 |
Administrator's
Guide Netscape Directory Server |
| Index |
DocHome | Next |
Contents
List of Figures
List of Tables
Introduction
Part 1 Administering
Netscape Directory Server
Chapter 1
Introduction to Netscape
Directory Server
Using the Directory
Server Console
Starting Directory Server Console
Copying Entry DNs to the Clipboard
Configuring the Directory Manager
Starting Directory Server Console
Copying Entry DNs to the Clipboard
Configuring the Directory Manager
Binding to the Directory
from Netscape Console
Changing Login Identity
Viewing the Current Bind DN from the Console
Changing Login Identity
Viewing the Current Bind DN from the Console
Starting and Stopping the
Directory Server
Starting/Stopping the Server from the Console
Starting/Stopping the Server from the Command-Line
Starting/Stopping the Server from the Console
Starting/Stopping the Server from the Command-Line
Configuring LDAP
Parameters
Changing Directory Server Port Numbers
Placing the Entire Directory Server in Read-Only Mode
Tracking Modifications to Directory Entries
Changing Directory Server Port Numbers
Placing the Entire Directory Server in Read-Only Mode
Tracking Modifications to Directory Entries
Cloning a Directory
Server
Creating a New Directory Server Instance
Cloning the Directory Configuration
Creating a New Directory Server Instance
Cloning the Directory Configuration
Starting the Server in
Referral Mode
Using the refer Command
Using the refer Command
Chapter 2 Creating
Directory
Entries
Managing Entries from
the Directory Console
Creating a Root Entry
Creating Directory Entries
Creating an Entry Using a Predefined Template
Creating Other Types of Entries
Modifying Directory Entries
Displaying the Property Editor
Adding an Object Class to an Entry
Removing an Object Class
Adding an Attribute to an Entry
Adding Very Large Attributes
Adding Attribute Values
Removing an Attribute Value
Adding an Attribute Subtype
Deleting Directory Entries
Creating a Root Entry
Creating Directory Entries
Creating an Entry Using a Predefined Template
Creating Other Types of Entries
Modifying Directory Entries
Displaying the Property Editor
Adding an Object Class to an Entry
Removing an Object Class
Adding an Attribute to an Entry
Adding Very Large Attributes
Adding Attribute Values
Removing an Attribute Value
Adding an Attribute Subtype
Deleting Directory Entries
Managing Entries from
the Command-Line
Providing Input from the Command-Line
Creating a Root Entry from the Command-Line
Adding Entries Using LDIF
Adding and Modifying Entries Using ldapmodify
Adding Entries Using ldapmodify
Modifying Entries Using ldapmodify
Deleting Entries Using ldapdelete
Using Special Characters
Providing Input from the Command-Line
Creating a Root Entry from the Command-Line
Adding Entries Using LDIF
Adding and Modifying Entries Using ldapmodify
Adding Entries Using ldapmodify
Modifying Entries Using ldapmodify
Deleting Entries Using ldapdelete
Using Special Characters
LDIF Update Statements
Adding an Entry Using LDIF
Renaming an Entry Using LDIF
A Note on Renaming Entries
Modifying an Entry Using LDIF
Adding Attributes to Existing Entries Using LDIF
Changing an Attribute Value Using LDIF
Deleting All Values of an Attribute Using LDIF
Deleting a Specific Attribute Value Using LDIF
Deleting an Entry Using LDIF
Modifying an Entry in an Internationalized Directory
Adding an Entry Using LDIF
Renaming an Entry Using LDIF
A Note on Renaming Entries
Modifying an Entry Using LDIF
Adding Attributes to Existing Entries Using LDIF
Changing an Attribute Value Using LDIF
Deleting All Values of an Attribute Using LDIF
Deleting a Specific Attribute Value Using LDIF
Deleting an Entry Using LDIF
Modifying an Entry in an Internationalized Directory
Maintaining Referential
Integrity
How Referential Integrity Works
Using Referential Integrity with Replication
Configuring the Supplier Server
Enabling/Disabling Referential Integrity
From the Directory Server Console
Recording Updates in the Change Log
From the Directory Server Console
