Any idea on binding the iplanet directory server to portal server profile server.

Similar Messages

• Is there any hardware requirement guideline for iPlanet Directory Server?

  I plan to set up the iPlanet Directory server. I need to select the appropriate hardware platform for the DS capacity. e.g what CPU model, ram & hard disk size if entries is around 10000 etc.

  The upper limit for iDS 5.0 is 2G of RAM but for 100K users, expect about 80-85MB ldif file which correlates to about 290-300Mb importCacheSize. This means that you will need 64Mb+300Mb minimum.
  As far as network, 100BaseT is adequate but GBit or multiple 100BaseTs are better.
  SSL hardware is recommended if running securely.
  As far as processors, an Ultra60 1x440Mhz or a Dell PowerEdge 2400 1x776Mhz will work. Attaching 2x18G disk should be enough. Go with scsi over ide if possible.
  pat

• Configure the Iplanet Directory server 5.0 not to allow NULL BINDs.

  How to restrict connection of user without authentication, via a ‘Null Bind’, what I can see in access log is connection of user BIND DN=”” which I don’t want. Is there any way to come over this?

  Recall my first reply:
  In iPlanet DS 5.0 (and several other LDAP servers), there is no way to totally disable anonymous binds.
  You are never going to get that message to disappear when running that tool against iPlanet DS 5.0.
  But, if it's any comfort, that particular piece of advice it's giving you is pretty silly.
  The claim that an anonymously-readable rootDSE equates to "improper configuration" is DAFT.
  I suggest you stop paying attention to this software, and begin planning your upgrade to newer LDAP server software.
  (Incidentally, some newer LDAP servers do allow you to disable anonymous binds, but I would still advise you to ignore that audit tool, and just decide for yourself what policies make the most sense for your case).

• Any Solution if all the Active Directory Server Goes down

  Hi,
  my Both DC crashed due to some power failure, Pls help me is there any way out to recover it from Daily Backup..
  Rgrds,
  Dhanesh
  Hardware, Networking & Software

  See- Planning for Active Directory Forest Recovery
  http://technet.microsoft.com/en-us/library/planning-active-directory-forest-recovery%28v=ws.10%29.aspx
  Regards,
  Biswajit
  MCTS, MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, Enterprise Admin, ITIL F 2011
  Blog:
    Script Gallary:
    LinkedIn:
  Note: Disclaimer: This posting is provided & with no warranties or guarantees and confers no rights..

• Hello, I would like to know if you know of somebody that has developed the SQL and Exchange conector for the iPlanet Directory Server Intergration Edition (Meta Directory)? Thabk you

   

  If you are using Exchange 5.5 or later you don't really need a custom connector. Exchange has an export/import command "admin.exe" that can be used to create a csv file of your exchange users (and other info). All you'll need then is the meta UTC (Universal Text Connector).

• Are there any known issues concerning using DIGEST-MD5 SASL authentication with iPlanet Directory Server 5.0 on Windows NT 4.0?

  I am developing support for the DIGEST-MD5 sasl mechnism on a c-ldap client. I am using the evaluation version of the iPlanet Directory Server 5.0 which lists DIGEST-MD5 as a supported SASL mechanism. The server is running on NT 4.0 After installing the Directory Server with the test database, a changed the passwordStorageScheme from the default of SSHA to clear text. I then added my test user. When I run my test I always get back a resultCode of 49 (invalidCredentials). The digest-challenge I receive from the server and my digest-response are shown below. I have satisfied myself that the calculation of the response directive in the digest response is correct. Does anyone see any problems in the digest response or have any other suggestions? Is there a known problem with the iPlanet Directory Server 5.0?
  digest-challenge:
  realm="BGB2.ndp.provo.novell.com",nonce="Ed8UPLXsWaC6CN",qop="auth",algorithm=md5-sess,charset=utf-8
  digest-response:
  username="uid=bgbrown,ou=people,dc=siroe,dc=com",realm="BGB2.ndp.provo.novell.com",cnonce="A9IuPJKr30RiwL",nc=00000001,qop=auth,digest-uri="ldap/BGB2.ndp.provo.novell.com",response=97061205298e5ebaf206c8ac3598fdce,charset=utf-8,nonce="Ed8UPLXsWaC6CN"

  Found the answer. When the username is an LDAP DN it needs to be proceeded by "dn:".
  example: username="dn:uid=bgbrown,ou=people,dc=siroe,dc=com"
  The server also accepts a simple uid value.
  example: username="bgbrown"

• Backup / Journaling function for IPlanet Directory Server?

