field, type the name of the JavaScript application. This name defines the application URL. For example, the name of the Hello World application is “world,” and its application URL is: http://server.domain/world 294 Netscape Enterprise Server Administrator’s Guide...
Page 295 Server-Side JavaScript Programs This is a required field, and the name you type must be different from all other application names on the server. The name must include only alphanumeric characters and cannot include spaces. For more information on application URLs, see “Application URLs,” on page 297. In the Web File Path field, type the absolute path to the .web file for the application.
Page 296 HTML page. (Property names and values are not appended to URLs, just the generated name.) After you have entered all the required information, click OK to install the application, Reset to clear all the fields, or Cancel to cancel the operation. 296 Netscape Enterprise Server Administrator’s Guide...
Page 297: Application Urls
Server-Side JavaScript Programs Don’t give any JavaScript applications the same names as any subdirectories of Note your primary document directory. If you do, the server will no longer correctly process requests for resources in the directory. For example, if you have a directory server_id /docs/bug, and a JavaScript application named bug, all requests for any files in the bug directory (or any of its subdirectories) will attempt to launch the JavaScript application bug.
Page 298: Controlling Access To A Server-Side Javascript Application
If you modify the parameters of a stopped application, the Application Manager automatically starts it. When you modify parameters of an active application, Application Manager automatically stops and restarts it. 298 Netscape Enterprise Server Administrator’s Guide...
Page 299: Removing A Server-Side Javascript Application
Server-Side JavaScript Programs Removing a Server-Side JavaScript Application To remove the selected application, open the Application Manager as described in “Running the Application Manager,” on page 291, then click Remove. This action removes the application from the Application Manager but does not delete files from the server.
Page 300: Running A Server-Side Javascript Application
• When debugging an application, whether the application trace appears in the same window as the application but in another frame, or in a window separate from the application. 300 Netscape Enterprise Server Administrator’s Guide...
Page 301: Enabling Wai Services
Enabling WAI Services Enabling WAI Services WAI is provided in Enterprise Server 4.0, but is not guaranteed to be supported Note in future releases. We recommend that you do not develop new WAI applications. Web Application Interface (WAI) services are a kind of plug-in that uses the Common Object Request Broker Architecture (CORBA).
Page 302 Enabling WAI Services 302 Netscape Enterprise Server Administrator’s Guide...
Page 303: Chapter 12 Working With Configuration Styles
C h a p t e r Working With Configuration Styles Chapter 12 Configuration styles are an easy way to apply a set of options to specific files or directories that your server maintains. For example, you can create a configuration style that sets up access logging.
Page 304: Creating A Configuration Style
After you have finished editing a style, click OK and Save and Apply. The Resource Picker exits the styles mode. You can also choose to exit the styles mode by choosing Exit styles mode from the Resource Picker. 304 Netscape Enterprise Server Administrator’s Guide...
Page 305 Creating a Configuration Style Table 12.1 Configuration Style Categories Category Description CGI file type Allows you to activate CGI as a file type. For more information about CGIs, see “Installing CGI Programs,” on page 278 in Chapter 11, “Extending Your Server With Programs.”...
Page 306: Removing A Configuration Style
Access the Server Manager and choose the Styles tab. Click the Remove Style link Select the configuration style you want to remove and click OK. For more information, see “The Remove an Existing Style Page,” in the online help. 306 Netscape Enterprise Server Administrator’s Guide...
Page 307: Editing A Configuration Style
Editing a Configuration Style Editing a Configuration Style To edit a configuration style, perform the following steps: Access the Server Manager and choose the Styles tab. Click the Edit Style link. Select the configuration style you want to edit and click the Edit this style button.
Page 308: Listing Configuration Style Assignments
To edit a configuration style assignment, click the Edit link next to the configuration style name. For more information, see “The View, Edit, or Remove Style Assignments Page,” in the online help. 308 Netscape Enterprise Server Administrator’s Guide...
Page 309: Part 5 Managing Content And Access
Managing Content and Access • Managing Server Content • Controlling Access to Your Server • Configuring Web Publishing • Using Search Part 5, Managing Content and Access 309...
Page 310 310 Netscape Enterprise Server Administrator’s Guide...
Page 311: Chapter 13 Managing Server Content
C h a p t e r Managing Server Content Chapter 13 You can use the Server Manager to help manage your server’s content. You create HTML pages and other files such as graphics, text, sound, or video, and then you store those files on your server. When clients connect to your server, they can view your files provided they have access to them.
Page 312: Changing The Primary Document Directory
You can do this by setting additional document directories. By serving from a document directory outside of your document root, you can let someone manage a group of documents without giving them access to your primary document root. 312 Netscape Enterprise Server Administrator’s Guide...
Page 313: Customizing User Public Information Directories (Unix)
Customizing User Public Information Directories (Unix) To add an additional document directory you first need to choose the URL prefix to map. Clients send this URL to the server when they want documents. Next, you specify the directory to map those URLs to. Finally, you might want to use an existing configuration style to specify how this directory should be configured.
Page 314 This prevents users from creating symbolic links to information you do not want made public. To set up user directories, use the User Document Directories page in the Server Manager. 314 Netscape Enterprise Server Administrator’s Guide...
Page 315: Enabling Remote File Manipulation
Enabling Remote File Manipulation Enabling Remote File Manipulation When you enable remote file manipulation, clients are able to upload files, delete files, create directories, remove directories, list the contents of a directory, and rename files on your server. The file obj.conf in the directory server_root /https- serve-id /config contains the commands that are activated when you enable remote file manipulation.
Page 316: Entering An Index Filename
If your server is outside the firewall, turn off directory indexing as well as web Warning publishing (from the Web Publishing State page) to ensure that your directory structure, filenames, and web publishing features are not accessible. 316 Netscape Enterprise Server Administrator’s Guide...
Page 317: Specifying A Server Home Page
Configuring Document Preferences Specifying a Server Home Page When users first access your server, they usually use an URL such as http://www.mozilla.com/. When the server receives a request for this document, it returns a document called a home page. Usually, this file has general information about your server and links to other documents.
Page 318: Parsing The Accept Language Header
Hardware virtual servers share the same server configuration information. For example, if you turn on encryption for one hardware virtual server, any other hardware virtual servers you create would also have encryption turned on. 318 Netscape Enterprise Server Administrator’s Guide...
Page 319: Setting Up Hardware Virtual Servers For Isps
Setting Up Hardware Virtual Servers for ISPs If you need servers that respond to different IP addresses and require that they have separate configuration information, install separate instances of the server with specific IP addresses. For more information, see “Adding a Server: Running Multiple Servers”...
Page 320 To edit a server instance, perform the following steps: Click Edit on the line for the server instance you want to edit. On the Hardware Virtual Servers page, enter the new IP address and document root. Click OK. 320 Netscape Enterprise Server Administrator’s Guide...
Page 321: Migrating Hardware Virtual Server Configuration Files
Setting Up Hardware Virtual Servers for ISPs Click Apply in the top right portion of the Server Manager to apply your changes. To remove a server instance, perform the following steps: Click Remove on the line for the server instance you want to remove. Click OK in the confirmation dialog box.
Page 322: Setting Up Software Virtual Servers
These subdirectories contain the files for that company, including the home page, aaa/home.html. Next the ISP sets up software virtual servers. The URL host would be www.aaa.com and the home page would be aaa/home.html. The ISP would do this for all the companies. 322 Netscape Enterprise Server Administrator’s Guide...
Page 323: Changing The Character Set
Changing the Character Set Because software virtual servers use the HTTP Host header to direct the user to the correct page, not all client software works with software virtual servers. Only client software (such as Netscape Navigator) which supports the HTTP Host header works.
Page 324 • cp367 The following aliases are recognized for iso_8859-1: • latin1 • iso_8859-1 • iso_8859-1:1987 • iso-ir-100 • ibm819 • cp819 To change the character set, use the International Characters page in the Server Manager. 324 Netscape Enterprise Server Administrator’s Guide...
Page 325: Chapter 14 Controlling Access To Your Server
C h a p t e r Controlling Access to Your Server Chapter 14 This chapter discusses the various methods you can use to control access to Enterprise Administration Server and to the files or directories on your web site. For example, for Enterprise Administration Server, you can specify who has full control of all the servers installed on a machine and who has partial control of one or more servers.