Modifying the Update Interval
From the Directory Server Console
Modifying the Attribute List
From the Directory Server Console
How Referential Integrity Works
Using Referential Integrity with Replication
Configuring the Supplier Server
Enabling/Disabling Referential Integrity
From the Directory Server Console
Recording Updates in the Change Log
From the Directory Server Console
Modifying the Update Interval
From the Directory Server Console
Modifying the Attribute List
From the Directory Server Console
Chapter 3 Configuring Directory
Databases
Creating and
Maintaining Suffixes
Creating Suffixes
Creating a New Root Suffix Using the Console
Creating a New Sub Suffix Using the Console
Creating Root and Sub Suffixes from the Command-Line
Maintaining Suffixes
Using Referrals in a Suffix
Enabling Referrals Only During Update Operations
Disabling a Suffix
Deleting a Suffix
Creating and Maintaining Databases
Creating Databases
Creating a New Database for an Existing Suffix Using the Console
Creating a New Database for a Single Suffix from the Command-Line
Adding Multiple Databases for a Single Suffix
Adding the Custom Distribution Function to a Suffix
Maintaining Directory Databases
Placing a Database in Read-Only Mode
Deleting a Database
Configuring Transaction Log for Frequent Updates
Database Encryption
Encryption Keys
Encryption Ciphers
Configuring Database Encryption from the Console
Configuring Database Encryption Using the Command-Line
Exporting and Importing an Encrypted Database
Creating and Maintaining Database Links
Configuring the Chaining Policy
Chaining Component Operations
Chaining LDAP Controls
Creating a New Database Link
Creating a New Database Link Using the Console
Creating a Database Link from the Command-Line
Chaining Using SSL
Maintaining Database Links
Updating Remote Server Authentication Information
Deleting Database Links
Database Links and Access Control Evaluation
Advanced Feature: Tuning Database Link Performance
Managing Connections to the Remote Server
Detecting Errors During Normal Processing
Managing Threaded Operations
Advanced Feature: Configuring Cascading Chaining
Overview of Cascading Chaining
Configuring Cascading Chaining Defaults Using the Console
Configuring Cascading Chaining Using the Console
Configuring Cascading Chaining from the Command-Line
Summary of Cascading Chaining Configuration Attributes
Cascading Chaining Configuration Example
Configuring Server One
Configuring Server Two
Configuring Server Three
Using Referrals
Setting Default Referrals
Setting a Default Referral Using the Console
Setting a Default Referral from the Command-Line
Creating Smart Referrals
Creating Smart Referrals Using the Directory Server Console
Creating Smart Referrals from the Command-Line
Creating Suffix Referrals
Creating Suffix Referrals Using the Console
Creating Suffix Referrals from the Command-Line
Creating Suffixes
Creating a New Root Suffix Using the Console
Creating a New Sub Suffix Using the Console
Creating Root and Sub Suffixes from the Command-Line
Maintaining Suffixes
Using Referrals in a Suffix
Enabling Referrals Only During Update Operations
Disabling a Suffix
Deleting a Suffix
Creating and Maintaining Databases
Creating Databases
Creating a New Database for an Existing Suffix Using the Console
Creating a New Database for a Single Suffix from the Command-Line
Adding Multiple Databases for a Single Suffix
Adding the Custom Distribution Function to a Suffix
Maintaining Directory Databases
Placing a Database in Read-Only Mode
Deleting a Database
Configuring Transaction Log for Frequent Updates
Database Encryption
Encryption Keys
Encryption Ciphers
Configuring Database Encryption from the Console
Configuring Database Encryption Using the Command-Line
Exporting and Importing an Encrypted Database
Creating and Maintaining Database Links
Configuring the Chaining Policy
Chaining Component Operations
Chaining LDAP Controls
Creating a New Database Link
Creating a New Database Link Using the Console
Creating a Database Link from the Command-Line
Chaining Using SSL
