How to Configure Directory Server 6 In configure later mode

Similar Messages

• How to configure debug mode in Oracle 11g ?

  I am making Oracle Argus system based on Oracle 11g DB.
  I heard there is debugging mode in Oracle DB to investigate trouble.
  How to configure debug mode in Oracle 11g ?

  Are you talking about oradebug:
  SQL> oradebug setmypid
  SQL> oradebug unlimit
  SQL> oradebug dump systemstate 266
  SQL> oradebug dump systemstate 266
  SQL> oradebug -g all hanganalyze 3 ---> g is for RAC database instances
  Thanks,
  http://gssdba.wordpress.com

• How to install directory server/client on Solaris 9 for dummys

  Hi,
  after reading hunderts of pages, after asking questions in forums without getting the right answers, i was able to install the directory server in our company.
  Here is the summary i made for myself. Perhaps it helps others to avoid the same problems.
  Set up a Directory Server (sun one ds 5.1)
  Present situation:
  -Nisplus is installed
  -Solaris OS 9 sparc 64bit is installed
  -DS5 Software is normally already installed in Solaris 9. Check off with 'pkginfo | grep IPLT*'
  -Otherwise install from Solaris OS 9 Disc1 with 'pkgadd -d IPLTxxxx .'
  -Software setup with '/usr/sbin/directoryserver setup'
       Install admin- and directory server.
       For Directory Server use port 389 (necessary for later use of SSL)
       For Admin Server use any empty port > 1024
       Run directoryserver as root (necessary for using port 389 and for -starting servers from console)
       Use default Directory Manager DN cn=Directory manager
       Use your domain as DIT (default information tree) example: dc=example, dc=com
       As second DIT, setup installs o=NetscapeRoot. Don't change this DIT at all!!!!!
  The server stores all the default schemas there which are absolutely important for the directoy
  server. Don't change anything there !
  -Configure software with 'idsconfig'
       Preferred - and default server xxx.xxx.xxx.xxx (ip_adds of your directory server)
       Use default search scope one
       Use credential's Proxy
       Use authentication Simple (you may change this later if needed)
       All the rest should remain on default settings
       You will be asked for a proxy passwort
  -Start the directoryserver console with '/usr/sbin/directoryserver startconsole'
  -If it's not yet running, start the directory server from console or with command 'directoryserver -s instance_name start'
  -If it's not yet running, start the admin server from console or with command 'directoyserver start-admin'
  -On directoryserver's gui at configuraton/password set password encryption to 'unix crypt algorithm (CRYPT)'
  Import Data
  -Get Data from Nisplus with
       'niscat passwd.org_dir passwd.ldap'
       'niscat hosts.org_dir hosts.ldap'
       'niscat groups.org_dir groups.ldap'
       etc
  -adjust the files. (try it out with one entry of a file only. You may delete this entry with the gui very easy if it's not successfull.
  -hosts.ldap must look like
  xxx.xxx.xxx.xxx machine1
  xxx.xxx.xxx.xxx machine2
  xxx.xxx.xxx.xxx machine3
       First value is the ip-address, second one is the hostname.
       If you have more than one hostname per machine, use a second line (don't write 2 names behind the ip-address like you did in nisplus!!!)
  Change content of files into ldif format
  -perl migrate_hosts.pl hosts.ldap hosts.ldif
  -perl migrate passwd.pl passwd.ldap passwd.ldif
  -You may download the above perl-Files from http://www.padl.com
  Change the converted passwd.ldif File as follows:
  -before change:
  dn: uid=mario,ou=People,dc=krinfo,dc=ch
  uid: mario
  cn: mario
  objectClass: account
  objectClass: posixAccount
  objectClass: top
  userPassword: {crypt}6O9m3uK./T/rM
  loginShell: /bin/bash
  uidNumber: 1020
  gidNumber: 14
  homeDirectory: /home/mario
  -after change:
  dn: uid=mario,ou=People,dc=krinfo,dc=ch
  uid: mario
  cn: mario
  objectClass: account
  objectClass: posixAccount
  objectClass: shadowAccount <--- this line must be inserted
  objectClass: top
  userPassword: {crypt}6O9m3uK./T/rM
  loginShell: /bin/bash
  uidNumber: 1020
  gidNumber: 14
  homeDirectory: /home/mario
  Insert the line for every entry in the passwd.ldif file
  You may now import all these xxxx.ldif files into the directory server with
  -ldapadd -h name_of_directoryserver -D "cn=Directory Manager" -w password -f XXXXX.ldif
  You may use this commands later to import further data.
  -Initialise a client
  'ldapclient -a proxyDN=cn=proxyagent,ou=profile,dc=example,dc=com init xxx.xxx.xxx.xxx'
  The xxx.xxx.xxx.xxx at the end is the ip address of the directory server
  -This will make a client with data taken from the default profile from the directory server. This profile has been produced with the earlier command idsconfig and can be changed if needed.
  -The System will ask you for the proxy password (given the first time in idsconfig dialog)
  -You may now look at the produces files
  in '/var/ldap/ldap_client_file' for the client settings
  in '/var/ldap/ldap_client_cred' for the proxy settings
  'ldapclient list' shows the settings of the client
  With 'ldaplist -h' you may see all the existing entries with their objects.
  Activate the client
  -If it's not yet running, start '/usr/lib/ldap/ldap_cachemgr'
  -All nisplus daemons/programs have been stopped by ldapclient command. If not, stop them manually.
  -/etc/nsswitch.conf should have been copied from /etc/nsswitch.ldap from ldapclient too.
  -If not, do it manually.
  example
  passwd: files ldap
  group: files ldap
  hosts ldap dns files
  etc
  I recommend to change the file '/etc/nsswitch.ldap' because the system oftens copies nsswitch.ldap to nsswitch.conf and if nsswitch.ldap is adapted, you must now change it again and again.
  you may now check whether ldap is working fine with the following requests:
  getent passwd username
  getent hosts hostname
  getent groups
  getent network
  These commands should give you the requested answer.
  Be sure to clean:
  /etc/hosts      inside is only your workstation and the directory server
  /etc/passwd     only default and local entries
  /etc/groups only default and local entries
  etc
  try a telnet to your own machine to check, whether password and automount of your home_dirctory works fine.
  I failed here. All was working fine, but the password exchange did not because of credential/authentication problems.
  Best regards and good luck
  Mario