Page 326: What Is Access Control
ACL (until the cache is full, at which time the cache will have 200 entries until the server is restarted). 326 Netscape Enterprise Server Administrator’s Guide...
Page 327: User-Group Authentication
What Is Access Control? User-Group Authentication User-Group authentication requires users to authenticate themselves before getting access to Enterprise Administration Server or the files or directories on your web site. Authentication means that users verify their identity either by entering a username and password or by using a client certificate installed in their network browser, such as Netscape Communicator.
Page 328: Client Certificate Authentication
You can do this in two ways: • The server can use the information in the certificate as proof of identity. • The server can verify the certificate itself if certificates are published in an LDAP directory. 328 Netscape Enterprise Server Administrator’s Guide...
Page 329 What Is Access Control? When a server with client authentication enabled receives a request, the server performs the following actions: When the browser sends the certificate, the server checks if the certificate is from a trusted CA. If not, the server ends the transaction, and the authorization fails.
Page 330: Host-Ip Authentication
IP address for every request. To do this, add the line “iponly=1” to the line that begins: AddLog fn="flex-log" name="access" in your obj.conf file. The resulting line is the following: AddLog fn="flex-log" name="access" iponly=1 330 Netscape Enterprise Server Administrator’s Guide...
Page 331: Access Control Files
How Does Access Control Work? Access Control Files When you use access control on Enterprise Administration Server or the files or directories on your web site, the settings are stored in a file with the extension .acl. Access control files are stored in the directory server_install /httpacl where server_install is the location where the server is installed.
Page 332 # to gain access to this default directory since "anyone" # not in the directory server is denied, and "all" in the # directory server are allowed. acl "default"; authenticate (user,group) { database = "default"; method = "basic"; deny (all) (user = "anyone"); 332 Netscape Enterprise Server Administrator’s Guide...
Page 333 How Does Access Control Work? allow (read,execute,list,info) (user = "all"); # The following rules deny access to the directory "web" # to everyone not in the directory server and deny everyone # in the directory server who is not in GroupB. # Only the users in GroupB are allowed read, execute, list, # and info permissions.
Page 334: Restricting Access To Your Web Site
Keep in mind that most access control rules use only a subset of the available options. You can set access control through two Enterprise Server mechanisms, both offer flexibility in the scope of your desired settings: 334 Netscape Enterprise Server Administrator’s Guide...
Page 335 Restricting Access to Your Web Site • via Enterprise Administration Server • via Server Manager You can set access control globally for all servers through the Enterprise Note Administration Server or for a resource within a specific server instance through the Server Manager.
Page 336 If the resource you chose already has access control, the rules will appear in the top frame. The ACL for Enterprise Administration Server, begins with two non-editable deny statements by default. The following figure briefly describes the page elements. 336 Netscape Enterprise Server Administrator’s Guide...
Page 337 Restricting Access to Your Web Site Figure 14.3 The ACL page contains links that, when clicked, display additional information in the bottom frame (not shown). The title bar displays the file or directory you are restricting. You can add lines that explicitly allow Click the trash can or deny users and...
Page 338 If you click Revert, the server removes any changes you made to the rules from the time you first opened the two-frame page. Be cautious when using Revert because you can’t restore your edits. In most cases, it’s probably better to delete the rule lines individually. 338 Netscape Enterprise Server Administrator’s Guide...
Page 339: Setting Access Control Actions
Restricting Access to Your Web Site Table 14.1 LDAP Attributes Resource wildcard What it means default A named ACL created during installation that restricts write access so only users in the LDAP directory can publish documents (for example, by using the web publisher).
Page 340: Specifying Users And Groups
(including the administrators group) before you set access control. You can allow or deny access to everyone in the database, or you can allow or deny specific people by using wildcard patterns or lists of users or groups. 340 Netscape Enterprise Server Administrator’s Guide...
Page 341 Restricting Access to Your Web Site To configure access control with users and groups, follow the general directions for restricting access. When you click the Users/Groups field, a additional options appear in the bottom frame. The following list describes the options in the bottom frame.
Page 342: Specifying Host Names And Ip Addresses
From Host field (the link called “anyplace”), additional options appear in the bottom frame. Check the “Only from” option and then type either a wildcard pattern or a comma-separated list of hostnames and IP addresses. 342 Netscape Enterprise Server Administrator’s Guide...
Page 343: Setting Access Rights
Restricting Access to Your Web Site Restricting by hostname is more flexible than by IP address—if a user’s IP address changes, you won’t have to update this list. Restricting by IP address, however, is more reliable—if a DNS lookup fails for a connected client, hostname restriction cannot be used.
Page 344: Access To Programs
“administrators” group set for distributed administration, and another that restricts access to all users. If you want to change either of these lines, you need to manually edit the ACL file. 344 Netscape Enterprise Server Administrator’s Guide...
Page 345 Restricting Access to Your Web Site Click New Line to add a rule to the ACL. Each rule you create allows access to the server. By specifically allowing access for users, you reduce the risk that you’ll allow access to users you don’t want. Choose the users, groups, hosts, and IP addresses you want to apply to this access control rule.
Page 346: Writing Customized Expressions
Enterprise Administration Server. With distributed administration on and access control off by default for any other servers, administrators could still access and configure the other servers, but they cannot configure Enterprise Administration Server. 346 Netscape Enterprise Server Administrator’s Guide...
Page 347: Responding When Access Is Denied
Restricting Access to Your Web Site This access control is in addition to the user being in the administrators group Note set for distributed administration. The Enterprise Administration Server first checks that a user (other than superuser) is in the administrators group, and then it evaluates the access control rules.
Page 348: Access Control Examples
Click New Line again to create a second rule. Click the Deny link in the second rule. In the bottom frame that appears, check Allow, and then click Update. 348 Netscape Enterprise Server Administrator’s Guide...
Page 349 Access Control Examples Click the “anyone” link in the second rule. In the bottom frame, type the group you want to have access to the server. For this example, type employees in the Group field. Note that the two options called “Authenticated people only” and “Only the following people” are checked automatically.
Page 350: Restricting Access To A Directory (Path)
If you want to view all files in your server root, click Options and check the Note box labeled “List files as well as directories” and then click OK. Click Edit Access Control. The two-frame pages appear. Click New Line twice to create two rules. 350 Netscape Enterprise Server Administrator’s Guide...
Page 351 Access Control Examples Don’t edit the default values for the first rule—they deny all access to the directory. You’ll edit the second rule to allow read access to the “executives” group. Click Deny in the second rule. In the bottom frame that appears, check Allow, and then click Update.
Page 352: Restricting Access To A Uri (Path)
In the section called “Type in the ACL name,” type the URI you want to control. For example, type uri=/my_directory. Click Edit Access Control. The two-frame pages appear. Click New Line to create the first rule that allows all users read access. 352 Netscape Enterprise Server Administrator’s Guide...
Page 353 Access Control Examples Click the Deny link. In the bottom frame that appears, check Allow, and then click Update. Click the “all” link in the top frame. Uncheck the Write and Delete access rights. This means users cannot add or remove files, but they can view them and run any applications in the directories.
Page 354: Restricting Access To A File Type
Click New Line to create a rule that allows write and delete access to the “programmers” group. Check Allow for the second rule. Click “anyone”. In the bottom frame, type programmers in the Group field. Click Update. The frame should look like the one in Figure 14.8. 354 Netscape Enterprise Server Administrator’s Guide...
Page 355 Access Control Examples Figure 14.8 Restricting access to a file type—in this case, to files with the .cgi extension Click Submit and save and apply your changes. In this example, both continue boxes are checked. This means that if a request for a file comes in, the server will first look at the ACL for the file type, and then it will continue to look for another ACL that matches (for example, am ACL on the URI or the path).
Page 356: Restricting Access Based On Time Of Day
Check Allow for the second rule. Click the X link to create a customized expression. In the bottom frame, type the following lines: user = "anyone" and dayofweek = "sat,sun" or (timeofday >= 1800 and timeofday <= 600) 356 Netscape Enterprise Server Administrator’s Guide...
Page 357: Access Control For Web Publishing
Access Control For Web Publishing You might want to select the entire text element and copy to memory—if there are errors, you’ll have to reenter the text. Click Update. The top frame will display “Unrecognized expressions” in the Users/Groups and From Host fields because you created a custom expression.
