IBM Tivoli Directory Server: ¦w¸Ë»P°t¸m¤â¥U
198
IBM Tivoli Directory Server wPtmΓU 5.2 SC40-1893-00
-
Upload
khangminh22 -
Category
Documents
-
view
2 -
download
0
Transcript of IBM Tivoli Directory Server: ¦w¸Ë»P°t¸m¤â¥U
IBM Tivoli Directory Server
wPtmΓU
5.2
SC40-1893-00
IBM Tivoli Directory Server
wPtmΓU
5.2
SC40-1893-00
N
bΩTΣΣúºeA²\¬ 177² L, yNzU@δΩTC
@]2003 10 δ
úDsñtúAhA≤ IBM Tivoli Directory Server 5.2 AHß≥M∩C
© Copyright International Business Machines Corporation 1998, 2003. All rights reserved.
²
eÑ . . . . . . . . . . . . . . . . viiΓUA∩H . . . . . . . . . . . . . viiX . . . . . . . . . . . . . . . . vii
IBM Tivoli Directory Server w . . . . . vii÷X . . . . . . . . . . . . . viiisuWX . . . . . . . . . . . . viii
≤Uuπ . . . . . . . . . . . . . . . viiipnΘΣñ . . . . . . . . . . . . viiiΓUD . . . . . . . . . . . . . ixrΘD . . . . . . . . . . . . . ix@ttº . . . . . . . . . . . . . ix
1 tw . . . . . . . . . 1
2 ÷≤ . . . . . . . . . . 3ñsW\α . . . . . . . . . . . . 3Σ . . . . . . . . . . . . . . 6
3 wBtmPαº[ . . . . . 9qα . . . . . . . . . . . . . . . 9wºeGzipBtar P iso . . . . . . . . . 9w . . . . . . . . . . . . . . . . . 9tm . . . . . . . . . . . . . . . . . 10
4 tD . . . . . . . . . . 13ßD . . . . . . . . . . . . . . 13
Windows @tßD . . . . . . 13AIX @tßD . . . . . . . . 13xSeries Linux @tßD . . . . . 14zSeries Linux @tßD . . . . . 15iSeries P pSeries Linux @tßD 15Solaris @tßD . . . . . . . 16Hewlett-Packard UNIX (HP-UX) @tßD . . . . . . . . . . . . . . . . 17
°A]]tßD . . . . . . . . 17Windows @t°AD . . . . . . 17AIX @t°AD . . . . . . . . 18xSeries Linux @t°AD . . . . . 20zSeries Linux @t°AD . . . . . 21iSeries P pSeries Linux @t°AD 21Solaris @t°AD . . . . . . . 22HP-UX @t°AD . . . . . . . 24
Web zuπD . . . . . . . . . . . 25w Socket h (SSL) Global Security Kit (GSKit). . 27
5 qα . . . . . . . . . 29q SecureWay Directory V3.2.2 for WindowsInstallShield GUI wα . . . . . . . . . 30q SecureWay Directory V3.2.2 for AIX wα 32q Solaris M Linux SecureWay Directory 3.2.2wα . . . . . . . . . . . . . . 34
q IBM Directory Server V4.1 5.1 for Windowswα . . . . . . . . . . . . . . 36q IBM Directory Server V4.1 5.1 for AIX wα . . . . . . . . . . . . . . . . 37q IBM Directory Server 4.1 α . . . . . . 37q IBM Directory Server 5.1 DB2 8.1A32 α . . . . . . . . . . . . . . . 38q IBM Directory Server 5.1 DB2 7.2 α . . 39
q IBM Directory Server V4.1 5.1 for UNIX wα . . . . . . . . . . . . . . . . 41α Web zuπP WebSphere ApplicationServer - Express O . . . . . . . . . . 42
Windows w . . . . . . . . . . . . 42UNIX w . . . . . . . . . . . . . 43w∩ zSeries Linux w . . . . . . . . . 44
6 InstallShield GUI w 47b Windows ¡xWw . . . . . . . . . . 47wºe . . . . . . . . . . . . . . 47N IBM Tivoli Directory Server wb Windows¡xW . . . . . . . . . . . . . . . 48
b UNIX ¼¡xWw . . . . . . . . . . 51wºe . . . . . . . . . . . . . . 51N IBM Tivoli Directory Server b UNIX ¼¡xWw . . . . . . . . . . . . . . . 51