  Directory Server 5.1 does not support Kerberos authentication.
  Beside this there are some extensions in MS kerberos authentication that makes it almost impossible to have a MS client authenticate with something else than AD.
  Regards,
  Ludovic.

• Where to download "netscape directory server 4.11 or later"

  Hi, there,
  I just want to test some ldap functions on windows 2000. I find some guys said Netscape Directory Server 4.11 is a good choice. Where can I download a evaluation version? I can't find it on Netscape.
  Thanks.

  Just go to www.iplanet.com

• How to configure SLI mode on MSI 990FXA-GD80 ?

  All Master here, first introduce my self. I'm Prince581. I have a problem with my mobo MSI 990FXA-GD80.
  two VGA Quadro FX3500 that I tide on MSI 990FXA-GD80 is not work as SLI Mode.
  My Question, how to do SLI mode on this mobo ? if there is special setting, please give me to know it. help me masters... I'm waiting for your answers. sorry if my english bad

  A full video guide can be found here:
  http://www.slizone.com/object/slizone_diy_videoguide02.htm
  Have you followed all steps, especially the last one?

• How to configure edit mode in SAP screen help(F1)

  Hi ,
       We want to enable customization option in SAP screen.
  When i open any screen in SAP , we use F1 option for help, there we will see technical options , application help and all..
  In this options we have  customization showing in display mode only, we need to change this option to change mode.
  Please let me know asap. find screen shot below.

  Hi Reagan,
  You're true, my mistake, thanks for checking.
  This might be an orphan thread after all that time... let's hope easwer rao  
  will still be there.
  easwer rao please mark the thread as answered, setting Aleh Mikhniuk's answer as correct
  Thanks

• How to download : Directory Server Resource Kit ???

  following this instrustion, but i can't find the download link of DSRK:
  http://docs.sun.com/source/816-6400-10/install.html
  this link error?:
  http://wwws.sun.com/software/download/products/3eef9a29.html
  help me plz!
  thanks!

  thanks for reading
  this link is active!!!