Page 358: Ownership Of Files And Folders
Web Publisher properties page, or they can become the owner of a file or folder as a result of an automatic assignment by Web Publisher when you perform certain actions. 358 Netscape Enterprise Server Administrator’s Guide...
Page 359: Chapter 15 Configuring Web Publishing
C h a p t e r Configuring Web Publishing Chapter 15 Netscape Enterprise Server 4.0 clients can use Web Publisher to collaborate on projects by directly accessing, editing, and managing file on remote servers. Web Publisher provides sophisticated features for server clients, such as file management, editing and publishing, and access control.
Page 360: Using Netshare
Netshare provides an Enterprise Server user with a personal home page from which they can store, share, and manage their server documents. Netshare is a convenient starting point for using the Netscape Enterprise Server user services: Web Publisher and search. From their home page, users can also obtain information about how they are defined in the server’s user directory, such as...
Page 361: Setting Up The Server And Creating Netshare Home Directories
Using Netshare • Accessing the Web Publisher Home Page Setting Up the Server and Creating Netshare Home Directories As the server administrator, you need to configure Netshare for your server and for your server’s users before they can use Netshare. Once you have set up Netshare, you need to create a Netshare home directory for any user or group who wants to use Netshare.
Page 362: Netshare Directory Naming Conventions
When you use the Set Up Netshare page to change a default directory or template file, you are updating the values in the configuration file. From then on, any home directory that you create uses the new values. 362 Netscape Enterprise Server Administrator’s Guide...
Page 363: Marking Users As Licensed
Click Create and Edit User. Click the Licenses link. Check “Netscape Enterprise Server” and click Save Changes. For an existing user, mark the licensing in one of these ways: • as part of creating an individual Netshare home directory through the Server Manager •...
Page 364: Access Control For Netshare
Using Netshare Click Licenses. Select “Netscape Enterprise Server” and click Save Changes. For a set of existing users, mark all users as licensed by using the Netshare utility. Access Control For Netshare When you create a Netshare home directory for a user ID, the server assigns the user as its owner and the user is the only one who can write to the directory.
Page 365: The Set Up Netshare Page
Using Netshare The Set Up Netshare Page The Set Up Netshare page allows you to modify the Netshare configuration settings. You can change some of the Netshare configuration information for your server and the configuration file is updated with your changes. When you have set up Netshare for your server, you can create Netshare home directories for your users.
Page 366 To create Netshare home directories for all users at once, follow these steps: From the Enterprise Server, choose Web Publishing. Click the Create Netshare link. The Create Netshare page appears. 366 Netscape Enterprise Server Administrator’s Guide...
Page 367: Using The Netshare Command-Line Utility
Using Netshare Click “All users marked as licensed.” Click Create. This searches through the local or LDAP user directory for your server and creates a Netshare home directory for each user who has been marked as licensed but who does not yet have a Netshare directory. If you attempt to create a home directory that already exists, you receive an error message.
Page 368: Syntax Of The Netshare Utility
Indicates the name of the Enterprise Server you are currently configuring for Netshare. [-a] Creates Netshare home directories for all users that are marked as licensed. [-l] Marks all users as licensed Netshare users. 368 Netscape Enterprise Server Administrator’s Guide...
Page 369: Netshare Utility Examples
Using Netshare Table 15.2 The Netshare utility options. Option Description [-X] Marks users (or a specific user if the -u option is included) as no longer licensed Netshare users and deletes user directories. [-x] Marks users (or a specific user if the -u option is included) as no longer licensed Netshare users and deletes user directories.
Page 370: Accessing The Web Publisher Home Page
The online help system is also available through user components such as search and Web Publisher. To access the help system, use the Help menu command in Web Publisher, or click Help on the search interface pages or on the Web Publisher Services page. 370 Netscape Enterprise Server Administrator’s Guide...
Page 371: Setting Access Control For Web Publisher Owners
Setting Access Control For Web Publisher Owners Setting Access Control For Web Publisher Owners The access control system supports a special user called owner. When an ACL rule designates the user to be the owner, the permissions defined by this rule apply to the owner assigned by Web Publisher for each document.
Page 372: Indexing And Updating Properties
If you choose to index the contents of the files, you can search on any word in the documents although publishing and uploading files with Web Publisher may be slightly slower. 372 Netscape Enterprise Server Administrator’s Guide...
Page 373 Indexing and Updating Properties Using this function clears the link status database of all current link checking Note information. You must recheck your links after indexing files. To index and update properties, perform the following steps: From the Enterprise Server, choose Web Publishing. Click Index and Update Properties.
Page 374 To index the document content, check “Index document contents”. You can choose to index the documents’ contents as well as their file metadata. Click OK to begin indexing and updating web publishing. 374 Netscape Enterprise Server Administrator’s Guide...
Page 375: Changing The Web Publishing State
Changing the Web Publishing State A summary of the indexing operation is displayed in the web browser page. The information is also logged to the yourServer /plugins/content_mgr/logs/wpsimport.log log file. New data is appended to the log, so you may want to monitor its size as you proceed through many indexing operations.
Page 376: Maintaining Web Publishing Data
Report function. The Repair function indicates on the report which repairs have been completed and what the repair accomplished. For example, “Repair: Removing Properties Record.” 376 Netscape Enterprise Server Administrator’s Guide...
Page 377 Maintaining Web Publishing Data • Optimize the collection—You can optimize the web publishing collection to improve performance if you frequently add, delete, or update documents or directories in your collections. An analogy is defragmenting your hard drive. Optimizing is done automatically when you reindex or update a collection, so you should not need to do additional optimizing.
Page 378: Unlocking Files
You cannot use this page to unlock a file that begins with a period (as in Note .cshrc), a plus (+), an equals sign (=), an ampersand (&), or any hexadecimal character. You have to log into Web Publisher as the user and unlock the file there. 378 Netscape Enterprise Server Administrator’s Guide...
Page 379: Adding Custom Properties
Adding Custom Properties Adding Custom Properties As server administrator, you can add your own custom Web Publisher file properties. These properties are added to the default set of file properties stored in the web publishing collection. Server clients can view visible custom properties in Web Publisher and use them in their document searches.
Page 380 META attribute is used as the value of the property and you can search for files that contain this META-tagged property. The property must conform to the same conventions as property names. 380 Netscape Enterprise Server Administrator’s Guide...
Page 381: Managing Properties
Managing Properties Because all attributes tagged with META are defined as text, sorting Note operations on fields containing dates or numbers do not sort in the expected date or number order. With this feature, you can redefine META- tagged attributes to dates or numeric values to obtain valid sort sequences. Click OK to create the new custom property.
Page 382: Customizing Your Netshare Home Page
As server administrator, you can customize these pages to meet specific user requirements. These pages are defined as a set of modifiable pattern files that contain pattern variables for the Web Publisher properties. These variables are 382 Netscape Enterprise Server Administrator’s Guide...
Page 383: The Web Publisher Attributes
Customizing the Web Publisher User Interface named by taking the attribute name defined in the dblist.ini file (located in the yourServer/plugins/search.admin directory) and adding the prefix $$. For example, you can $$ to the variable CM_LOCK_OWNER to create the $$CM_LOCK_OWNER variable for displaying the lock owner in an HTML pattern file.
Page 384 The text defined for the file with the HTML META tag of Description. CM_TITLE Assigned-Title The title defined for the file with the HTML META tag of Title. (not used) CM_LOCALE Locale The language defined for Web Publisher. 384 Netscape Enterprise Server Administrator’s Guide...
Page 385: The Web Publisher Pattern Files
Customizing the Web Publisher User Interface Table 15.3 Web Publishing attributes. listed in order of NS-idxattr number Attribute Name Display Name Type Size Description CM_IS_INDEXED Is-indexed A flag indicating that the content and metadata of a file has been indexed. CM_IS_PERSISTENT Is-persistent A flag indicating that the metadata...
Page 386: Pointing Pattern Variables
There are some pattern variables that point at specific files and displays them in one of the frames in the browser. The pointer variables that you can use in your pattern file are listed in Table 15.4. 386 Netscape Enterprise Server Administrator’s Guide...
Page 387: Conditional Variables
Customizing the Web Publisher User Interface Table 15.4 Pointing pattern variables Variable name Result $$CM_CUSTOM_FEILD_NS Custom properties page (gets data for it) $$CM_HTML_REND_NS The right frame displays the HTML version of the file $$CM_LINK_INFO_NS Link status page $$CM_SYS_PROP_NS Properties page $$CM_TOC_NS Left-hand frame $$CM_USR_PROP_NS...