7 AIX íw IBMTivoli Directory Server. . . . . . . . 55wb RS/6000 SP ⌠ñYIºe . . . . 55SMIT w. . . . . . . . . . . . . . . 56 installp iµⁿOµw . . . . . . . . 57w GSKit . . . . . . . . . . . . . . 59]w AIX @tt . . . . . . . 59ú GSKit . . . . . . . . . . . . . 60
8 Linux íw IBMTivoli Directory Server. . . . . . . . 61w IBM Tivoli Directory Server . . . . . . . 61w GSKit . . . . . . . . . . . . . . 62ú GSKit . . . . . . . . . . . . . 63
9 Solaris íw
IBM Tivoli Directory Server . . . . . 65w IBM Tivoli Directory Server . . . . . . . 65M≤÷Y . . . . . . . . . . . . . 65tWuD IBM LDAPv . . . . . 66AdminTool w . . . . . . . . . . . . 66 pkgadd iµⁿOµw . . . . . . . 67
w GSKit . . . . . . . . . . . . . . 69ú GSKit . . . . . . . . . . . . . 69
© Copyright IBM Corp. 1998, 2003 iii
10 HP-UX íw
IBM Tivoli Directory Server . . . . . 71w IBM Tivoli Directory Server ºe . . . . . 71]wµtm . . . . . . . . . . 71
w IBM Tivoli Directory Server . . . . . . . 72w GSKit . . . . . . . . . . . . . . 73]w HP-UX t . . . . . . . . . 74ú GSKit . . . . . . . . . . . . . 74
11 b Windows ¡xWLn
w . . . . . . . . . . . . . . . 75Lnw . . . . . . . . . . . . . . 75τLnw . . . . . . . . . . . 76Lnw∩ . . . . . . . . . . 77
b Windows @tWw GSKit . . . . . . 78ú GSKit . . . . . . . . . . . . . 78
12 tm . . . . . . . . . . . . 79 IBM Tivoli Directory Server tmuπ(ldapxcfg) . . . . . . . . . . . . . . . 79]wz DN PKX . . . . . . . . . 80tmútmΩw . . . . . . . . . . 81≤Θx . . . . . . . . . . 83zr . . . . . . . . . . . . . . 84z⌡ . . . . . . . . . . . . . 84JPX LDIF Ω. . . . . . . . . . 85≈BPΩw . . . . . . . . 87
ldapcfg í . . . . . . . . . . . 88]wz DN PKX . . . . . . . . . 88tmΩw . . . . . . . . . . . . . 88≤ DB2 zKX . . . . . . . . . . 90≤Θx . . . . . . . . . . . . . 90sWr . . . . . . . . . . . . . . 90
JXΩ . . . . . . . . . . . . . 90≈BPΩw . . . . . . . . . 90 dbback ⁿO≈Ωw . . . . . . . 90 dbrestore ⁿOΩw . . . . . . 91 runstats ⁿOΩw . . . . . . 91
13 bzwPtmºß . . . . . 93²°A . . . . . . . . . . . . . 93í°AHK Web zuπ . . . 93εí°A . . . . . . . . . . . 93 Web zuπ. . . . . . . . . . . . 93
14 útmΩwPúw IBMTivoli Directory Server. . . . . . . . 95útmΩw . . . . . . . . . . . . . 95úw IBM Tivoli Directory Server . . . . . . 95 InstallShield GUI úw . . . . . . 95@tíúw . . . . . . . 96
15 ° . . . . . . . . . . 99InstallShield GUI w . . . . . . . . . . . 99ów . . . . . . . . . . . . . 100
qwóñ . . . . . . . . . . . 100tm . . . . . . . . . . . . . . . . 101
DB2 nΘvL . . . . . . . . . 102DbtmuπñiαQI . . . . 102ñtmuπΩw@PúT¼A 102ϕtmΩMΩwo Java ó . . 103b AIX Wtmuπo . . . . . 103tmíb AIX Wε . . . . . . . . . 103DB2 Aϕatm. . . . . . . . . . . 103Ωwαú . . . . . . . . . . . . 104≤tmºß°A . . . . . . 104µ÷Θxwí . . . . . . . . . . . . 104tmuπ . . . . . . . . . . . . . . 104