  Hi,
  does the iPlanet Directory Server provide a journaling function (logging and restore possibility of all changes made between two backups) ?
  I can�t find anything in the docs, but I somehow can�t image that this feature is not supported ...
  Thanks
  Kris

  I'd be interested to know this, as well. Did you find an answer for this?

• Question re how iPlanet Directory Server applies the Look Through Limit.

  I have a question on how iPlanet Directory Server applies the lookthrough limit...
  I am running an LDAP search on a 4.13 directory. The search filter is:
       "(&(rtrdaMaturityDate>=20020128)(rtrdaMaturityDate<=20020130))"
  rtrdaMaturityDate is an int, and indexed with pres,eq,sub
  There are 244680 entries where rtrdamaturityDate>=20020128
  383005 entries where rtrdaMaturityDate<=20020130
  484 entries which satisfy both conditions
  When the query is run as Directory Manager it just hangs (presumably it would complete eventually).
  When run as another user it gives a size limit error. The size limit and lookthrough limit on the directory are both 5000 . As the matching number of entries doesn't exceed the size limit, I think perhaps it is the lookthrough limit causing the problem...
  It looks as if it treats each part of the filter separately, building an candidate list for each, giving an error if both reach the look through limit. i.e. it does not realise that both parts of the filter could be treated together.
  Is this correct ?
  This theory is born out by the fact that if I change the value so the filter would logically return only the highest few values, the search works (i.e. as if the <= filter condition hit LTL, but the >= did not).
  Also, if I add another condition to give "(&(rtrdaIssuerBgNid=4403)(rtrdamaturityDate>=20020128)(rtrdaMaturityDate<=20020130))" then the search eventually correctly returns a single entry. (IssuerBgNid=4403 on its own gives 1004 entries).
  Can I therefore assume that a seach will only work if at least one condition in the filter gives a candidate list with less entries than the look through limit?
  Any advice on how to implement a range search like this would also be much appreciated.
  Thanks,
  Dave.

  The lookthrough limit is reached when the resulting candidate list contains more entries than the limit...
  Lookthrough limit has been implemented specifically to for Range filters (and OR filters) to avoid consuming too many resources.
  For your particular problem, you can increase the lookthrough limit... but it will affect all users and searches.
  Note that iPlanet Directory Server 5.x does provide a per User LookThrough Limit (and other limits as well), therefore you could just increase the lookthrough limit for the specific users performing these searches.
  Regards,
  Ludovic.

• What is the architecture of iplanet Directory Server Integration Edition tool?

   

  hi,
  There is no separate architecture for iDSIE.
  iPlanet Directory Server Integration Edition is an integrated solution that provides meta-directory services combined with secure, highly available directory services.Further details visit this link
  http://docs.iplanet.com/docs/manuals/dsie/50/intro/dsie-ina.htm#15695

• Last Logon Time in Iplanet Directory Server 4.1

  Hi,
  It would be great help if any one of you could let me know the attribute in Iplanet Directory Server 4.1 to get the Last Logon Time of a particular account.
  The Directory Server is on solaris.
  Thanks

  Hari,
  You can try to find it from the logfiles.
  I actually designed a plugin for this type of thing, but it's not yet implemented. It would simply write a timestamp to a user's entry after every successful bind, among other things which I won't go into detail about now...
  Oletko suomessa?
  podzap

• Error while installing iplanet directory server 5.0

  Hi I am trying to install iPlanet directory server 5.0 on my local machine.My computer name doesnot contain any domain name.it is simply like "ERT3210".
  While installing Directory server it is asking for the computer name and if i give the computer name without domain it is not accepting.And i am unable to rename my computer name suffixing domain name as it is not contained in any domain..Now How can i give the computer name to install directory server?.Its very urgent for me.It will be great help if any one give reply.