Page 388 <TD><input name="CM_OWNER" value="$$CM_OWNER" size="40"</TD> <TR VALIGN=BASELINE><TD NOWRAP><B>Title</B>:</TD><TD>$$Title</TD></TR> <TR VALIGN=BASELINE><TD NOWRAP><B>Author</B>:</TD><TD>$$CM_AUTHOR</TD></TR> <TR VALIGN=BASELINE><TD><B>Lock Status:</B></TD> <TD>$$CM_LOCK_STAT (only lock owner may unlock) <SPACER type=horizontal size=10></SPACER> $$CM_LOCK_VAL:<SPACER type=horizontal size=5></SPACER> <INPUT TYPE="checkbox" NAME="CM_LOCK_STAT" ><BR></TD></TR> $$IF_DOC_HAS_RENDITON[ <TD NOWRAP><B>Rendition</B>:</TD> <TD><A HREF="$$CM_URL?$$CM_HTML_REND_NS">HTML</A></TD> </TR> 388 Netscape Enterprise Server Administrator’s Guide...
Page 389 Customizing the Web Publisher User Interface Notice these aspects of the lines: • The owner field is limited to 40 characters. • The title and author fields are read-only. • The lock status information a checkbox with its own associated label that varies depending on whether the file is already locked or unlocked, as indicated by the value of $$CM_LOCK_VAL.
Page 390 Customizing the Web Publisher User Interface 390 Netscape Enterprise Server Administrator’s Guide...
Page 391: Chapter 16 Using Search
C h a p t e r Using Search Chapter 16 The Netscape Enterprise Server search function allows you to search the contents and attributes of documents on the server. As the server administrator, you can create a customized text search interface tailored to your user community.
Page 392: Configuring Text Search
Collection-specific configuring affects how documents are indexed into a particular collection, so you must define these before creating the collection. Other configuring actions can be defined at any time because they only affect the searches themselves. 392 Netscape Enterprise Server Administrator’s Guide...
Page 393: Controlling Search Access
Configuring Text Search Collection-specific configuration actions: • define URL mappings for the document directories to be indexed • define the pattern files to display for searches on a particular collection Configurations that affect all collections: • establish access control for files and directories •...
Page 394 Type in a nickname that maps the URL to the additional document directory you want to define. For example, type in the word plans. Type the absolute physical path of the directory you want the URL mapping to map to. 394 Netscape Enterprise Server Administrator’s Guide...
Page 395: Deciding Which Words Not To Search
Configuring Text Search For example, C:/Netscape/server4/docs/marketing/bizplans If you want to apply a style to the directory, select the style in the Apply Style drop-down list. For more information about styles, see Chapter 12, “Working With Configuration Styles.” Click OK to create the additional document directory. Once you create a collection based on an additional document directory, you Note cannot change the URL mapping or the collection’s entries will target the URL...
Page 396: Turning Search On Or Off
To turn off the search function, use The Search State Page in the Enterprise Server user interface. Configuring the Search Parameters As server administrator, you can set the default parameters that govern what users see when they get search results. 396 Netscape Enterprise Server Administrator’s Guide...
Page 397 Configuring Text Search To configure search parameters: From the Enterprise Server, choose Search. Click the Search Configuration link. The Search Configuration window appears. Type the default maximum number of search result items displayed to users at a time. This number cannot be larger than the value for the largest possible result set size, as defined in Step 4.
Page 398: Configuring Your Pattern Files
In the pattern file, you define the look, feel, and function of the text search interface. Pattern files use pattern variables that you can use to customize background color, help text, 398 Netscape Enterprise Server Administrator’s Guide...
Page 399 Configuring Text Search banners, and so on. In some cases, the values are pathnames to the files that contain the actual text and graphics that these variables represent; in other cases, the values represent text and HTML. You can use the default pattern files, or you can create your own customized set of files and point to them from here.
Page 400: Configuring Manually
For more information, see “User-defined Pattern Variables” on page 440. • dblist.ini—This collection contents file describes collection-specific information. When you create and maintain collections, the dblist.ini file is updated for you with information about your collections. 400 Netscape Enterprise Server Administrator’s Guide...
Page 401: Adjusting The Maximum Number Of Attributes
Configuring Text Search Adjusting the Maximum Number of Attributes Collections have different sets of default attributes that depend on which file format they are. For example, HTML files have Title and SourceType. You can also define META-tagged HTML attributes in your HTML files. Some file formats, such as PDF, have a great many default attributes.
Page 402: Restricting Memory For Indexing
Web Publishing appears in the Search In field of the user’s standard search query page. To remove the Web Publishing collection from this field, you need to edit the dblist.ini file as follows: In the “[web_htm]” section, change “NS-display-select=YES” to “NS- display-select=NO”. Restart the server. 402 Netscape Enterprise Server Administrator’s Guide...
Page 403: Indexing Your Documents
Indexing Your Documents Indexing Your Documents Before users can execute searches, they need a database of searchable data against which they can target their searches. To do this, you create a database, called a collection, that indexes and stores information about the documents such as their content and file properties.
Page 404: About Collection Attributes
The date the news item was created. Date EMAIL text The source userID of the email. From text The destination userID of the email. text The text from the email’s subject field. Subject 404 Netscape Enterprise Server Administrator’s Guide...
Page 405 Indexing Your Documents Table 16.2 The default attributes indexed for each file format date The date the email was created. Date text An internal ID number. InstanceID text An internal ID number. PermanentID integer The number of pages in the document. NumPages text The directory where the PDF file exists.
Page 406: Installing Filters
The server automatically restarts. If you are migrating from Enterprise Server 3.6, you may already have the filters you need. For more information, see the migration information in the Enterprise Server Installation and Migration Guide. 406 Netscape Enterprise Server Administrator’s Guide...
Page 407: Creating A New Collection
Indexing Your Documents Creating a New Collection You can create a collection that indexes the content of all or some of the files in a directory. You can define collections that contain only one kind of file or you can create a collection of documents in various formats that are automatically converted to HTML during indexing.
Page 408 The label is what is displayed to the user from the search interface. In the optional Collection Label field, type a user-defined name for your collection. 408 Netscape Enterprise Server Administrator’s Guide...
Page 409 Indexing Your Documents This is what users see when they use the text search interface. Make your collection’s label as descriptive and relevant as possible. You can use any characters except single or double quotation marks, up to a maximum of 128 characters.
Page 410: Configuring A Collection
URL mapping /publisher/help, and you have changed that mapping to the simpler /helpFiles, you would replace the URL of /publisher/help with the /helpFiles in this field. For more information about additional document directories, see “Mapping URLs” on page 393. 410 Netscape Enterprise Server Administrator’s Guide...
Page 411: Updating A Collection
Indexing Your Documents In the Highlight Begin and Highlight End fields, you can type in the HTML tagging you want the server to use when highlighting a search query word or phrase in a displayed document. The default is to use bold, with the <b> and </b> tags, but you can add to this or change it.
Page 412 /publisher. This does not apply for removing documents. Click AddDocs to add the indicated files and subdirectories. Click RemoveDocs to remove the indicated files. 412 Netscape Enterprise Server Administrator’s Guide...
Page 413: Maintaining A Collection
Indexing Your Documents Maintaining a Collection Periodically, you may want to maintain your collections. With normal usage, these tasks may not be necessary, but if you do a great deal of indexing and updating of collections, you may want to use some of these functions occasionally.
Page 414: Scheduling Regular Maintenance
Click the Schedule Collection Maintenance link. The Schedule Collection Maintenance window appears. Choose a collection from the drop-down list. This lists all the collections that you have created. Choose an action from the drop-down list: Reindex, Optimize, or Update. 414 Netscape Enterprise Server Administrator’s Guide...
Page 415 Indexing Your Documents You can set up different schedules for different operations on the same collection. If you choose to update your collection, two extra fields are displayed for entering the document matching criteria and for including documents found in subdirectories that match your criteria. In the Schedule Time field, type in the time of day when you want the scheduled maintenance to take place.
Page 416: Unscheduling Collection Maintenance
Click the Cron Control link. If NS-CRON is already on, click Restart to restart it. If NS-CRON is not on, click Start to start it up. In either case, your regularly scheduled maintenance will no longer take place. 416 Netscape Enterprise Server Administrator’s Guide...
