|
|
This appendix describes how to install and configure LDAP directories to work with SESM. SESM is verified to run with the following directories:
This section describes how to install and configure Novell eDirectory Version 8.5 or 8.7 to work with SESM. Topics are:
When you complete the procedures described here, the NDS directory is configured as follows:
This administrative user has all required permissions to update the NDS directory schema and also to create and modify objects in the SESM container.
To install and configure NDS to work with SESM, perform the following steps. These instructions assume that you are installing NDS on a Solaris machine.
Step 2 Create an NDS directory on the Solaris machine. A typical location is /usr/nds.
Step 3 If you have an NDS tar file, place it into the directory you just created and expand it.
Step 4 Run the installation file, which is located in:
Step 5 The installation program prompts you to read and accept the License agreement.
Step 6 The installation program prompts you to choose the components to install, as follows:
In most cases, you should install all three components. To do so, enter:
Step 7 The installation program prompts you for the location of the license files. Enter:
Step 8 The installation program installs the requested packages. Then it asks whether or not you want to install the Java Runtime Environment (JRE). The JRE is required for ConsoleOne, the NDS management console. If you do not already have a suitable JRE installed on the machine, enter:
Step 9 The installation program opens the NDS server configuration file (/etc/ndscfg.inp) in a text editor. Use the editor to enter the following required information. Use the values shown below to ensure compatibility with SESM installation and sample data defaults:
Two additional fields (server IP address and Database Files directory) are optional. You do not need to enter values for them.
Step 10 Save the configuration file and quit the editor.
Step 11 The installation program prompts you for a password for the admin user. Use any password.
 |
Note The SESM installation program prompts you for the administrator name (admin) and this password when you install the SPE component. |
Step 12 The installation program concludes by prompting you to manually edit two environment variables:
Step 13 Go to the following section to enable the Allow Clear Text Passwords (NDS Version 8.5) or Require TLS for Simple Binds with Password (NDS Version 8.7) attribute. This setting is required.
For SESM to work with NDS, the Allow Clear Text Passwords (NDS Version 8.5) or Require Transport Layer Security (TLS) for Simple Binds with Password (NDS Version 8.7) attribute must be true. This NDS option allows transmission of bind requests that include passwords over nonencrypted connections. By default, only passwords exchanged over SSL connections are encrypted. The option is a property of the LDAP Group object of a server.
To set Allow Clear Text Passwords or Require TLS for Simple Binds with Password, follow these procedures:
Step 2 Log in (authenticate) to the NDS Directory as follows:
Upon successful authentication, the .SESM. icon appears in the right-hand panel.
Step 3 Enable the required attribute as follows:
Step 4 Exit ConsoleOne and proceed to SESM installation.
This section describes how to install and configure Sun ONE and iPlanet to work with SESM. Topics are:
On completion of the instructions in the following section, your Sun ONE or iPlanet directory is configured as follows:
where yourAdmin is a value you specify during container creation
To install and configure Sun ONE or iPlanet to work with SESM, perform the following steps. These instructions assume that you are installing iPlanet Version 5.0 on a Solaris 2.6 system or Sun ONE Version 5.1 SP1 on a Solaris Version 8 system.
Step 2 If you have a tar file, expand it.
Step 3 Execute the setup file. Follow the instructions in the setup program.
Step 4 When the program displays the following prompt, select the iPlanet Servers option.
Step 5 In response to subsequent prompts asking you which components to install, select all components.
Step 6 At the following prompt, we recommend that you enter the standard port 389, rather than accepting the random default port. You must know this port number later in this procedure and also during SESM installation.
Step 7 At the following prompt, accept the default value of admin.
Enter the password of your choice. This user name and password has privileges to update the directory schema. You must enter this admin ID and password later in this procedure and also during SESM installation.
Step 8 At the following prompt, enter the value o=cisco.
Step 9 At the following prompt, accept the default value of Directory Manager.
Enter the password of your choice. This user name and password has privileges to add objects to the cisco container you created in the previous step. You must enter this Directory Manager DN and password later in this procedure and also during SESM installation.
Step 10 At the following prompt, enter any port number. The configuration examples later in this procedure use the value 390.
Step 11 At the following prompt, enter a user name or accept the default value (root).
The installation process is complete. After successful installation, the iPlanet server might start automatically. If not, start it as described in the next step.
Step 12 Start the directory server by executing the following:
Step 13 Start the console by executing the following:
Step 14 Log on as follows:
The iPlanet Console window appears.
Step 15 Expand the folders in the console window until the Directory Server object appears. Select Directory Server and click Open at the top right corner of the window.
An iPlanet Directory Server window appears.
Step 16 Right-click the cisco folder. Choose New > Org Unit from the pop-up menu.
Step 17 In the Name field, enter sesm and click OK.
Step 18 Right-click the sesm object. Choose New > User from the pop-up menu. A Create New User window appears.
Step 19 Enter appropriate values in the following fields. In the UserID field, enter admin.
Step 20 Right-click the sesm object. Choose Set Access Permissions from the pop-up menu. The Manage Access Control window for ou=sesm,o=cisco appears.
Step 21 Click New. The Edit ACI window for ou=sesm,o=cisco appears.
Step 22 Enter any value for ACI Name. Click Add. The Add User & Group window appears.
Step 23 Enter admin in the search field. Click Search: The admin user appears in the top window.
Step 24 Select admin and click Add. The admin user appears in the bottom window. Click OK.
Step 25 Click Targets. Click This Entry. Click OK.
Step 26 Click OK in the Manage Access Control window.
Step 27 Exit iPlanet or Sun ONE and proceed to the SESM installation.
Posted: Wed Jan 29 09:43:10 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.