• Installation steps of Directory Server 6.3 in Windows 2003

  Hi All,
  I am completely new to SunOne Directory Server.
  Can anyone please tell me how to install "*Directory Server 6.3*" in Windows 2003.
  Have downloaded the file from sun's site named "*DSEE.6.3.Windows-X86-full*".
  Thanks.
  Edited by: kirti_603 on Sep 1, 2008 7:40 AM

  Hi etst123,
  Thanks a lot for ur reply.
  I have already gone through the site you have given and performed the following steps, pls correct me if I am wrong:-
  1.) Downloaded the patch for Windows - (126753-04)
  2.) After downloading the patch i got the following folders
       a) DSEE_Directory_Editor
       b) DSEE_Identity_Synchronization_for_Windows
       c) DSEE_ZIP_Distribution
       d) Legal
  3) I am trying to install in "To Install Directory Server Enterprise Edition 6.3 From Zip Distribution"
  4) After this i ran - "dsee_deploy install -i install-path options" in "c:\dsee" folder
  Its installing without any error telling
  "You can now start your Directory Server Instances
  You can now start your Directory Proxy Server Instances"
  To start Directory Server Instance have followed the below steps:-
  1) C:\tmp\dsee63\DSEE_ZIP_Distribution>cd \tmp\ds63
  2) C:\tmp\ds63> set PATH=c:\tmp\ds63\ds6\bin;c:\tmp\ds63\dsrk6\bin;%PATH%
  3) C:\tmp\ds63>dsadm create /tmp/instance
  4) C:\tmp\ds63>dsadm start /tmp/instance
  -Modify the ds-start-tls-enabled attribute that is stored in the directory server configuration.
  5). Create a file, say c:\tmp\modify.ldif which looks like:
  dn: cn=config
  changetype: modify
  replace: ds-start-tls-enabled
  ds-start-tls-enabled: on
  6). Issue an ldapmodify command something like this:
  C:\tmp>ldapmodify -h localhost -p 1389 -D "cn=Directory Manager" -w password < c:\tmp\modify.ldif
  7). Confirm modification via ldapsearch command:
  C:\tmp>ldapsearch -b "cn=config" -h localhost -p 1389 -D "cn=Directory Manager" -w password "cn=config" ds-start-tls-enabled
  8). Stop and restart the directory server instance
  C:\tmp\ds63>dsadm stop /tmp/instance
  C:\tmp\ds63>dsadm start /tmp/instance
  9). Try creating a suffix with the standard port (1389): (This is where i am gettin error)
  C:\tmp\ds63>dsconf create-suffix -h localhost -p 1389 dc=example1,dc=com
  Error= The "create-suffix" operation failed on "localhost:1389"
  Please help....
  Edited by: kirti_603 on Sep 2, 2008 12:43 AM

• Log file size in Sun Directory Server

  Does anyone have an idea about the how the Sun Directory Server's log file size will increase in size with respective to the actions performed?
  Can someone give a data regarding this? If someone has a better scenario and the supportive data w.r.t log file size it will be helpful.
  Thanks,

  AFAIK No its based on time "At a certain time, or after a specified interval, the server rotates your access logs. "
  More info in Archiving Log Files in [http://docs.sun.com/app/docs/doc/820-7985/gczxv?l=en&a=vie]
  It should be easy to write such a script to be run as a daemon in logs directory. Here is the pseudo code :
  while [1]
  do
  get size of the access/error log file
  If size of file > max_size
  <ws-install-dir>/https-<instance>/bin/rotate
  sleep for sometime
  done

• NsUniqueId in sun java directory server 6.3 EE

  Hello
  in the Directory server each user has a nsUniqueId what is the utility of such field? can be used as unique identifier by external applications? how does the directory server handles this ID? is it possible to be reused eg: creation of an user that was previously deleted. will the same ID taken for the user or will be a new one be created?
  is it recommended to use the feature? to identify an user or are there better alternatives?
  if you have any documentation i can read over the subject i will be greatly greateful.
  thank you in advance for your help

  The nsuniqueID attribute is an operational attribute that the directory uses to work with an entry through various changes. i.e. if a dn has a persons lastname and they marry... then their dn will possibly change right. So the nsuniqueID something that DS manages...but you need to be careful. You can export and import with this attribute and the value will remain the same... but... if at any point in time the directory tree changes then the nsuniqueID value will change.
  This posses a big problem if you have applications that depend on that attribute. A good way that I have seen work is that a company will create a globally unique identifier. This value is then placed within an entry and is always associated ONLY with that entry. It allows applications to depend on it while not putting constraints on possible future directory tree changes.
  Hope this helps --

• Directory server LookthroughLimit?