Page 417: Performing A Search: The Basics
A Search Query The default installation of Netscape Enterprise Server includes three search query pages: standard and advanced HTML queries and a Java-based guided query.
Page 418: Guided Search
Make sure Java is enabled for your browser. To do this, use the Languages Note option preferences menu command. 418 Netscape Enterprise Server Administrator’s Guide...
Page 419 Performing a Search: The Basics The attributes for Version Control and Link Management are no longer used in Note Entperprise Server. However, note that if you perform a guided search, Enterprise Server may still return them; consequently, do not use these variables.
Page 420: Advanced Search
To access advanced HTML search through the standard search query page, follow these steps: Go to the standard search query page by typing this URL in the location field in your web browser: http:// yourServer /search 420 Netscape Enterprise Server Administrator’s Guide...
Page 421: The Search Results
Performing a Search: The Basics Disable Java for your browser. To do this, use the Languages option preferences menu command. Click Guided Search on the standard search page and the advanced HTML query page is displayed. In the For field, type in the word or phrase you want to search for. You can create complex queries by combining operators.
Page 422: Listing Matched Documents
• Whenever a user searches on the Web Publishing collection. Listing Matched Documents In the default installation of the Netscape Enterprise Server, when you execute a search from either the simple or advanced search query pages, you obtain a list of the documents that match your search criteria. The list gives some standard information about each file, depending on the collection’s format.
Page 423: Displaying A Highlighted Document
META-tagged attribute. Displaying a Highlighted Document In the default installation of Netscape Enterprise Server, when you obtain a list of the documents that match your search criteria, you can select a single document to view in your web browser. Depending on how the pattern files are set up, the word you entered as your original search query can be highlighted in the displayed document with color, boldface text, or blinking.
Page 424: Displaying Collection Contents
Displaying Collection Contents You can display the contents of your collection database to see which attributes are set for each collection. The default installation of Netscape Enterprise Server uses the HTML-description.pat file to display information about each of your collections that have been defined as displayable (NS-display-select = YES) in the dblist.ini file.
Page 425: Default Assumptions
Using the Query Operators Not all queries rank their results. Only those queries that can have varying degrees of matching can be ranked. For example, <CONTAINS queries either do or do not contain the given string, but <NEAR queries can be ranked according to how close the words are to each other: words closer together are listed at the top of the search results, while those that are far apart are put at the bottom of the results.
Page 426: Search Rules
<CONTAINS ebb "and" flow Canceling Stemming You can cancel the implicit stemming by using quotation marks around a word. For example, you can be exact by using a query such as this: "plan" 426 Netscape Enterprise Server Administrator’s Guide...
Page 427: Modifying Operators
Using the Query Operators This search only results in documents that contain the exact word plan. It ignores documents with plans or planning. Modifying Operators You can use AND, OR, and NOT to modify other operators. For example, you may want to exclude documents with titles that contain the phrase theme park. A query such as this would solve this problem: Title NOT <CONTAINS theme park Determining Which Operators To Use...
Page 428 Finds documents created on or after June 30, 1996. less than (<) Finds documents in which a document Created < 6-30-96 field is less than a specific date or numeric value. Finds documents created before June 30, 1996. 428 Netscape Enterprise Server Administrator’s Guide...
Page 429 Using the Query Operators Table 16.4 Query language operators Operator Description Examples less than or equal Finds documents in which a document Created <= 6-30-96 to (<=) field is less than or equal to a specific date or numeric value. Finds documents created on or before June 30, 1996.
Page 430 Note: This works with literals only. If you input web*, the asterisk does not work as Does not work with wildcards. a wildcard, so the search succeeds only with the exact “web*” string. Does not rank documents for relevance. 430 Netscape Enterprise Server Administrator’s Guide...
Page 431: Using Wildcards
Using the Query Operators Table 16.4 Query language operators Operator Description Examples Finds documents that contain the <WILDCARD> <WILDCARD> plan* wildcard characters in the search string. Finds documents that contain plan, plane, You can use this to get words that have and planet as well as any word that begins some similar spellings but which would with plan, such as planned, plans, and...
Page 432 The caret (^) must be the first character after the left bracket. Specifies a range of characters in a set. For example, <WILDCARD> ‘Ch[a-j]t‘ finds documents that contain any four-letter word from chat to chjt. 432 Netscape Enterprise Server Administrator’s Guide...
Page 433: Non-Alphanumeric Characters
Using the Query Operators Non-alphanumeric Characters You can only search for non-alphanumeric characters if the style.lex file used to create the collection is set up to recognize them. This file is in the HTML, news, and mail subdirectories in the server_root\plugins\common\ directory.
Page 434: Customizing The Search Interface
Use the uri parameter to specify a dynamically generated file, such as a CGI program, as the header or footer. For example: uri="/cgi-bin/header.cgi" These Service functions should precede the actual Service function that will answer the request, such as send-file or send-cgi. 434 Netscape Enterprise Server Administrator’s Guide...
Page 435: Html Pattern Files
In the default installation of Netscape Enterprise Server, the pattern files are in this directory: server_root\plugins\search\ui\text. (Make copies of your original pattern files so you can restore them afterwards.)
Page 436 $$NS-host search macro. • $$queryLabel: Defined in the userdefs.ini file as a text label for the query input field. In this case, the label on the form is the word “For:” 436 Netscape Enterprise Server Administrator’s Guide...
Page 437: Search Function Syntax
Customizing the Search Interface • NS-query: Defined in this pattern file as the name of the input field. $$NS-display-query: Defined in the userdefs.ini file. The search generates a variable from this field that can be used in subsequent searches to determine which word or phrase to highlight when an entire matching document is displayed.
Page 438: Url Encodings
+ symbol (plus sign) in queries or to %20 in output. The following table shows the most commonly used URL codes. Table 16.6 Common URL encodings Character Description Code Space Semicolon Slash Question mark Colon At sign Equal sign & Ampersand 438 Netscape Enterprise Server Administrator’s Guide...
Page 439: Required Search Arguments
Customizing the Search Interface Required Search Arguments Although you can customize almost every aspect of query and result pages, there are some arguments required for search functions to display the different types of search pages. These arguments are required whether the search function is in a decorated URL or embedded as an HREF in a pattern file.
Page 440: User-Defined Pattern Variables
Characters can be letters A-Z in upper or lower case, hyphens (-), and underscores (_). Names are case sensitive. The default userdefs.ini file included with Netscape Enterprise Server contains variables that are used to define the search query page (labeled...
Page 441: Configuration File Variables
Customizing the Search Interface The file also includes references to search macros, such as $$NS-server-url, and can also refer to other user-defined variables, as in the following lines: uidir = $$NS-server-url/search-ui icondir = $$uidir/icons Search macros are described further in “Macros and Generated Pattern Variables”...
Page 442 Customizing the Search Interface Variables that define defaults for all searches on a server are defined in the system configuration file, webpub.conf. For example, the default installation of Netscape Enterprise Server includes the following variables in the webpub.conf file: NS-max-records = 20 NS-query-pat = /text/NS-query.pat...
Page 443 Customizing the Search Interface Collection-specific variables are defined in the dblist.ini file. For example, the default installation of Netscape Enterprise Server includes variables for the web publishing collection. Among the variables defined there are: NS-collection-alias = Web Publishing NS-doc-root = C:/Netscape/server4/docs...
Page 444: Macros And Generated Pattern Variables
$$NS-doc-path The ranked score of the document (ranges 0 to 100). $$NS-doc-score The ranked score of the document (ranges 0 to 10). $$NS-doc-score-div10 The ranked score of the document (ranges 0 to 5). $$NS-doc-score-div5 444 Netscape Enterprise Server Administrator’s Guide...
Page 445 Customizing the Search Interface Table 16.10 Macros and generated pattern variables Variable Description To obtain The creation time for a document in the results list. $$NS-doc-time this value, you must set NS-use-system-stat = YES in the webpub.conf file. By default it is set to NO, since system statistics are expensive.
Page 446 Customizing the Search Interface 446 Netscape Enterprise Server Administrator’s Guide...
Page 447: Appendixes
Appendixes • HyperText Transfer Protocol • ACL File Syntax • Internationalized Enterprise Server • Server Extensions for Microsoft FrontPage...
Page 448 448 Netscape Enterprise Server Administrator’s Guide...
