Chapter 2 Planning for Installation and
Configuration
To install Sun Java System Delegated Administrator on Solaris systems, you must use
the Sun Java Communications Suite installer, which also installs other Communications
Suite component products.
To install and configure Delegated Administrator, follow these steps:
-
Gather Your Delegated Administrator Configuration Information
-
Run the Sun Java Communications Suite Installer
-
Run the Directory Server Setup Script
-
Configure Delegated Administrator
-
Configure Messaging Server and Calendar Server
For the most recent information about Delegated Administrator, see
the Sun Java Communications Suite Release Notes.
Gather Your Delegated Administrator Configuration Information
Delegated Administrator Components
Delegated Administrator comprises the following components:
-
Delegated Administrator Utility (client)—the
command-line interface invoked with commadmin.
Required.
You must configure the utility on all machines on which you install Delegated
Administrator.
-
Delegated Administrator Server—the
Delegated Administrator server components needed to run the Delegated Administrator
utility and console.
Required. You must configure the Delegated
Administrator server on at least one machine.
-
Delegated Administrator Console—the
Delegated Administrator graphical user interface (GUI).
Optional.
If you want to use only the Delegated Administrator utility, you do not have
to configure the console.
Web Containers
In addition, the Delegated Administrator server and console must be
deployed to a Web container. You can configure the Delegated Administrator
console and server on
-
Sun Java System Web Server 6.x
-
Sun Java System Web Server 7.x
-
Sun Java System Application Server 7.x
-
Sun Java System Application Server 8.x
Follow these guidelines:
-
The Delegated Administrator server must be deployed to the
Web container used by Access Manager.
-
You can deploy the Delegated Administrator console and server
on two different Web containers, on two different instances of the Web container,
or on the same Web container.
Configuration Information
Before configuring Delegated Administrator, you should gather configuration information.
Table 2–1 lists the configuration
options required for Delegated Administrator.
Table 2–2 lists the configuration
options for deploying on Web Server 6.x.
Table 2–3 lists the configuration
options for deploying on Web Server 7.x.
Table 2–4 lists the configuration
options for deploying on Application Server 7.x.
Table 2–5 lists the configuration
options for deploying on Application Server 8.x.
Table 2–1 Delegated Administrator: Required
Configuration Options
|
Option
|
Description
|
|
Configuration Directory
|
Directory to store configuration and data files.
|
|
Access Manager Host name
|
Host name where Access Manager is installed. The Delegated Administrator
server should be installed on the same server.
|
|
Access Manager port number
|
Port number of Access Manager. Should be the same port number as Web
Server port number.
|
|
Default domain
|
The default domain of the Top-Level Administrator. This is the domain
used when a domain is not explicitly specified by the -n option
when executing the commadmin command-line utility.
|
|
Default SSL port
|
The SSL port that is used by the Delegated Administrator client.
|
|
Access Manager Base Directory
|
The directory where Access Manager is installed. The default directory
is /opt/SUNWam.
|
|
LDAP URL
|
User and Group Directory Server LDAP URL.
|
|
Bind as
|
User and Group Directory Server Directory Manager. For example “cn=Directory
Manager”.
|
|
LDAP password
|
User and Group Directory Manager Password.
|
|
Access Manager Top-Level Administrator user ID and password
|
User ID and password for the Access Manager Top-Level Administrator
|
|
Password for the Access Manager Internal LDAP authentication user
|
User created by Access Manager. This is the BindDN user for the LDAP
service.
|
|
Organization name
|
Used to name the LDAP subtree under which all email users and groups
that belong to the default email domain are located.
|
|
Top-Level Administrator for default organization user ID and password
|
User ID and password for the Top-Level Administrator that will be created
in the default organization.
|
|
Preferred mail host for sample organizations
|
Name of the machine on which Messaging Server is installed. If you choose
to install sample organizations in your directory, you must enter the preferred
mail host.
|
Table 2–2 Web Server 6.
x Configuration
Options
|
Option
|
Description
|
|
Web Server 6.x root (instance) directory
|
Directory where the Web Server 6.x instance resides.