Maintaining Database Links
Updating Remote Server Authentication Information
Deleting Database Links
Database Links and Access Control Evaluation
Advanced Feature: Tuning Database Link Performance
Managing Connections to the Remote Server
Detecting Errors During Normal Processing
Managing Threaded Operations
Advanced Feature: Configuring Cascading Chaining
Overview of Cascading Chaining
Configuring Cascading Chaining Defaults Using the Console
Configuring Cascading Chaining Using the Console
Configuring Cascading Chaining from the Command-Line
Summary of Cascading Chaining Configuration Attributes
Cascading Chaining Configuration Example
Configuring Server One
Configuring Server Two
Configuring Server Three
Using Referrals
Setting Default Referrals
Setting a Default Referral Using the Console
Setting a Default Referral from the Command-Line
Creating Smart Referrals
Creating Smart Referrals Using the Directory Server Console
Creating Smart Referrals from the Command-Line
Creating Suffix Referrals
Creating Suffix Referrals Using the Console
Creating Suffix Referrals from the Command-Line
Chapter 4
Populating Directory
Databases
Importing Data
Performing an Import from the Console
Initializing a Database from the Console
Importing from the Command-Line
Importing Using the ldif2db Command-Line Script
Importing Using the ldif2db.pl Perl Script
Importing Using the ldif2ldap Command-Line Script
Exporting Data
Exporting Directory Data to LDIF Using the Console
Exporting a Single Database to LDIF Using the Console
Exporting to LDIF from the Command-Line
Backing Up and Restoring Data
Backing Up All Databases
Backing Up All Databases from the Server Console
Backing Up All Databases from the Command-Line
Backing Up a Single Database
Backing Up the dse.ldif Configuration File
Restoring All Databases
Restoring All Databases from the Console
Restoring Your Database from the Command-Line
Restoring a Single Database
Restoring Databases that Include Replicated Entries
Restoring the dse.ldif Configuration File
Enabling and Disabling Read-Only Mode
Enabling Read-Only Mode
Disabling Read-Only Mode
Performing an Import from the Console
Initializing a Database from the Console
Importing from the Command-Line
Importing Using the ldif2db Command-Line Script
Importing Using the ldif2db.pl Perl Script
Importing Using the ldif2ldap Command-Line Script
Exporting Data
Exporting Directory Data to LDIF Using the Console
Exporting a Single Database to LDIF Using the Console
Exporting to LDIF from the Command-Line
Backing Up and Restoring Data
Backing Up All Databases
Backing Up All Databases from the Server Console
Backing Up All Databases from the Command-Line
Backing Up a Single Database
Backing Up the dse.ldif Configuration File
Restoring All Databases
Restoring All Databases from the Console
Restoring Your Database from the Command-Line
Restoring a Single Database
Restoring Databases that Include Replicated Entries
Restoring the dse.ldif Configuration File
Enabling and Disabling Read-Only Mode
Enabling Read-Only Mode
Disabling Read-Only Mode
Chapter 5 Advanced
Entry Management
Using Groups
Managing Static Groups
Adding a New Static Group
Modifying a Static Group
Managing Dynamic Groups
Adding a New Dynamic Group
Modifying a Dynamic Group
Using Groups
Managing Static Groups
Adding a New Static Group
Modifying a Static Group
Managing Dynamic Groups
Adding a New Dynamic Group
Modifying a Dynamic Group
Using Roles
About Roles
Managing Roles Using the Console
Creating a Managed Role
Creating a Filtered Role
Creating a Nested Role
Viewing and Editing an Entry's Roles
Modifying a Role Entry
Making a Role Inactive
Reactivating a Role
Deleting a Role
Managing Roles Using the Command-Line
Examples: Managed Role Definition
Example: Filtered Role Definition
Example: Nested Role Definition
Using Roles Securely
Assigning Class of Service
About CoS
About the CoS Definition Entry
About the CoS Template Entry
How a Pointer CoS Works
How an Indirect CoS Works
How a Classic CoS Works
Managing CoS Using the Console