Page 449: Appendix A Hypertext Transfer Protocol
Appendix HyperText Transfer Protocol Appendix A This appendix provides a short introduction to a few HyperText Transfer Protocol (HTTP) basics. For more information on HTTP, see the IETF home page at: http://www.ietf.org/home.html This appendix contains the following sections: • About HyperText Transfer Protocol (HTTP) •...
Page 450: Requests
The connection is then closed. The Netscape Enterprise Server 4.0 supports HTTP 1.1. Previous versions of the server supported HTTP 1.0. The server is conditionally compliant with the HTTP 1.1 proposed standard, as approved by the Internet Engineering Steering...
Page 451: Request Header
Responses Request Header The client can send header fields to the server. Most are optional. Some commonly used request headers are shown in Table A.1. Table A.1 Common request headers Request header Description The file types the client can accept. Accept Used if the client wants to authenticate itself with a Authorization...
Page 452: Status Code
304 code instead of returning the page, reducing unnecessary network traffic. This is not an error. Unauthorized. The user requested a document but didn’t provide a valid username or password. Forbidden. Access to this URL is forbidden. 452 Netscape Enterprise Server Administrator’s Guide...
Page 453: Response Header
Responses Table A.2 Common HTTP status codes Status code Meaning Not found. The document requested isn’t on the server. This code can also be sent if the server has been told to protect the document by telling unauthorized people that it doesn’t exist. Server error.
Page 454 Responses 454 Netscape Enterprise Server Administrator’s Guide...
Page 455: Appendix B Acl File Syntax
Appendix ACL File Syntax Appendix B This appendix describes the access-control list (ACL) files and their syntax. ACL files are text files that contain lists that define who can access resources stored on your web server. By default, the web server uses one ACL file that contains all of the lists for access to your server.
Page 456: Acl File Syntax
After you define the type of ACL, you can have one or more statements that define the method used with the ACL (authentication statements) and the people and computers who are allowed or denied access (authorization statements). The following sections describe the syntax for these statements. 456 Netscape Enterprise Server Administrator’s Guide...
Page 457: Authentication Statements
ACL File Syntax Authentication Statements ACLs can optionally specify the authentication method the server must use when processing the ACL. There are two general methods: • Basic requires users to enter a username and password before accessing a resource. • SSL requires the user to have a client certificate. For this method to work, the web server must have encryption turned on, and the CA must be in the list of trusted CAs.
Page 458: Authorization Statements
ACL containing the absolute statement. If you have two absolute statements for the same resource, the server uses the first one in the file and stops looking for other resources that match. 458 Netscape Enterprise Server Administrator’s Guide...
Page 459: Attribute Expressions
ACL File Syntax For example, using the ACL hierarchy with the request for the document /my_stuff/web/presentation.html, you could have an absolute ACL that restricts access to the file type *.html. Then the server would use that ACL instead of looking for one that matches the URI or the path. version 3.0;...
Page 460: Operators For Expressions
• != (not equal to) With timeofday and dayofweek, you can use the following additional operators: • greater than • < less than • = greater than or equal to • <= less than or equal to 460 Netscape Enterprise Server Administrator’s Guide...
Page 461: The Default Acl File
ACL File Syntax The Default ACL File After installing the server, the server uses the default settings in the file server_root/httpacl/generated.https-serverid.acl. There is also a file called genwork.https-serverid.acl that is a working copy the server uses until you save and apply your changes when working with the user interface.
Page 462: General Syntax Items
The aclname is a unique name of an ACL as it appears in any ACL file. For example, you might add the following lines to your obj.conf file if you want to restrict access to a directory using the acl named testacl: <Object ppath="/usr/ns-home/docs/test/*" PathCheck fn="check-acl" acl="testacl" </Object 462 Netscape Enterprise Server Administrator’s Guide...
Page 463 Referencing ACL Files in obj.conf In the previous example, the first line is the object that states which server resource you want to restrict access to. The second line is the PathCheck directive that uses the check-acl function to bind the name ACL (testacl) to the object in which the directive appears.
Page 464 Referencing ACL Files in obj.conf 464 Netscape Enterprise Server Administrator’s Guide...
Page 465: Appendix C Internationalized Enterprise Server
Appendix Internationalized Enterprise Server Appendix C The internationalized version of the Enterprise Server contains special features tailored for the non-U.S. environment. These features include a choice of user- interface language (Japanese, French, or German) and a choice of search engines that allow you to use text search on a variety of languages. This appendix contains the following sections: •...
Page 466: Installing The Server
UTF-8 form-capable client (such as Netscape Communicator) to input 8-bit or double-byte data. If you let users access their own user and group information, they will need to use a UTF-8 form-capable client. 466 Netscape Enterprise Server Administrator’s Guide...
Page 467: Using The Accept Language Header
General Information Enterprise Server 4.0 no longer packages the ldapsearch and ldapmodify Note utilities. Earlier versions of Enterprise Server included them, since those versions employed local LDAP database support. Enterprise Server 4.0 now uses an LDAP server all the time which includes these utilities. The default maximum number of parallel LDAP sessions is now set to 8.
Page 468: Language Settings In Configuration Files
Sets the language used for administrative pages AdminLanguage en, fr, that are accessed through the administration de, ja server. The language used if a value cannot be found DefaultLanguage en, fr, for the client or admin languages. de, ja 468 Netscape Enterprise Server Administrator’s Guide...
Page 469: Server-Side Javascript Information
Server-side JavaScript Information Server-side JavaScript Information When you use server-side JavaScript with the international version of the server, you have additional things to consider when compiling applications and using databases. For example, you can specify the language of the JavaScript application one of two ways: using the compiler, or using the HTML <META>...
Page 470 Binary output file .web When you specify the language using the compiler option, you can only specify one language. If you want to specify multiple languages, you can use the <META> tag in the individual files. 470 Netscape Enterprise Server Administrator’s Guide...
Page 471: Specifying The Character Set With The Tag
Server-side JavaScript Information Specifying the Character Set With the <META> Tag You can also use the <META> tag to specify the character set information. For example, if you put the following statement into the header (between <HEAD> and </HEAD>) in a JavaScript program, the server-side JavaScript compiler (jsac) considers the file to be written in x-sjis.
Page 472: Verifying The Connection
Enter the following information in the window, and click Connect. If your server identifier, user ID, or password is different from these default values, enter your actual values here. Table C.6 Field Value Server Type ORACLE Server Identifier WG73 User ID system Password manager Database 472 Netscape Enterprise Server Administrator’s Guide...
Page 473: Verifying The Language Setup
Server-side JavaScript Information Unless you see an error indicating otherwise, you are now connected. Verifying the Language Setup Use the videoapp sample application to verify the language setup. If your ORACLE installation has a server identifier, user ID, or password that is different from the default values shown in the previous table, be sure to specify the actual values in the start.htm file at the following line: project.sharedConnections.pool =...
Page 474: Search Information
• Italian • Spanish • Swedish • Dutch • Japanese • Korean • Simplified Chinese • Traditional Chinese You choose which search engines to install when you install the international version of the server. 474 Netscape Enterprise Server Administrator’s Guide...
Page 475: International Search And Auto Catalog
Search Information International Search and Auto Catalog If your server contains documents in various character set encodings, the search collections and/or auto catalog for the documents will inherit the same encodings as the originals. To view documents in different character set encodings, users must change the character set encoding for their browsers.
Page 476: Document Formats
Searching in Japanese The following sections give additional information about searching in the Japanese character set. Document Codes This release supports the following document codes for the Japanese language: • euc • sjis • jis (7-bit) 476 Netscape Enterprise Server Administrator’s Guide...
Page 477: Getting Support For Accented Characters In Filenames
Getting Support for Accented Characters in Filenames Search Words This release supports the following search words: • Kanji • hirakana • katakana (full-width and half-width) • ascii-string (full-width and half-width) The search engine translates half-width katakana to full-width katakana, and translates full-width ascii-string to half-width ascii-string.
Page 478 “English NS 8859 (ISO-8859-1” from the “Documents are in” drop-down list, and reindex all the documents in the collection. 478 Netscape Enterprise Server Administrator’s Guide...
Page 479: Appendix D Server Extensions For Microsoft
Appendix Server Extensions for Microsoft Appendix D FrontPage This appendix describes using server extensions on your Netscape Enterprise Server that provide support for Microsoft’s FrontPage. These extensions provide the internal server-side support you need if you are using FrontPage webs. This appendix includes the following sections: •...
