Preface
The Sun Java System Directory Server Enterprise Edition 6
2006Q1 Deployment Planning Guide contains the information that
you need to plan a directory service deployment. This guide describes the
initial decisions that you need to make on issues such as data types, access
control, and sizing. It also provides high-level examples and strategies that
you can use for the specific requirements of your enterprise.
Who Should Use This Book
This guide is primarily intended for deployment architects and business
planners responsible for the analysis and design of directory service deployments.
This guide is also useful for system integrators and other people responsible
for the design and implementation of enterprise applications.
Before You Read This Book
This guide assumes that you are familiar with the basic concepts of
LDAP directory servers and that you have read these documents:
How This Book Is Organized
This guide is based on a solution life cycle that describes the various
phases of deployment planning.
Part I provides an introduction to Directory Server Enterprise Edition and explains the steps
involved in planning a deployment (solution life cycle).
Part II describes the technical requirements analysis that must be performed
before you can begin drawing up a logical deployment architecture. Technical
requirements analysis requires an understanding of the business domain, business
objectives, and the underlying system technology.
Part III describes how to create logical architectures for Directory
Server Enterprise Edition deployments. It also provides sample logical architectures
based on typical Directory Server Enterprise Edition deployment scenarios.
Part IV discusses specialized deployment topics including the use of
LDAP-based naming services on the Solaris Operating System, Identity Synchronization for Windows,
and the deployment of a virtual directory.
Directory Server Enterprise Edition Documentation Set
This Directory Server Enterprise Edition documentation set explains how to use Sun Java System Directory Server Enterprise Edition to
evaluate, design, deploy, and administer directory services. In addition,
it shows how to develop client applications for Directory Server Enterprise Edition. The Directory Server Enterprise Edition documentation
set is available at http://docs.sun.com/coll/1224.1.
For an introduction to Directory Server Enterprise Edition, review the following documents in
the order in which they are listed.
Table P–1 Directory Server Enterprise Edition Documentation
|
Document Title
|
Contents
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Release Notes
|
Contains the latest information about Directory Server Enterprise Edition, including known problems.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Documentation Center
|
Contains links to key areas of the documentation set.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Evaluation Guide
|
Introduces the key features of this release. Demonstrates how these
features work and what they offer in the context of a fictional deployment
that you can implement on a single system.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Deployment Planning Guide
|
Explains how to plan and design highly available, highly scalable directory
services based on Directory Server Enterprise Edition. Presents the basic concepts and principles of
deployment planning and design. Discusses the solution life cycle, and provides
high-level examples and strategies to use when planning solutions based on Directory Server Enterprise Edition.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Installation Guide
|
Explains how to install the Directory Server Enterprise Edition software. Shows how to select
which components to install, configure those components after installation,
and verify that the configured components function properly.
For instructions on installing Directory Editor, go to http://docs.sun.com/coll/DirEdit_05q1.
Make sure you read the information in Sun Java System Directory Server Enterprise Edition 6.0 Release Notes concerning Directory Editor before you install Directory Editor.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Migration Guide
|
Provides instructions for upgrading components from earlier versions
of Directory Server, Directory Proxy Server, and Identity Synchronization for Windows.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide
|
Provides command-line instructions for administering Directory Server Enterprise Edition.
For hints and instructions on using the Directory Service Control Center, DSCC,
to administer Directory Server Enterprise Edition, see the online help provided in DSCC.
For instructions on administering Directory Editor, go to http://docs.sun.com/coll/DirEdit_05q1.