ú . . . . . . . . . . . . . . . . 104b Windows W slapd.cat o . . . . 104b Internet Explorer ñnJ Web zuπDx 105ΘJ Web zuπΩl . . . . . . 105Oⁿ DB2 Θx . . . . . . . . . . 106°Aúí . . . . . . . . . . . . 106τ AIX wΘ 64 . . . . . . . . 108τ AIX O 64 . . . . . . . . 108⌡µ db2start AIX 5.1 o . . . . . 109b AIX W WebSphere Application Server -Express Oo . . . . . . . . 109
α . . . . . . . . . . . . . . . . 109Web s²D . . . . . . . . . . . . 110
Microsoft Internet Explorer . . . . . . . . 110
² A. ΩwtmW . . . . . . . 111
² B. b UNIX ¡xWΣLyÑ⌠
Σ . . . . . . . . . . . . . . . 113
² C. αg°A . . . . . . . 115
² D. wBtmúw
WebSphere Application Server -Express O . . . . . . . . . . 117Γwtm WebSphere Application Server -Express O . . . . . . . . . . . . . 117w WebSphere Application Server - Express O . . . . . . . . . . . . . . . 117w Web zuπ WebSphere ApplicationServer - Express O . . . . . . . . . 117
q WebSphere Application Server - Express Oúw Web zuπ . . . . . . . . . 118WebSphere Application Server - Express Ow]≡ . . . . . . . . . . . . . . . . 118b WebSphere Application Server - Express OV5.0.2 HTTPS . . . . . . . . . . 119
² E. N Web zuπw
WebSphere . . . . . . . . . . . . 121
² F. wPtm DSML . . . . . . 123
iv IBM Tivoli Directory Server: wPtmΓU
² G. ⁿJdΩw . . . . . . . 125
² H. UTF-8 Σ . . . . . . . . . 127b≤]U∩ UTF-8 HµíH. . . . . 127°Aí . . . . . . . . . . . . . 127d . . . . . . . . . . . . . . . 127
Σ IANA r . . . . . . . . . . . 129
² I. ]w GSKit HΣ CMS ≈
Ωw . . . . . . . . . . . . . . 131
² J. ϕ /home O NFS ⁿAt
mΩw≤ /home Hm . . . . 133
² K. IBM Tivoli Directory Servertm⌡. . . . . . . . . . . . . . 135²ΩT≡ . . . . . . . . . . . . . . 135
cn=Configuration . . . . . . . . . . . 135cn=Admin . . . . . . . . . . . . . . 136cn=AdminGroup . . . . . . . . . . . . 137cn=Event Notification . . . . . . . . . . 137cn=Front End . . . . . . . . . . . . 137cn=Kerberos . . . . . . . . . . . . . 138cn=Master Server . . . . . . . . . . . 138cn=Referral . . . . . . . . . . . . . 139cn=Schemas . . . . . . . . . . . . . 139cn=IBM Directory . . . . . . . . . . . 139cn=Config Backends . . . . . . . . . . 140cn=ConfigDB. . . . . . . . . . . . . 140cn=RDBM Backends . . . . . . . . . . 140cn=Directory . . . . . . . . . . . . . 141cn=Change Log . . . . . . . . . . . . 142cn=LDCF Backends . . . . . . . . . . 143cn=SchemaDB . . . . . . . . . . . . 143cn=SSL . . . . . . . . . . . . . . 144cn=CRL . . . . . . . . . . . . . . 144cn=Transaction . . . . . . . . . . . . 145cn=Digest . . . . . . . . . . . . . . 145cn=admin audit . . . . . . . . . . . . 146cn=Audit . . . . . . . . . . . . . . 146cn=Connection Management . . . . . . . . 147
. . . . . . . . . . . . . . . . 147cn . . . . . . . . . . . . . . . . 150ibm-slapdACLCache . . . . . . . . . . 150ibm-slapdACLCacheSize . . . . . . . . . 150ibm-slapdAdminDN . . . . . . . . . . . 150ibm-slapdAdminGroupEnabled . . . . . . . 151ibm-slapdAdminPW . . . . . . . . . . . 151ibm-slapdAllowAnon . . . . . . . . . . 151ibm-slapdAllReapingThreshold . . . . . . . 151ibm-slapdAnonReapingThreshold . . . . . . . 152ibm-slapdBoundReapingThreshold . . . . . . 152ibm-slapdBulkloadErrors . . . . . . . . . 152ibm-slapdCachedAttribute . . . . . . . . . 152ibm-slapdCachedAttributeSize. . . . . . . . 152