  Start/Stop Directory Server and Start/Stop Admin Server are usually present in My Computer/Manage/Services, just start or stop the service.
  Assuming the install root directory is %LDAP_ROOT%
  You could always create program icons for
  1) start/stop dirrectory server
  %LDAP_ROOT%\slapd-%COMPUTERNAME%\start-slapd.exe
  %LDAP_ROOT%\slapd-%COMPUTERNAME%\stop-slapd.exe
  2) start/stop admin server
  %LDAP_ROOT%\start-admin.exe
  %LDAP_ROOT%\stop-admin.exe
  3) SUN ONE Console (iPlanet Console)
  %LDAP_ROOT%\startconsole.exe
  Gary

• Solaris 8 and iPlanet Directory Server 5.1: Help

  Could anyone help with advice or where to find documentation of how to setup a Solaris 8 client machine to authenticate against iPlanet Directory Server 5.1? The only documentation (eg books, BluePrint articles) I can find cover iPlanet Directory 4.11 or 4.12 and a Solaris 8 client. Even the tools from the BluePrint Tools area at Sun only talk about using iPlanet Directory Server 4.11/12. Quite a lot seems to have change from iDS 4.12 to iDS5.1.
  Any help would be greatly appreciated.
  Thanks in advance,
  Stewart

  Hi Steven, I suppose that this question is identical to your other question: " Topic: solaris 8 client setup with solaris 9 ldap".
  So the answer will be the same.
  You may find what you are looking for in the following technical note: http://knowledgebase.iplanet.com/ikb/kb/articles/7966.html
  It is called: "Cookbook for Solaris 8 client with Directory Server 5.1/Solaris 9"
  Cheers / Damien.

• Info about Japanese iPlanet Directory server

  I am evaluating Japanese localized version of directory server.
  I am not able to find any document which can tell me about the
  localization of this product.
  I have following questions:
  1. What level of localization is done. Has console localized ?
  Does log messages localized.
  2. What env variables I need to set to see console GUI in Japanese
  3. Do I need to set some env variables (like $LANG) before running the start script.
  It is urgent for me, if somebody can answer these or point me to some good doc, it will great
  help to me
  Thanks
  - Bharat

  Hi,
  Info about japanese iPlanet directory Server.
  Gateway is localized for English, Japanese, French, Spanish, and German. You can configure the gateway to support additional locales.
  Language files are stored in /usr/iplanet/servers/dsgw/html/lang and /usr/iplanet/servers/dsgw/config/lang, where lang is defined in RFC1766.
  For example, language files for Japanese are stored in /usr/iplanet/servers/dsgw/html/ja and /usr/iplanet/servers/dsgw/config/ja[true]).
  Support for the character sets necessary to render a particular locale (language) must be available in the browser's configuration.

• IPlanet directory server can't start in a user account - A bug?

  I installed iplanet directory server 5.1 in Solaris 9. I am using typical install mode. I set UserA/GroupA to represent the directoy server that means the directory server instance running in this user account. After I input the user name and group name, it gives a very strange message, say "suffix must have a valid dn. Press any key to continue" After I press any key, it continue to do other setup. Once instllation done, if I try to login as that user account and start-slapd, it just give an error message, " iplanet/servers/bin/slapd/server do not have permission". I checked this directory, UserA do not have even read access to the directory.
  So is this a bug in this verion of directory server/
  Thanks,
  Iris

  It's very likely that you gave an Invalid DN for the Suffix of your directory instance...
  The setup should have asked again the DN... It looks like a problem with the setup command.
  Ludovic

• Store Print & File Server on iPlanet Directory Server?

  I've a NT 4.0 server which I'm using as both a Print & File Server. Would I be able to use iPlanet Directory Server to do the same thing?
  If I can, please explain how? or direct me to where I can know how?
  If it can't be done, is there any other way(s) I can do it?
  Thanks!

  I don't understand. iDS is not a file and print server, it is a user data and user authentication server. Do you want to use iDS for your user authentication for file and print services instead of NT 4 domains? I don't think this is possible. What is possible is using iDS as your primary data store, and using iPlanet Meta Directory to sync changes from iDS to the NT 4 domain.