  How does the directory server (5.2) LookthroughLimit affect performancce? The LookthroughLimit specifies the maximum number of entries that Directory Server will check when examining candidate entries in response to a search request. I have approximatley 40k entries in our directory server. Our LookthroughLimit is set to unlimited. Our sizelimit, which specifies the maximum number of entries to return from a search operation, is set to 200. And we have enough ram to cache the all the indexes and all the entries into memory. Should the LookthroughLimit be set back to the default of 5000 because our sizelimit is set so low? Are they related? Is setting the LookthroughLimit to unlimited generally a bad idea?

  No there is no out-of-the-box way. Primarily because if you started to log to syslog or some other network logging facility, the performance of the directory server will be severly degraded.
  One can argue that the error log is a more appropiate candidate for this sort of logging since is low volume.
  Regards,
  -Wajih

• How to configure sync with my local ftp server?

  I have used XMarks since now because it hallow me to synchronize my bookmarks with my local server. Now XMarks don't work anymore because it's not more possible to synchronize the passwords.
  Any other alternative imposes to use an external server and I don't want to use an external server. My data must remain on my machine it's absolutely excluded that i use an external unknown server for this.
  The only solution must be a free solution (a real free solution) and the firefox synchronization seems to me the best/only one.
  But I've not found how to configure it to use my own server.
  So how to do it, where are the options to the synchronizer to give my own ftp server or whatever other server it needs?

  iAS 6.0 sp4 officially does only support iPlanet Directory Server 5.0 sp1 and 4.13.
  For more details visit: http://docs.iplanet.com/docs/manuals/ias/60/sp4/ig/prep.htm#42084
  I guess, you can specify the directory server during the time of installation.
  Thanks,
  Rakesh.

• How to configure multiple domains in Active directory

  HI,
  How can I configure multiple domains on Active Directory. When I installed AD it asked for a domain name, there I gave ravigupta.com as domain name. But now I find no way of creating another domain.
  I am a java developer and my task is to write a programme which returns all the domains available in LDAP server.
  To start with ,I tried to create few domains in LDAP server ( AD ) but stuck up ,as i found there could exist only one domain.
  Please tell me how to configure multiple domains in LDAP server ( Active Directory).
  I skiped DNS configuration while AD installation.
  -ravi

  I'm sorry, but you should be asking on a different forum. This has nothing to do with Java.

• How to configure the .EAR to the OC4J server step by step ?

  I have configured the JavaBean of the OC4J server with the following step:
  1.create the eosp.ear with the JDeveloper's wizard
  2.copy the eosp.ear to the OC4J Server with the Path:
  J2EE_HOME/applications/
  3.modify the server.xml and add the following words:
  <application name="eosp" path="../applications/eosp.ear" auto-start="true"/>
  4.restart the OC4J server and show the information:
  Auto-deploying eosp (New server version detected)...
  5.create the new JSP and this source code is:
  <%@ page import="com.beautybeard.eosp.common.*"%>
  <%@ page import="com.beautybeard.eosp.constant.*"%>
  6.visit the JSP and show the error information:
  Error parsing JSP page /eosp/usr_profile/login.jsp
  Syntax error in source/eosp/usr_profile/login.jsp.java:5: Package com.beautybeard.eosp.common not found in import.import com.beautybeard.eosp.common.*; ^/eosp/usr_profile/login.jsp.java:6: Package com.beautybeard.eosp.constant not found in import.import com.beautybeard.eosp.constant.*; ^2 errors
  why?
  why can not find the package?
  please help me out