Creating a New CoS
Editing an Existing CoS
Deleting a CoS
Managing CoS from the Command-Line
Creating the CoS Definition Entry from the Command-Line
Creating the CoS Template Entry from the Command-Line
Example of a Pointer CoS
Example of an Indirect CoS
Example of a Classic CoS
Creating Role-Based Attributes
Access Control and CoS
About Roles
Managing Roles Using the Console
Creating a Managed Role
Creating a Filtered Role
Creating a Nested Role
Viewing and Editing an Entry's Roles
Modifying a Role Entry
Making a Role Inactive
Reactivating a Role
Deleting a Role
Managing Roles Using the Command-Line
Examples: Managed Role Definition
Example: Filtered Role Definition
Example: Nested Role Definition
Using Roles Securely
Assigning Class of Service
About CoS
About the CoS Definition Entry
About the CoS Template Entry
How a Pointer CoS Works
How an Indirect CoS Works
How a Classic CoS Works
Managing CoS Using the Console
Creating a New CoS
Editing an Existing CoS
Deleting a CoS
Managing CoS from the Command-Line
Creating the CoS Definition Entry from the Command-Line
Creating the CoS Template Entry from the Command-Line
Example of a Pointer CoS
Example of an Indirect CoS
Example of a Classic CoS
Creating Role-Based Attributes
Access Control and CoS
Chapter
6 Managing
Access Control
Access Control Principles
ACI Structure
ACI Placement
ACI Evaluation
ACI Limitations Default ACIs
Access Control Principles
ACI Structure
ACI Placement
ACI Evaluation
ACI Limitations Default ACIs
Creating
ACIs Manually
The ACI Syntax
Example ACI
Defining Targets
Targeting a Directory Entry
Targeting Attributes
Targeting Both an Entry and Attributes
Targeting Entries or Attributes Using LDAP Filters
Targeting Attribute Values Using LDAP Filters
Targeting a Single Directory Entry
Defining Permissions
Allowing or Denying Access
Assigning Rights
Rights Required for LDAP Operations
Permissions Syntax
Access Control and the modrdn Operation
Bind Rules
Bind Rule Syntax
Defining User Access - userdn Keyword
Anonymous Access (anyone Keyword)
General Access (all Keyword)
Self Access (self Keyword)
Parent Access (parent Keyword)
LDAP URLs
Wildcards
Examples
Defining Group Access - groupdn Keyword
Examples
Defining Role Access - roledn Keyword
Defining Access Based on Value Matching
Using the userattr Keyword
Using the userattr Keyword with Inheritance
Granting Add Permission Using the userattr Keyword
Defining Access from a Specific IP Address
Defining Access from a Specific Domain
Defining Access at a Specific Time of Day or Day of Week
Examples
Defining Access Based on Authentication Method
Examples
Using Boolean Bind Rules
Creating ACIs from the Console
Displaying the Access Control Editor
Viewing Current ACIs
Creating a New ACI
Editing an ACI
Deleting an ACI
Access Control Usage Examples
Granting Anonymous Access
Granting Write Access to Personal Entries
Restricting Access to Key Roles
Granting a Group Full Access to a Suffix
Granting Rights to Add and Delete Group Entries
Granting Conditional Access to a Group or Role
Denying Access
Setting a Target Using Filtering
Allowing Users to Add or Remove Themselves from a Group
Defining Permissions for DNs that Contain a Comma
Proxied Authorization ACI Example
Viewing the ACIs for an Entry
Advanced Access Control: Using Macro ACIs
Macro ACI Example
Macro ACI Syntax
Macro Matching for ($dn)
Macro Matching for [$dn]
Macro Matching for ($attr.attrName)
Access Control and Replication
Logging Access Control Information
Compatibility with Earlier Releases
Chapter 7 User Account Management
The ACI Syntax
Example ACI
Defining Targets
Targeting a Directory Entry
Targeting Attributes
Targeting Both an Entry and Attributes
Targeting Entries or Attributes Using LDAP Filters
Targeting Attribute Values Using LDAP Filters
Targeting a Single Directory Entry
Defining Permissions
Allowing or Denying Access
Assigning Rights
Rights Required for LDAP Operations
Permissions Syntax
Access Control and the modrdn Operation
Bind Rules
Bind Rule Syntax
Defining User Access - userdn Keyword