Files for the Web Server instance are stored in the https-host.domain directory
under the Web Server installation directory.
|
|
Web Server 6.x instance identifier
|
Fully qualified domain name for the Web Server 6.x instance.
This can be specified by a host.domain name such as west.sesta.com.
|
|
Virtual server identifier
|
Specified by a https-host.domain name
such as https-west.sesta.com.
|
|
HTTP port number
|
HTTP port number for Web Server 6.x.
|
Table 2–3 Web Server 7.
x Configuration
Options
|
Option
|
Description
|
|
Web Server root directory
|
Directory where Web Server 7.x server files are
installed. The default root directory is /opt/SUNWwbsvr7.
|
|
Web Server configuration root directory
|
Directory where the Web Server 7.x configuration
files are installed. The default configuration root directory is /var/opt/SUNWwbsvr7.
|
|
Web Server instance identifier
|
Fully qualified domain name for the Web Server 7.x instance.
This can be specified by a host.domain name such as west.sesta.com.
|
|
Virtual server identifier
|
Specified by a host.domain name such as west.sesta.com.
|
|
HTTP port number
|
HTTP port number for Web Server 7.x. The default
port number is 80.
|
|
Administration Server port number
|
Port number for the Administration Server instance for Web Server 7.x. For example: 8800.
|
|
Administration Server administrator user ID
|
User ID example: admin
|
|
Administration Server administrator password
|
Enter the password for the administrator user ID.
|
|
HTTP or HTTPS access to Administration Server instance
|
You will need to specify whether the HTTP access to the Administration
Server instance is secure or not.
|
Table 2–4 Application Server 7.
x Configuration
Options
|
Option
|
Description
|
|
Application Server installation directory
|
Directory where Application Server 7.x is installed.
By default, this directory is /opt/SUNWappserver7.
|
|
Application Server domain directory
|
By default, this directory is /var/opt/SUNWappserver7/domains/domain1.
|
|
Application Server document root directory
|
By default, this directory is /var/opt/SUNWappserver7/ \ domains/domain1/server1/docroot
|
|
Application Server instance name
|
Name of the instance. For example: server1.
|
|
Virtual server identifier
|
Name of the Application Server virtual server identifier. For example: server1.
|
|
Application Server instance HTTP port number
|
HTTP port number for the Application Server instance.
|
|
Administration Server port number
|
Port number for the Administration Server instance for Application Server
7.x. For example: 4848.
|
|
Administration Server administrator user ID and password.
|
User ID and password for the Administration Server administrator. User
ID example: admin
|
|
HTTP or HTTPS access to Administration Server instance
|
You will need to specify whether the HTTP access to the Administration
Server instance is secure or not.
|
Table 2–5 Application Server 8.
x Configuration
Options
|
Option
|
Description
|
|
Application Server installation directory
|
Directory where Application Server 8.x is installed.
By default, this directory is /opt/SUNWappserver/appserver.
|
|
Application Server domain directory
|
By default, this directory is /var/opt/SUNWappserver/domains/domain1.
|
|
Application Server document root directory
|
By default, this directory is /var/opt/SUNWappserver/domains/domain1/docroot
|
|
Application Server target name
|
Name of the instance. For example: server.
|
|
Virtual server identifier
|
Name of the Application Server virtual server identifier. For example: server.
|
|
Application Server target HTTP port number
|
HTTP port number for the Application Server target.
|
|
Administration Server port number
|
Port number for the Administration Server instance for Application Server
8.x. For example: 4849.
|
|
Administration Server administrator user ID and password.
|
User ID and password for the Administration Server administrator. User
ID example: admin
|
|
HTTP or HTTPS access to Administration Server instance
|
You will need to specify whether the HTTP access to the Administration
Server instance is secure or not.
|
Run the Sun Java Communications Suite Installer
The Communications Suite installer program installs a series of products,
shared components, and libraries that interoperate with one another.
To successfully install and configure Delegated Administrator, you need to install the
following components by running the Communications Suite installer. Alternatively,
the dependent components such as Directory Server may already be installed
on your system. If supported versions have already been installed, you do
not have to reinstall them now.