For instructions on installing and configuring Identity Synchronization for Windows,
see Part II, Installing Identity Synchronization for Windows, in Sun Java System Directory Server Enterprise Edition 6.0 Installation Guide.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Developer’s Guide
|
Shows how to develop server plug-ins with the APIs that are provided
as part of Directory Server Enterprise Edition.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Reference
|
Introduces the technical and conceptual foundations of Directory Server Enterprise Edition. Describes
its components, architecture, processes, and features. Also provides a reference
to the developer APIs.
|
|
Sun Java System Directory Server Enterprise Edition 6.0 Man Page Reference
|
Describes the command-line tools, schema objects, and other public interfaces
that are available through Directory Server Enterprise Edition. Individual sections of this document
can be installed as online manual pages.
|
|
Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide
|
Provides general guidelines and best practices for planning and deploying Identity Synchronization for Windows
|
Related Reading
The SLAMD Distributed Load Generation Engine (SLAMD) is a JavaTM application that is designed to stress test and analyze the
performance of network-based applications. It was originally developed by
Sun Microsystems, Inc. to benchmark and analyze the performance of LDAP directory
servers. SLAMD is available as an open source application under the Sun Public
License, an OSI-approved open source license. To obtain information about
SLAMD, go to http://www.slamd.com/. SLAMD
is also available as a java.net project. See https://slamd.dev.java.net/.
Java Naming and Directory Interface (JNDI) technology supports
accessing the Directory Server using LDAP and DSML v2 from Java applications.
For information about JNDI, see http://java.sun.com/products/jndi/. The JNDI Tutorial contains detailed
descriptions and examples of how to use JNDI. This tutorial is at http://java.sun.com/products/jndi/tutorial/.
Directory Server Enterprise Edition can be licensed as a standalone product, as a component of Sun Java Enterprise System,
as part of a suite of Sun products, such as the Sun Java Identity Management
Suite, or as an add-on package to other software products from Sun. Java Enterprise System is
a software infrastructure that supports enterprise applications distributed
across a network or Internet environment. If Directory Server Enterprise Edition was licensed as a component
of Java Enterprise System, you should be familiar with the system documentation at http://docs.sun.com/coll/1286.2.
Identity Synchronization for Windows uses Message Queue with a restricted
license. Message Queue documentation is available at http://docs.sun.com/coll/1307.2.
Identity Synchronization for Windows works with Microsoft Windows password policies.
Redistributable Files
Directory Server Enterprise Edition does not provide any files that you can redistribute.
Default Paths and Command
Locations
This section explains the default paths used in the documentation, and
gives the locations of commands on different operating systems and deployment
types.
Default Paths
The table in this section describes the default paths that are used
in this document. For full descriptions of the files installed, see also Chapter 15, Directory Server File Reference, in Sun Java System Directory Server Enterprise Edition 6.0 Reference, Chapter 26, Directory Proxy Server File Reference, in Sun Java System Directory Server Enterprise Edition 6.0 Reference,
or Appendix A, Directory Server Resource Kit File Reference, in Sun Java System Directory Server Enterprise Edition 6.0 Reference.
Table P–2 Default Paths
|
Placeholder
|
Description
|
Default Value
|
|
install-path
|
Represents the base installation directory for Directory Server Enterprise Edition software.
The software is installed in directories below this base install-path. For example, Directory Server software is installed in install-path/ds6/.
|
When you install from a zip distribution using dsee_deploy(1M), the default install-path is
the current directory. You can set the install-path using
the -i option of the dsee_deploy command.
When you install from a native package distribution, such as you would
using the Java Enterprise System installer, the default install-path is
one of the following locations:
-
Solaris systems - /opt/SUNWdsee/.
-
HP-UX systems - /opt/sun/.
-
Red Hat systems - /opt/sun/.
-
Windows systems - C:\Program Files\Sun\JavaES5\DSEE.
|
|
instance-path
|
Represents the full path to an instance of Directory Server or Directory Proxy Server.
The documentation uses /local/ds/ for Directory Server and /local/dps/ for Directory Proxy Server.
|
No default path exists. Instance paths must nevertheless always be found
on a local file system.