Anonymous Access (anyone Keyword)
General Access (all Keyword)
Self Access (self Keyword)
Parent Access (parent Keyword)
LDAP URLs
Wildcards
Examples
Defining Group Access - groupdn Keyword
Examples
Defining Role Access - roledn Keyword
Defining Access Based on Value Matching
Using the userattr Keyword
Using the userattr Keyword with Inheritance
Granting Add Permission Using the userattr Keyword
Defining Access from a Specific IP Address
Defining Access from a Specific Domain
Defining Access at a Specific Time of Day or Day of Week
Examples
Defining Access Based on Authentication Method
Examples
Using Boolean Bind Rules
Creating ACIs from the Console
Displaying the Access Control Editor
Viewing Current ACIs
Creating a New ACI
Editing an ACI
Deleting an ACI
Access Control Usage Examples
Granting Anonymous Access
Granting Write Access to Personal Entries
Restricting Access to Key Roles
Granting a Group Full Access to a Suffix
Granting Rights to Add and Delete Group Entries
Granting Conditional Access to a Group or Role
Denying Access
Setting a Target Using Filtering
Allowing Users to Add or Remove Themselves from a Group
Defining Permissions for DNs that Contain a Comma
Proxied Authorization ACI Example
Viewing the ACIs for an Entry
Advanced Access Control: Using Macro ACIs
Macro ACI Example
Macro ACI Syntax
Macro Matching for ($dn)
Macro Matching for [$dn]
Macro Matching for ($attr.attrName)
Access Control and Replication
Logging Access Control Information
Compatibility with Earlier Releases
Chapter 7 User Account Management
Managing the Password
Policy
Configuring the Password Policy
Configuring a Global Password Policy Using the Console
Configuring a Subtree/User Password Policy Using the Console
Configuring a Global Password Policy Using the Command-Line
Configuring Subtree/User Password Policy Using the Command-Line
Setting User Passwords
Configuring the Account Lockout Policy
Configuring the Account Lockout Policy Using the Console
Configuring the Account Lockout Policy Using the Command-Line
Managing the Password Policy in a Replicated Environment
Inactivating Users and Roles
Inactivating User and Roles Using the Console
Inactivating User and Roles Using the Command-Line
Activating User and Roles Using the Console
Activating User and Roles Using the Command-Line
Setting Resource Limits Based on the Bind DN
Setting Resource Limits Using the Console
Setting Resource Limits Using the Command-Line
Configuring the Password Policy
Configuring a Global Password Policy Using the Console
Configuring a Subtree/User Password Policy Using the Console
Configuring a Global Password Policy Using the Command-Line
Configuring Subtree/User Password Policy Using the Command-Line
Setting User Passwords
Configuring the Account Lockout Policy
Configuring the Account Lockout Policy Using the Console
Configuring the Account Lockout Policy Using the Command-Line
Managing the Password Policy in a Replicated Environment
Inactivating Users and Roles
Inactivating User and Roles Using the Console
Inactivating User and Roles Using the Command-Line
Activating User and Roles Using the Console
Activating User and Roles Using the Command-Line
Setting Resource Limits Based on the Bind DN
Setting Resource Limits Using the Console
Setting Resource Limits Using the Command-Line
Chapter 8 Managing Replication
Replication Overview
Read-Write Replica/Read-Only Replica
Supplier/Consumer
Change Log
Unit of Replication
Replication Identity
Replication Agreement
Compatibility with Earlier Versions of Directory Server
Replication Scenarios
Single-Master Replication
Multi-Master Replication
Cascading Replication
Read-Write Replica/Read-Only Replica
Supplier/Consumer
Change Log
Unit of Replication
Replication Identity
Replication Agreement
Compatibility with Earlier Versions of Directory Server
Replication Scenarios
Single-Master Replication
Multi-Master Replication
Cascading Replication
Handling Complex
Replication Configurations
Creating the Supplier Bind DN Entry
Configuring Supplier Settings