ibm-slapdChangeLogMaxAge . . . . . . . . 153ibm-slapdChangeLogMaxEntries . . . . . . . 153ibm-slapdCLIErrors . . . . . . . . . . . 153ibm-slapdConcurrentRW . . . . . . . . . 153ibm-slapdDB2CP . . . . . . . . . . . 154ibm-slapdDBAlias . . . . . . . . . . . 154ibm-slapdDbConnections . . . . . . . . . 154ibm-slapdDbInstance . . . . . . . . . . 154ibm-slapdDbLocation . . . . . . . . . . 155ibm-slapdDbName . . . . . . . . . . . 155ibm-slapdDbUserID . . . . . . . . . . . 155ibm-slapdDbUserPW . . . . . . . . . . 155ibm-slapdDerefAliases . . . . . . . . . . 156ibm-slapdDigestAdminUser . . . . . . . . 156ibm-slapdDigestAttr . . . . . . . . . . . 156ibm-slapdDigestRealm . . . . . . . . . . 156ibm-slapdEnableEventNotification . . . . . . 157ibm-slapdEntryCacheSize . . . . . . . . . 157ibm-slapdErrorLog . . . . . . . . . . . 157ibm-slapdESizeThreshold . . . . . . . . . 157ibm-slapdEThreadActivate . . . . . . . . . 158ibm-slapdEThreadEnable . . . . . . . . . 158ibm-slapdETimeThreshold . . . . . . . . . 158ibm-slapdFilterCacheBypassLimit . . . . . . 158ibm-slapdFilterCacheSize . . . . . . . . . 159ibm-slapdIdleTimeOut . . . . . . . . . . 159ibm-slapdIncludeSchema . . . . . . . . . 159ibm-slapdSslKeyRingFilePW . . . . . . . . 160ibm-slapdKrbAdminDN . . . . . . . . . 160ibm-slapdKrbEnable. . . . . . . . . . . 160ibm-slapdKrbIdentityMap . . . . . . . . . 160ibm-slapdKrbKeyTab . . . . . . . . . . 161ibm-slapdKrbRealm . . . . . . . . . . . 161ibm-slapdLanguageTagsEnabled . . . . . . . 161ibm-slapdLdapCrlHost . . . . . . . . . . 162ibm-slapdLdapCrlPassword . . . . . . . . 162ibm-slapdLdapCrlPort . . . . . . . . . . 162ibm-slapdLdapCrlUser . . . . . . . . . . 162ibm-slapdMasterDN . . . . . . . . . . . 163ibm-slapdMasterPW . . . . . . . . . . . 163ibm-slapdMasterReferral . . . . . . . . . 163ibm-slapdMaxEventsPerConnection . . . . . . 164ibm-slapdMaxEventsTotal . . . . . . . . . 164ibm-slapdMaxNumOfTransactions . . . . . . 164ibm-slapdMaxOpPerTransaction . . . . . . . 164ibm-slapdMaxPendingChangesDisplayed . . . . 165ibm-slapdMaxTimeLimitOfTransactions. . . . . 165ibm-slapdPagedResAllowNonAdmin . . . . . . 165ibm-slapdPagedResLmt . . . . . . . . . . 165ibm-slapdPageSizeLmt . . . . . . . . . . 166ibm-slapdPlugin . . . . . . . . . . . . 166ibm-slapdPort. . . . . . . . . . . . . 167ibm-slapdPWEncryption . . . . . . . . . 167ibm-slapdReadOnly . . . . . . . . . . . 167ibm-slapdReferral . . . . . . . . . . . 167ibm-slapdReplDbConns. . . . . . . . . . 168
² v