Page 480: Types Of Frontpage Webs
The root web and all sub-webs on a server must have separate copies of the extensions installed or have stub executables of the extensions programs. Having separate copies of the extensions for each FrontPage weblets the server 480 Netscape Enterprise Server Administrator’s Guide...
Page 481: Domain Names And Frontpage Webs
Overview administrator enforce different end-user, author, and administrator permissions on each FrontPage web, since FrontPage uses the server’s built-insecurity mechanism to control access. Domain Names And Frontpage Webs FrontPage webs can be implemented on a Enterprise Server and accessed by web browsers in the following ways: •...
Page 482: Downloading The Extensions
— [Unix] You can download from Ready-to-Run Software’s web site an install script and a set of server extensions. Download the fp_install.sh file and the tar file for your platform (for Solaris, it is fp30.solaris.tar.z) 482 Netscape Enterprise Server Administrator’s Guide...
Page 483: Getting Ready For Installation
Downloading the Extensions — [Unix] You can download from Microsoft’s web site an install script and a set of server extensions.Download the fp_install.sh file and the tar file for your platform (for Solaris, it is fp30.solaris.tar.z). Getting Ready for Installation Before you install the FrontPage Server Extensions, you need to be sure you have enough disk space available on your local machine, that you have a document root directory, that you have enabled authentication, and that you...
Page 484: Some Additional Considerations
The installation process for the FrontPage97 and FrontPage98 extensions on a Windows NT system is relatively straightforward. You download and run an executable file, which installs several files and folders on your system. The 484 Netscape Enterprise Server Administrator’s Guide...
Page 485 Installing FrontPage Server Extensions extensions require a specific directory structure, which is discussed later in this section. After installation, you must perform some additional administrative tasks for setting permissions and accessing specific webs. These installation instructions are for the standalone FrontPage Server Extensions that are in a self-extracting executable that is downloadable from the Microsoft FrontPage web site.
Page 486 • The FrontPage Server Administrator (fpsrvwin.exe) and a command line version (fpsrvadm.exe) are copied to the \bin directory. The FrontPage Server Administrator is a tool for installing, updating, verifying, or removing the FrontPage Server Extensions. • The Server Extensions Resource Kit. 486 Netscape Enterprise Server Administrator’s Guide...
Page 487 Installing FrontPage Server Extensions • HTML Administration forms, a set of HTML forms for remotely administering the FrontPage Server Extensions via web browsers. Also a command line utility (fpremadm.exe) for remote administration of the FrontPage Server Extensions is installed in the \bin directory. Installation also modifies or adds the following files and directories: •...
Page 488: Installing Frontpage97 Server Extensions On Unix Systems
This is because if you choose not to install the extensions in the /usr/local directory, a soft link is added automatically between /usr/local and the directory you wish to use. 488 Netscape Enterprise Server Administrator’s Guide...
Page 489 Installing FrontPage Server Extensions To install the extensions, perform the following steps: Log on to your Enterprise Server user account so you can install the FrontPage Server Extensions from the tar file: cd /usr/local Untar the downloaded file. This creates a /usr/local/FrontPage/version2.0 directory and installs several other new directories under the document root directory.
Page 490 The installation process also updates the text indices and recalculates the links in the Web, adds a FrontPage administration account, password, and IP address restriction, and reminds the web administrator to restart the server if new ObjectType directives were added to the obj.conf file. 490 Netscape Enterprise Server Administrator’s Guide...
Page 491 Installing FrontPage Server Extensions During installation, the install shell modifies or adds the following files and directories: • Modifies magnus.conf • Creates a configuration file named /usr/local/frontpage/<hostname:port.cnf • Modifies the server’s configuration file (obj.conf) to add ObjectType directives, marking three of the /_vti_ directories as containing executables.
Page 492: Installing Frontpage98 Server Extensions On Unix Systems
Run the fp_install.sh shell program and follow the on-screen instructions, which ask for parameter information. When you are prompted for the name of the server configuration file, enter the pathname of your server’s magnus.conf file. 492 Netscape Enterprise Server Administrator’s Guide...
Page 493 Installing FrontPage Server Extensions Installing the Server Extensions on each FrontPage web may take several minutes and may increase the CPU load on your computer. If this is a new installation of the FrontPage Server Extensions, each page’s contents are parsed to expand FrontPage components, such as Include components and Substitution components, create a hyperlink map of the FrontPage web, and extract page titles and base URLs.
Page 494: Further Information
• Microsoft’s Technical Support for FP97 • Ready-to-Run FP97 Server Extensions Support • Ready-to-Run FP97 Server Extensions for Netscape Useful FrontPage 98 information: • Microsoft FP98 WPP main page • Ready-to-Run FP98 Server Extensions support page 494 Netscape Enterprise Server Administrator’s Guide...
Page 495: Glossary
Glossary Access Control List. A mechanism for defining which users have access to your server. You can define ACL rules that are specific to a particular file or directory, granting or denying access to one or more users and groups. The username and password file for the Enterprise Administrator Server admpw superuser.
Page 496 Fancy indexing displays a list of contents by name with file size, last modification date, and an icon reflecting file type. Because of this, fancy indexes might take longer than simple indexes for the client to load. 496 Netscape Enterprise Server Administrator’s Guide...
Page 497 The last part of a filename that typically defines the type of file. For example, in file extension the filename index.html the file extension is html. The format of a given file. For example, a graphics file doesn’t have the same file type file type as a text file.
Page 498 An abbreviation for the HTTP daemon or service, a program that serves HTTPD information using the HTTP protocol. The Netscape Enterprise Server is often called an HTTPD. A secure version of HTTP, implemented using the Secure Sockets Layer, SSL. HTTPS...
Page 499 Extensions that enable all Java servlet metafunctions, including instantiation, Java Servlets initialization, destruction, access from other components, and configuration management. Java servlets are reusable Java applications that run on a web server rather than in a web browser. The last modification time of the document file, returned in the HTTP response last-modified header from the server.
Page 500 It’s also used to maintain the integrity of relative links when directories are accessed without a trailing slash. 500 Netscape Enterprise Server Administrator’s Guide...
Page 501 Any document (URL), directory, or program that the server can access and send resource to a client that requests it. Request For Comments. Usually, procedures or standards documents submitted to the Internet community. People can send comments on the technologies before they become accepted standards.
Page 502 URL mapping defined alias so that files within the directory need only refer to the directory’s alias instead of the file’s full physical pathname. Thus, instead of identifying a file as usr/Netscape/SuiteSpot/docs/index.html, you could identify 502 Netscape Enterprise Server Administrator’s Guide...
Page 503 the file as /myDocs/index.html. This provides additional security for a server by eliminating the need for users to know the physical location of server files. The capability of server clients to access and manipulate server files, editing web publishing and publishing documents remotely. Web publishing provides document version control, link management, search, access control, and agent services to server users.
Page 504 504 Netscape Enterprise Server Administrator’s Guide...
Page 505: Index
Index Note that if you are looking for a reference to a specific Enterprise Administration Server or Server Manager page, see the online help. Symbols $$NS-doc-score-div10 444 $$NS-doc-score-div5 444 - 432, 441 $$NS-docs-found 445 != (not equal to) 460 $$NS-doc-size 445 "...
Page 506 @ 433, 438 examples 348 feature overview 35 ^ 432 files 331 ^, in wildcards 26, 49, 85, 89, 98, 135, 261, 339 FrontPage 481 ‘ 433 hostnames 342 { 433 hostnames and IP addresses 326 506 Netscape Enterprise Server Administrator’s Guide...
Page 507 IP addresses 342 ActiveThreads 235, 257 LDAP directories and 342 Add Custom Properties, Web Publishing list (ACLs) 332 link 379 methods (Basic, SSL) 327 additional document directories 312 Netshare 364 AddLog 245 Not Found message 347 overview 326 Address 235 owner username 371 address, bind-to programs 343...
Page 508 Enterprise Server, how to 259 attribute, search options binddn 328 list of 88 bin directory 41 attribute expressions bind-to address, changing 170 ACL 459 bong-file 75 operators 460 buckets, performance 222 attributeName 383 reports 223 508 Netscape Enterprise Server Administrator’s Guide...