Configuring a Read-Write Replica
Configuring a Read-Only Replica
Configuring a Hub Supplier
Creating a Replication Agreement
Creating the Supplier Bind DN Entry
Configuring Supplier Settings
Configuring a Read-Write Replica
Configuring a Read-Only Replica
Configuring a Hub Supplier
Creating a Replication Agreement
Configuring
Single-Master Replication
Configuring the Read-Only Replica on the Consumer Server
Configuring the Read-Write Replica on the Supplier Server
Initializing the Replicas for Single-Master Replication
Configuring the Read-Only Replica on the Consumer Server
Configuring the Read-Write Replica on the Supplier Server
Initializing the Replicas for Single-Master Replication
Configuring
Multi-Master Replication
Configuring 2-Way Multi-Master Replication
Configuring the Read-Only Replicas on the Consumer Servers
Configuring the Read-Write Replicas on the Supplier Servers
Initializing the Replicas for Multi-Master Replication
Configuring 4-Way Multi-Master Replication
Configuring the Read-Only Replicas on the Consumer Servers
Configuring the Read-Write Replicas on the Supplier Servers
Initializing the Replicas for Multi-Master Replication
Preventing Monopolization of the Consumer in Multi-Master Replication
Configuring 2-Way Multi-Master Replication
Configuring the Read-Only Replicas on the Consumer Servers
Configuring the Read-Write Replicas on the Supplier Servers
Initializing the Replicas for Multi-Master Replication
Configuring 4-Way Multi-Master Replication
Configuring the Read-Only Replicas on the Consumer Servers
Configuring the Read-Write Replicas on the Supplier Servers
Initializing the Replicas for Multi-Master Replication
Preventing Monopolization of the Consumer in Multi-Master Replication
Configuring Cascading
Replication
Configuring the Read-Only Replica on the Consumer Server
Configuring the Read-Only Replica on the Hub Supplier
Configuring the Read-Write Replica on the Supplier Server
Initializing the Replicas for Cascading Replication
Making a Replica Updatable
Configuring the Read-Only Replica on the Consumer Server
Configuring the Read-Only Replica on the Hub Supplier
Configuring the Read-Write Replica on the Supplier Server
Initializing the Replicas for Cascading Replication
Making a Replica Updatable
Initializing Consumers
When to Initialize a Consumer
Online Consumer Initialization Using the Console
Performing Online Consumer Initialization
Manual Consumer Initialization Using the Command-Line
Manual Consumer Initialization Overview
Exporting a Replica to LDIF
Importing the LDIF File to the Consumer Server
When to Initialize a Consumer
Online Consumer Initialization Using the Console
Performing Online Consumer Initialization
Manual Consumer Initialization Using the Command-Line
Manual Consumer Initialization Overview
Exporting a Replica to LDIF
Importing the LDIF File to the Consumer Server
Forcing Replication
Updates
Forcing Replication Updates from the Console
Forcing Replication Updates from the Command-Line
Replication over SSL
Forcing Replication Updates from the Console
Forcing Replication Updates from the Command-Line
Replication over SSL
Replication with
Earlier Releases
Configuring Directory Server as a Consumer of a Legacy Directory Server
Configuring Directory Server as a Consumer of a Legacy Directory Server
Using the Retro Change
Log Plug-in
Enabling the Retro Change Log Plug-in
Trimming the Retro Change Log
Searching and Modifying the Retro Change Log
Retro Change Log and the Access Control Policy
Enabling the Retro Change Log Plug-in
Trimming the Retro Change Log
Searching and Modifying the Retro Change Log
Retro Change Log and the Access Control Policy
Monitoring Replication
Status
Monitoring Replication Status from the Directory Server Console
Monitoring Replication Status from Administration Express
Monitoring Replication Status from the Directory Server Console
Monitoring Replication Status from Administration Express
Solving Common
Replication Conflicts
Solving Naming Conflicts
Renaming an Entry with a Multi-Valued Naming Attribute