The following list includes all supported versions of the dependent
components. If you install the components with the current Communications
Suite installer, only the latest versions of these components are available.
-
Sun Java System Directory Server 5.x or 6.x. (Version 6.x
is installed with the current Communications Suite installer.)
-
Sun Java System Access Manager 6.x
or 7.x. (Version 7.x is installed with the current Communications Suite installer.)
Access Manager 7 has two installation types: Legacy Mode (the
default) and Realm Mode. Legacy Mode is compatible with Delegated Administrator.
When you run the Communications Suite installer, in the first Access
Manager panel, you must choose Legacy mode as the Install type. Do not choose
Realm mode.
Because Delegated Administrator requires you to use
LDAP Schema 2 to provision your users and groups, you need to install Access
Manager.
-
One of the following Web containers:
-
Sun Java System Web Server 6.x
-
Sun Java System Web Server 7.x (installed
with the current Communications Suite installer)
-
Sun Java System Application Server 7.x
-
Sun Java System Application Server 8.x (installed
with the current Communications Suite installer)
The Communications Suite installer also checks to make sure you have
installed Directory Server and one of the Web containers listed above.
-
One or both of Sun Java System Messaging Server and Sun Java
System Calendar Server.
Delegated Administrator is a provisioning tool for Messaging
Server and Calendar Server. Therefore, to use Delegated Administrator successfully,
you should install either or both of these applications.
See the Sun Java System Messaging Server Administration Guide for instructions
on configuring Messaging Server. See the Sun Java System Calendar
Server Administration Guide for instructions on configuring Calendar
Server.
-
Delegated Administrator
A panel in the Communications Suite installer
asks whether to install Delegated Administrator. In this panel, specify that
you want to install Delegated Administrator.
The installer installs Delegated Administrator in
a directory referred to as the da-base (for example,
the default is /opt/SUNWcomm).
For information about the Communications Suite installer, refer to the Sun Java Communications Suite Installation Guide.
Note –
If you are upgrading Delegated Administrator from a previous Sun Java version,
see the chapter called “Upgrading Delegated Administrator” in
the Sun Java Communications Suite Upgrade Guide.
Run the Directory Server Setup Script
Before configuring Delegated Administrator, Messaging Server, or Calendar Server, the Directory
Server Preparation Tool script (comm_dssetup.pl) must be
run. You only need to run the comm_dssetup.pl script once.
This script configures your LDAP Directory Server to work with Delegated Administrator,
Messaging Server, or Calendar Server configurations. The comm_dssetup.pl script prepares the Directory Server by setting up new schema,
index, and configuration data.
See the Sun Java System Messaging Server Administration Guide or
the Sun Java System Calendar Server Administration Guide for
instructions and options for the comm_dssetup.pl script.
In order to run Delegated Administrator, you must select the “Schema 2” schema
type when running the comm_dssetup.pl script.
Consolidating ACIs in the Directory
For large-scale installations with Access Manager, Messaging Server,
and an LDAP Schema 2 directory, you might want to consolidate the Access Control
Instructions (ACIs) in your directory.
When you install Access Manager with Messaging Server, a large number
of ACIs initially are installed in the directory. Many default ACIs are not
needed or used by Messaging Server. You can improve the performance of Directory
Server and, consequently, of Messaging Server look-ups, by consolidating and
reducing the number of default ACIs in the directory.
For information about how to consolidate and discard unused ACIs, see Appendix E, Consolidating ACIs for Directory Server Performance later in this guide.
Configure Delegated Administrator
After you install Delegated Administrator, run the Delegated Administrator configuration program using the
information from Gather Your Delegated Administrator Configuration Information
For information about running the configuration program, see Chapter 3, Configuring Delegated Administrator.
Configure Messaging Server and Calendar Server
See the Sun Java System Messaging Server Administration Guide for
instructions on configuring Messaging Server. See the Sun Java
System Calendar Server Administration Guide for instructions on
configuring Calendar Server.
Fazer download desta apostila em PDF (1621 KB)