Page 509 buffer, log examples 139 flushing 191 client, mapping to LDAP 134 clients, using 134 Busy functions 245 definition 115 BusyThreads 235, 257 how Enterprise Server authenticates users 116 installing and managing 123 managing 126 c 138 mapping to LDAP entries 134 CA (Certificate Authority) migrating Enterprise Server 3.X to 4.0 142 definition 115...
Page 510 LDAP 134 CM_SourceType 385 using 134 CM_TITLE 384 client-cookie 296 CM_URI 384 Client-Host 190 CM_VERSION 384 ClientLanguage 468 CM_VERSIONED 384 client object maintenance 300 CmapLdapAttr 138, 141 client-side applications 267 cn 85, 138 client-url 296 510 Netscape Enterprise Server Administrator’s Guide...
Page 511 collection, Web Publishing conf_bk directory 42, 43 removing access to 402 CONFIG 208, 211 collection management tasks master agent, editing 212 Web Publisher 377 config 166, 231 collections config directory 43 about 403 CONFIG file 212 attributes of 404–405 configuration, multiple-server, installation 45 configuring 410 conversion filters 404–405 configuration, single-server...
Page 512 SNMP, restarting 209 SSL3 (SSL) 132 daemon, cron SSL3Ciphers (SSL) 133 using cron controls 78 SSL3SessionTimeout (SSL) 133 SSLCacheEntries (SSL) 133 DaemonStats 261 SSLClientAuth (SSL) 133 data, request 451 SSLSessionTimeout (SSL) 133 data, response 453 512 Netscape Enterprise Server Administrator’s Guide...
Page 513 directories directory indexing 316 additional document 312 index filenames 316 document root 312 parsing the Accept Language Header 318 moving the server 167 server home page 317 primary document 312 document root 312 Directory Server configuring 312 LDIF import/export function, required for 82 JavaScript applications and 298 must install to add users and groups to documents...
Page 514 223 example 77 file cache, NSFC viewing 77 dynamic control and monitoring 250 error log file 184, 185 initializing 251 viewing 77 FileCacheEnable 248 error responses, customizing 170 file cache module, NSFC overview 247 514 Netscape Enterprise Server Administrator’s Guide...
Page 515 file extension, defined 497 file extensions generated pattern variables 444 CGI 280 GET 201, 450 file manipulation, remote GIF, defined 497 enabling 315 givenName 85 files access control 331 global attributes certmap.conf 136 servlets, configuring 273 unlocking 378 greater than 460 Files directives 177 greater than (>) 428 file types...
Page 516 441 httpStatisticsInUnknowns 204 defined 497 httpStatisticsNum200 204 pattern files 435 httpStatisticsNum2xx 204 html_doc 407 httpStatisticsNum302 204 HTTP (HyperText Transfer Protocol) compliance with 1.1 450 httpStatisticsNum304 204 defined 497 httpStatisticsNum3xx 204 overview 449 httpStatisticsNum401 205 516 Netscape Enterprise Server Administrator’s Guide...
Page 517 httpStatisticsNum403 205 installation certificates 123 httpStatisticsNum4xx 204 CGI programs 278 httpStatisticsNum5xx 204 JavaScript applications 294 httpStatisticsNumBytes 204 multiple servers 61 httpStatisticsNumProcessDns 204 internal-daemon log rotation 77 httpStatisticsNumProcessIdle 203 international considerations general information 465 httpStatisticsNumProcessProc 203 LDAP users and groups 466 httpStatisticsOutBytes 204 IP addresses httpStatisticsPort 203...
Page 518 254 language settings jvm.conf 254 magnus.conf 468 jvm12.conf 254 ns-admin.conf 468 jvm1x.conf 43 Last-modified 453 latin1 324 LDAP 87, 93, 171 certificates and 134 configuring directory services 79 mapping client certificates 134 518 Netscape Enterprise Server Administrator’s Guide...
Page 519 search results, table of 135 log file modes username and password authentication 327 problems 258 LDAP directories, and access control 342 log files access 184 ldapmodify 101 common format for 189 Directory Server utility 91 error 184, 185 LDAP search filter 100 flexible format 189 LDIF import/export function setting preferences for 189...
Page 520 MaxKeepAliveConnections 238 MMapSessionManager 43 MaxNumberOfCachedFiles 252, 260 modules MaxNumberOfOpenCachedFiles 253, 260 PKCS #11, adding 129 MaxProcs 225, 230, 256 modules, software MaxProcs (Unix) 227 Enterprise Server 36 MaxTotalCachedFileSize 239, 253, 260 MD5, defined 499 520 Netscape Enterprise Server Administrator’s Guide...
Page 521 Monitor, Performance (NT) Netscape MIBs 193 using 193 Netscape Server Application Programming Interface (NSAPI) defined 499 server extension, overview of 38 host, changing 170 Netshare multiple server instances access control 364 introduction 61 command-line utility, set path to run on Enterprise Server 367 multi-process mode command utility 367...
Page 522 427 NS-HTML-descriptions-pat 442 optimizing collections 377 NS-idxattr 386 options NS-language 443 components available at installation 39 NS-largest-set 442 OR 430, 475 NS-max-records 436, 442 or 460 NS-ms-tocend 442 NS-ms-tocstart 442 enabling WAI services 301 522 Netscape Enterprise Server Administrator’s Guide...
Page 523 organizational units using statistics to tune the server 233 creating 106 performance, server deleting 110 about 220 editing 109 buckets 222 finding 107 common problems 256 renaming 109 dynamic groups, impact of 97 OS version 53 issues 220 Unix platform 221 ou 138 Performance Monitor (NT) owner(s)
Page 524 161 configuring 313 RcvBufSize 225, 228 customizing 313 read access 343 public key 121 record.pat 435 Public Key Cryptography Standard (PKCS) #11 redirected URLs module, adding 129 preventing escape 273 524 Netscape Enterprise Server Administrator’s Guide...
Page 525 redirection 500 restricting symbolic links 179 redirection (access control) 347 rights, access setting 343 Referer 190, 451 rlim_fd_max 221 refresh 251 rlimit_nofile_max 221 registers 52 root relaxed logging 190 defined 501 Release Notes server and 167 URL 28 root web 480 remote file manipulation rotation, access log 78 enabling 315...
Page 526 169 wildcards, using 431 server root, defined 501 wildcards as literals 433 servers search filter 87 bind-to address 170 LDAP 100 changing the name 169 search type options general capabilities, international list of 89 526 Netscape Enterprise Server Administrator’s Guide...
Page 527 considerations 465 controlling 298 installing multiple 61 server-side JavaScript programs 290 LDAP users and groups, international Server Throughput (Kb/sec) 194 considerations 466 Server Total Bytes 194 location, changing 167 location, changing (Unix) 167 Server Total Errors 194 multiple instances, introduction 61 Server Total Requests 194 performance, about 220 server-url 296...
Page 528 216 stack data 53 snmpd 209 Stack Trace 52 snmpd.conf 209 stack trace 52 SNMP master agent standards enabling and starting 211 web software, support for 35 SOCKS, defined 501 start 251 528 Netscape Enterprise Server Administrator’s Guide...
Page 529 start command superuser settings Unix platforms 58 changing 70 startconsole 45 symbolic (soft) links definition 179 starting the server 161, 163 user account needed 167 symbolic links restricting (Unix) 179 STARTS 430, 476 symbolic links, restricting 179 startsvr.bat 43 syntax Static groups ACL files 456 definition 93...
Page 530 85, 138 defined 502 userdb directory 44 Uniform Resource Identifier (URI) 393 userdefs.ini 434, 440 uniqueMembers 94 userdefs.ini file 400 units, organizational user directories (Unix) creating 106 configuring 313 deleting 110 customizing 313 editing 109 530 Netscape Enterprise Server Administrator’s Guide...
Page 531 user entries creating new 84 variables default language 85 collection-specific 443 deleting 93 conditional, Web Publisher 387 Directory Server 84 file, configuration 441 finding 86 pattern, pointer 386 guidelines for creating 83 pattern, using 439 renaming 92 variables, pattern User-Group authentication 327 generated 444 user interface user-defined 440...
Page 532 ACLs 371 ownership of files and folders 358 x-euc-jp 323 pattern files 385 x-mac-roman 323 pattern variables 386 x-sjis 323, 471 removing properties 381 repairing the collection 376 reporting on the collection 376 532 Netscape Enterprise Server Administrator’s Guide...