The following directories are recommended:
/var on Solaris systems
/global if you are using Sun Cluster
|
|
serverroot
|
Represents the parent directory of the Identity Synchronization for Windows installation
location
|
Depends on your installation. Note the concept of a serverroot no longer exists for Directory Server.
|
|
isw-hostname
|
Represents the Identity Synchronization for Windows instance directory
|
Depends on your installation
|
|
/path/to/cert8.db
|
Represents the default path and file name of the client’s
certificate database for Identity Synchronization for Windows
|
current-working-dir/cert8.db
|
|
serverroot/isw-hostname/logs/
|
Represents the default path to the Identity Synchronization for Windows local
logs for the System Manager, each connector, and the Central Logger
|
Depends on your installation
|
|
serverroot/isw-hostname/logs/central/
|
Represents the default path to the Identity Synchronization for Windows central
logs
|
Depends on your installation
|
Command Locations
The table in this section provides locations for commands that are used
in Directory Server Enterprise Edition documentation. To learn more about each of the commands, see
the relevant man pages.
Table P–3 Command Locations
|
Command
|
Java ES, Native Package Distribution
|
Zip Distribution
|
|
cacaoadm
|
Solaris -
/usr/sbin/cacaoadm
|
Solaris -
install-path/dsee6/cacao_2.0/usr/lib/cacao/bin/cacaoadm
|
|
Red Hat, HP-UX -
/opt/sun/cacao/bin/cacaoadm
|
Red Hat, HP-UX -
install-path/dsee6/cacao_2.0/cacao/bin/cacaoadm
|
|
Windows -
install-path\share\cacao_2.0\bin\cacaoadm.bat
|
Windows -
install-path\dsee6\cacao_2.0\bin\cacaoadm.bat
|
|
certutil
|
Solaris -
/usr/sfw/bin/certutil
|
install-path/dsee6/bin/certutil
|
|
Red Hat, HP-UX -
/opt/sun/private/bin/certutil
|
|
dpadm(1M)
|
install-path/dps6/bin/dpadm
|
install-path/dps6/bin/dpadm
|
|
dpconf(1M)
|
install-path/dps6/bin/dpconf
|
install-path/dps6/bin/dpconf
|
|
dsadm(1M)
|
install-path/ds6/bin/dsadm
|
install-path/ds6/bin/dsadm
|
|
dsccmon(1M)
|
install-path/dscc6/bin/dsccmon
|
install-path/dscc6/bin/dsccmon
|
|
dsccreg(1M)
|
install-path/dscc6/bin/dsccreg
|
install-path/dscc6/bin/dsccreg
|
|
dsccsetup(1M)
|
install-path/dscc6/bin/dsccsetup
|
install-path/dscc6/bin/dsccsetup
|
|
dsconf(1M)
|
install-path/ds6/bin/dsconf
|
install-path/ds6/bin/dsconf
|
|
dsee_deploy(1M)
|
Not provided
|
install-path/dsee6/bin/dsee_deploy
|
|
dsmig(1M)
|
install-path/ds6/bin/dsmig
|
install-path/ds6/bin/dsmig
|
|
entrycmp(1)
|
install-path/ds6/bin/entrycmp
|
install-path/ds6/bin/entrycmp
|
|
fildif(1)
|
install-path/ds6/bin/fildif
|
install-path/ds6/bin/fildif
|
|
idsktune(1M)
|
install-path/dsrk6/bin/idsktune
|
install-path/dsrk6/bin/idsktune
|
|
insync(1)
|
install-path/ds6/bin/insync
|
install-path/ds6/bin/insync
|
|
ns-accountstatus(1M)
|
install-path/ds6/bin/ns-accountstatus
|
install-path/ds6/bin/ns-accountstatus
|
|
ns-activate(1M)
|
install-path/ds6/bin/ns-activate
|
install-path/ds6/bin/ns-activate
|
|
ns-inactivate(1M)
|
install-path/ds6/bin/ns-inactivate
|
install-path/ds6/bin/ns-inactivate
|
|
repldisc(1)
|
install-path/ds6/bin/repldisc
|
install-path/ds6/bin/repldisc
|
|
schema_push(1M)
|
install-path/ds6/bin/schema_push
|
install-path/ds6/bin/schema_push
|
|
smcwebserver
|
Solaris, Linux, HP-UX -
/usr/sbin/smcwebserver
|
This command pertains only to Directory Service Control Center, which is not available in
the zip distribution.
|
|
Windows -
install-path\share\webconsole\bin\smcwebserver
|
|
wcadmin
|
Solaris, Linux, HP-UX -
/usr/sbin/wcadmin
|
This command pertains only to Directory Service Control Center, which is not available in
the zip distribution.
|
|
Windows -
install-path\share\webconsole\bin\wcadmin
|
Typographic Conventions
The following table describes the typographic changes that are
used in this book.