Renaming an Entry with a Single-Valued Naming Attribute
Solving Orphan Entry Conflicts
Solving Potential Interoperability Problems
Solving Naming Conflicts
Renaming an Entry with a Multi-Valued Naming Attribute
Renaming an Entry with a Single-Valued Naming Attribute
Solving Orphan Entry Conflicts
Solving Potential Interoperability Problems
Troubleshooting
Replication-Related Problems
Interpreting Error Messages and Symptoms
Useful Tools
Chapter 9 Extending the Directory Schema
Interpreting Error Messages and Symptoms
Useful Tools
Chapter 9 Extending the Directory Schema
Managing Object Classes
Viewing Object Classes
Creating Object Classes
Editing Object Classes
Deleting Object Classes
Viewing Object Classes
Creating Object Classes
Editing Object Classes
Deleting Object Classes
Turning Schema Checking
On and Off
Chapter 10 Managing Indexes
Chapter 11 Managing SSL and SASL
Chapter 10 Managing Indexes
About Indexes
About Index Types
About Default, System, and Standard Indexes
Overview of Default Indexes
Overview of System Indexes
Overview of Standard Indexes
Overview of the Searching Algorithm
Balancing the Benefits of Indexing
About Index Types
About Default, System, and Standard Indexes
Overview of Default Indexes
Overview of System Indexes
Overview of Standard Indexes
Overview of the Searching Algorithm
Balancing the Benefits of Indexing
Creating Indexes
Creating Indexes from the Server Console
Creating Indexes from the Command-Line
Adding an Index Entry
Running the db2index.pl Script
Creating Browsing Indexes from the Server Console
Creating Browsing Indexes from the Command-Line
Adding a Browsing Index Entry
Running the vlvindex Script
Setting Access Control for VLV Information
Creating Indexes from the Server Console
Creating Indexes from the Command-Line
Adding an Index Entry
Running the db2index.pl Script
Creating Browsing Indexes from the Server Console
Creating Browsing Indexes from the Command-Line
Adding a Browsing Index Entry
Running the vlvindex Script
Setting Access Control for VLV Information
Deleting Indexes
Deleting Indexes from the Server Console
Deleting Indexes from the Command-Line
Deleting an Index Entry
Running the db2index.pl Script
Deleting Browsing Indexes from the Server Console
Deleting Browsing Indexes from the Command-Line
Deleting a Browsing Index Entry
Running the vlvindex Script
Deleting Indexes from the Server Console
Deleting Indexes from the Command-Line
Deleting an Index Entry
Running the db2index.pl Script
Deleting Browsing Indexes from the Server Console
Deleting Browsing Indexes from the Command-Line
Deleting a Browsing Index Entry
Running the vlvindex Script
Managing Indexes
Indexing Performance
Search Performance
idlistscanlimit
Backwards Compatibility and Migration
Backwards Compatibility
Migration
Attribute Name Quick Reference Table
Indexing Performance
Search Performance
idlistscanlimit
Backwards Compatibility and Migration
Backwards Compatibility
Migration
Attribute Name Quick Reference Table
Chapter 11 Managing SSL and SASL
Introduction
to SSL in the
Directory Server
Enabling SSL: Summary of Steps
Command-Line Functions for Start TLS
Enabling SSL: Summary of Steps
Command-Line Functions for Start TLS
Obtaining
and Installing
Server Certificates
Step 1: Generate a Certificate Request
Step 2: Send the Certificate Request
Step 3: Install the Certificate
Step 4: Trust the Certificate Authority
Step 5: Confirm That Your New Certificates Are Installed
Step 1: Generate a Certificate Request
Step 2: Send the Certificate Request
Step 3: Install the Certificate
Step 4: Trust the Certificate Authority
Step 5: Confirm That Your New Certificates Are Installed
Using
Certificate-Based
Authentication
Setting up Certificate-Based Authentication
Allowing/Requiring Client Authentication
Setting up Certificate-Based Authentication
Allowing/Requiring Client Authentication
Introduction
to SASL
Authentication Methods
SASL Identity Mapping
Legacy Identity Mapping
Configuring SASL Identity Mapping from the Console
Configuring SASL Identity Mapping from the Command-Line