  Hi Sky-
  It looks like you have a web application only.
  You need to create a war file as described above. A war file is a jar'd file containing your web components, including your javabean class files, etc. JDeveloper 9i can do this for you. You've already done the hard work. Suppose that the project you have created that contains your javabeans, etc in JDev 9i is called myproject (with myproject.jpr as the project file). Right click on the myproject.jpr in the JDev navigator and select 'new...', go to Deployment Profiles and select J2EE Web Module (WAR File) - a general screen will pop up asking you to save the deployment profile (you can just use the default if you want). Once you select OK on that, you will get a screen that calls itself the J2EE Web Module Deployment Profile Settings. This is the screen that you can use to enter your information.
  Your servlet and javabean classes will go into WEB-INF/classes subdirectory that you see to your left in this window. Simply select the WEB-INF/classes entry and it will display a list of your java sources (it will only place the compiled output in this directory - there is a toggle for it).
  Once you have specified that your javabean and servlet classes go in this directory, you should be set. Go ahead and save / close. In your navigation screen under your project (myproject.jpr or whatever your project name is) you will see your files, jsps, etc and something called webapp1.deploy (if you accepted the default). If you right-click on that, you will get a menu that asks a number of things, one of which is to Deploy to EAR file. Select that entry and it will create an ear file for you. You can play with the various settings to change the name of the ear file, but that's about all you have to do. Once this is completed, you can put the EAR file on your linux box or wherever you want, adjust your server.xml and default-web-app.xml files and launch the app!
  Good luck!
  Ray
  Hi,Ray
  Thank you for giving me the detail information!
  I'm sorry that I can not give the detail and clear problem ,which make you delusoried.
  ok,now I give you my aim.
  1. I will construct my application system with JavaBean(not EJB),Servlet,JSPs (linux+IAS+JDeveloper+Oracle8i database)
  2. I will package business function with JavaBean. example:
  * CheckLogin.java
  package com.beautybeard.eosp.javabean.usrprofile;
  import com.beautybeard.eosp.common.*;
  import com.beautybeard.eosp.data.*;
  import java.io.*;
  import java.lang.*;
  public class CheckLogin{
  public CheckLogin()
  //do nothing here
  public boolean getCheckLogin(){
  3. I will control the request and response with Servlets.
  example:
  *CheckLoginSevlet.java
  package com.beautybeard.eosp.servlet.usrprofile;
  import javax.servlet.*;
  import javax.servlet.http.*;
  import java.io.*;
  import java.util.*;
  import java.sql.*;
  import com.beautybeard.eosp.servlet.*;
  import com.beautybeard.eosp.javabean.usrprofile.*;
  public class CheckLoginServlet extends DefaultServlet
  public void service(HttpServletRequest req,HttpServletResponse res) throws IOException, ServletException
  //use the JavaBean
  CheckLogin cl = new CheckLogin();
  if (cl.getCheckLogin){
  res.sendRedirect("login.jsp");
  }else{
  res.sendRedirect("err.jsp");
  4. I will display the result with JSPs:
  example:
  <%//login.jsp%>
  <%@ page import="com.beautybeard.eosp.common.*"%>
  <%@ page import="com.beautybeard.eosp.data.*"%>
  5. I have success on running the above steps in the 9iJDevelper(pure java) environment(OS:Windows 2000 Server), and now I will move the JSPs ,Servlets,JavaBeans to the Server(linux) without the JDeveloper's deployment wizard.
  how to configure the IAS to carry my point?
  thank you!
  Sky liu

• How to configure AD and Token server (over radius) authentication

  Dear forum,
  I have a scenario where users should be allowed network access after their have given their AD credentials and a token (Blackshield Token server).
  The token server speaks over radius to the cisco ACS appliance. I have managed to get users authenticated by means of their AD credentials. I am how ever not able to use both means in order to have a successfull authentication.
  Does anyone have a configuration example for this scenario? Any help would be greatly appreciated.
  Thanks!!!

  Hi,
  I have had two deployments using this form of authentication.
  Just so we are on the same page, the token servers that I have integrated connect to an Active Directory server running NPS (MS radius), then the user will have to send their password+token and the token software will check the account password, and then the token to see if the users succeeds.
  Let me know if that is the design of your software. If it is, then all you need to do is configure the token software to run on radius and then set the policies up from there. From the network device standpoint it just needs to point to the radius server.
  Thanks,
  Tarik Admani
  *Please rate helpful posts*