Table P–4 Typographic Conventions
|
Typeface
|
Meaning
|
Example
|
|
AaBbCc123
|
The names of commands, files, and directories, and onscreen
computer output
|
Edit your .login file.
Use ls -a to list all files.
machine_name% you have mail.
|
|
AaBbCc123
|
What you type, contrasted with onscreen computer output
|
machine_name% su
Password:
|
|
AaBbCc123
|
A placeholder to be replaced with a real name or value
|
The command to remove a file is rm
filename.
|
|
AaBbCc123
|
Book titles, new terms, and terms to be emphasized
(note that some emphasized items appear bold online)
|
Read Chapter 6 in the User's Guide.
A cache is a copy that is stored locally.
Do not save the file.
|
Shell Prompts in Command Examples
The following table shows default system prompts and superuser prompts.
Table P–5 Shell Prompts
|
Shell
|
Prompt
|
|
C shell on UNIX and Linux systems
|
machine_name%
|
|
C shell superuser on UNIX and Linux systems
|
machine_name#
|
|
Bourne shell and Korn shell on UNIX and Linux systems
|
$
|
|
Bourne shell and Korn shell superuser on UNIX and Linux systems
|
#
|
|
Microsoft Windows command line
|
C:\
|
Symbol Conventions
The following table explains symbols that might be used in this book.
Table P–6 Symbol Conventions
|
Symbol
|
Description
|
Example
|
Meaning
|
|
[ ]
|
Contains optional arguments and command options.
|
ls [-l]
|
The -l option is not required.
|
|
{ | }
|
Contains a set of choices for a required command option.
|
-d {y|n}
|
The -d option requires that you use either the y argument or the n argument.
|
|
${ }
|
Indicates a variable reference.
|
${com.sun.javaRoot}
|
References the value of the com.sun.javaRoot variable.
|
|
-
|
Joins simultaneous multiple keystrokes.
|
Control-A
|
Press the Control key while you press the A key.
|
|
+
|
Joins consecutive multiple keystrokes.
|
Ctrl+A+N
|
Press the Control key, release it, and then press the subsequent keys.
|
|
->
|
Indicates menu item selection in a graphical user interface.
|
File -> New -> Templates
|
From the File menu, choose New. From the New submenu, choose Templates.
|
Documentation, Support, and Training
The Sun web site provides information about the following additional
resources:
Third-Party Web Site References
Third-party URLs are referenced in this document and provide additional,
related information.
Note –
Sun is not responsible for the availability of third-party web
sites mentioned in this document. Sun does not endorse and is not responsible
or liable for any content, advertising, products, or other materials that
are available on or through such sites or resources. Sun will not be responsible
or liable for any actual or alleged damage or loss caused or alleged to be
caused by or in connection with use of or reliance on any such content, goods,
or services that are available on or through such sites or resources.
Searching Sun Product
Documentation
Besides searching for Sun product documentation from the docs.sun.com
web site, you can use a search engine of your choice by typing the following
syntax in the search field:
search-term site:docs.sun.com
For example, to search for Directory Server, type
the following:
"Directory Server" site:docs.sun.com
To include other Sun web sites in your search, such as java.sun.com,
www.sun.com, and developers.sun.com, use sun.com in place
of docs.sun.com in the search field.
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes your comments
and suggestions. To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the
full document title and part number. The part number is a 7-digit or 9-digit
number that can be found on the book's title page or in the document's URL.
For example, the part number of this book is 819-0992.
Download this book in PDF (2220 KB)