Configuring Kerberos
Realms
Configuring the KDC Server
Example
Chapter 12 Monitoring Server and Database Activity
Chapter 13 Monitoring Directory Server Using SNMP
Authentication Methods
SASL Identity Mapping
Legacy Identity Mapping
Configuring SASL Identity Mapping from the Console
Configuring SASL Identity Mapping from the Command-Line
Configuring Kerberos
Realms
Configuring the KDC Server
Example
Chapter 12 Monitoring Server and Database Activity
Viewing and Configuring
Log Files
Defining a Log File Rotation Policy
Defining a Log File Deletion Policy
Access Log
Viewing the Access Log
Configuring the Access Log
Error Log
Viewing the Error Log
Configuring the Error Log
Audit Log
Viewing the Audit Log
Configuring the Audit Log
Manual Log File Rotation
Defining a Log File Rotation Policy
Defining a Log File Deletion Policy
Access Log
Viewing the Access Log
Configuring the Access Log
Error Log
Viewing the Error Log
Configuring the Error Log
Audit Log
Viewing the Audit Log
Configuring the Audit Log
Manual Log File Rotation
Monitoring Server
Activity
Monitoring Your Server from the Directory Server Console
Viewing the Server Performance Monitor
Overview of Server Performance Monitor Information
General Information (Server)
Resource Summary
Current Resource Usage
Connection Status
Global Database Cache Information
Monitoring Your Server from the Command-Line
Monitoring Your Server from the Directory Server Console
Viewing the Server Performance Monitor
Overview of Server Performance Monitor Information
General Information (Server)
Resource Summary
Current Resource Usage
Connection Status
Global Database Cache Information
Monitoring Your Server from the Command-Line
Monitoring Database
Activity
Monitoring Database Activity from the Server Console
Viewing Database Performance Monitors
Overview of Database Performance Monitor Information
General Information (Database)
Summary Information Table
Database Cache Information Table
Database File-Specific Table
Monitoring Databases from the Command-Line
Monitoring Database Link Activity
Monitoring Database Activity from the Server Console
Viewing Database Performance Monitors
Overview of Database Performance Monitor Information
General Information (Database)
Summary Information Table
Database Cache Information Table
Database File-Specific Table
Monitoring Databases from the Command-Line
Monitoring Database Link Activity
Chapter 13 Monitoring Directory Server Using SNMP
About
SNMP
SNMP Overview
NMS-Initiated Communication
Managed Device-Initiated Communication
Configuring the NMS Manager
SNMP Overview
NMS-Initiated Communication
Managed Device-Initiated Communication
Configuring the NMS Manager
Overview
of the Directory
Server Management Information Base
Using the MIB Browser in Windows
Operations Table
Entries Table
Interaction Table
Using the MIB Browser in Windows
Operations Table
Entries Table
Interaction Table
Setting
Up SNMP
Setting Up SNMP on Windows
Setting Up SNMP on UNIX
Configuring the AIX SNMP Daemon
Starting and Stopping the SNMP Subagent on UNIX
Setting Up SNMP on Windows
Setting Up SNMP on UNIX
Configuring the AIX SNMP Daemon
Starting and Stopping the SNMP Subagent on UNIX
Configuring
SNMP for the
Directory Server
Part 2 Plug-ins Reference
Chapter 15 Administering
Directory Server Plug-ins
Server Plug-in
Functionality Reference
7-bit Check Plug-in
ACL Plug-in
ACL Preoperation Plug-in
Binary Syntax Plug-in
Boolean Syntax Plug-in
Case Exact String Syntax Plug-in
Case Ignore String Syntax Plug-in
Chaining Database Plug-in
Class of Service Plug-in
Country String Syntax Plug-in
Distinguished Name Syntax Plug-in
Generalized Time Syntax Plug-in
Integer Syntax Plug-in
&nb
7-bit Check Plug-in
ACL Plug-in
ACL Preoperation Plug-in
Binary Syntax Plug-in
Boolean Syntax Plug-in
Case Exact String Syntax Plug-in
Case Ignore String Syntax Plug-in
Chaining Database Plug-in
Class of Service Plug-in
Country String Syntax Plug-in
Distinguished Name Syntax Plug-in
Generalized Time Syntax Plug-in
Integer Syntax Plug-in
&nb