ibm-slapdReplicaSubtree . . . . . . . . . 168ibm-slapdSchemaAdditions . . . . . . . . 168ibm-slapdSchemaCheck. . . . . . . . . . 168ibm-slapdSecurePort. . . . . . . . . . . 169ibm-slapdSecurity . . . . . . . . . . . 169ibm-slapdServerId . . . . . . . . . . . 169ibm-slapdSetenv . . . . . . . . . . . . 169ibm-slapdSizeLimit . . . . . . . . . . . 170ibm-slapdSortKeyLimit . . . . . . . . . . 170ibm-slapdSortSrchAllowNonAdmin . . . . . . 170ibm-slapdSslAuth . . . . . . . . . . . 171ibm-slapdSslCertificate . . . . . . . . . . 171ibm-slapdSslCipherSpec . . . . . . . . . 172ibm-slapdSslFIPsModeEnabled . . . . . . . 172ibm-slapdSslKeyDatabase . . . . . . . . . 172ibm-slapdSslKeyDatabasePW . . . . . . . . 172ibm-slapdSslKeyRingFile . . . . . . . . . 173
ibm-slapdStartupTraceEnabled . . . . . . . 173ibm-slapdSuffix . . . . . . . . . . . . 173ibm-slapdSupportedWebAdmVersion . . . . . 174ibm-slapdSysLogLevel . . . . . . . . . . 174ibm-slapdTimeLimit. . . . . . . . . . . 174ibm-slapdTraceMessageLevel . . . . . . . . 174ibm-slapdTraceMessageLog . . . . . . . . 175ibm-slapdTransactionEnable . . . . . . . . 175ibm-slapdUseProcessIdPw . . . . . . . . . 175ibm-slapdVersion . . . . . . . . . . . 175ibm-slapdWriteTimeout. . . . . . . . . . 175objectClass . . . . . . . . . . . . . 176
² L. N . . . . . . . . . . 177 . . . . . . . . . . . . . . . . 178
. . . . . . . . . . . . . . . 179
vi IBM Tivoli Directory Server: wPtmΓU
eÑ
σ≤íp≤wBtmúw IBM® Tivoli® Directory Server 5.2 C
Windows®BAIX®BLinux (xSeries®BzSeries®BpSeries™ M iSeries™BSolaris H
Hewlett-PackardUNIX® (HP-UX) @t¡xΣ IBM Tivoli Directory Server 5.2C
÷Σ@tΩTAHΣLnwΘDA\ 13 4
, ytDzC
ΓUA∩H
ΓUA≤tzC
X
\¬ IBM Tivoli Directory Server wíP XUCbzM
wnXºßA\ viiiysuWXzC
IBM Tivoli Directory Server w
IBM Tivoli Directory Server wñXG
IBM Tivoli Directory Server Version 5.2 Readme Addendum
Tivoli Software Library ⌠s IBM Tivoli Directory Server Version 5.2
Readme AddendumAΣñ]t Readme ñ]A½nΩTCpsu
WX÷ΩTA\ viiiysuWXzC
IBM Tivoli Directory Server 5.2 ß Readme
]t÷≤ßsΩTC
IBM Tivoli Directory Server 5.2 °A Readme
]t÷≤°AsΩTC
IBM Tivoli Directory Server 5.2 Web zuπ Readme
]t÷≤ Web zuπsΩTCo Readme iq Web zuπD
eoC
IBM Tivoli Directory Server 5.2 wPtmΓU
]tw IBM Tivoli Directory Server ßB°AMuWeb zuπv
πΩTC]Aq²e IBM Tivoli Directory Server SecureWay Directory
α÷ΩTC
IBM Tivoli Directory Server Version 5.2 Tuning Guide
]tπ°AHK∩α÷ΩTC
IBM Tivoli Directory Server 5.2 zΓU
]tzL Web zuπⁿOµ⌡µz@ⁿC
IBM Tivoli Directory Server 5.2 íΓU
]tgí÷ΩTC
IBM Tivoli Directory Server Version 5.2 C-Client SDK Programming Reference
]tg LDAP ßí÷ΩTC
© Copyright IBM Corp. 1998, 2003 vii
÷X
IBM Tivoli Directory Server ÷ΩTiHqUCXñoG
v IBM Tivoli Directory Server 5.2 Sun Microsystems úuJava RWP
² (JNDI)vßCp JNDI ß÷ΩTA\ Sun Microsystems
⌠W J a v a RWM²™ 1 . 2 . 1 S p e c i f i c a t i o nA⌠
http://java.sun.com/products/jndi/1.2/javadoc/index.htmlC
v Tivoli Software Library úU Tivoli XApBΩϕBdB⌡
MiC Tivoli Software Library ≤UC⌠G
http://www.ibm.com/software/tivoli/library/
v Tivoli Software Glossary ]A\hP Tivoli nΘ÷ºNywqCTivoli Software
Glossary iHUC Tivoli nΘw⌠¬Σ Glossary o]σGhttp://www.ibm.com/software/tivoli/library/
suWX
Tivoli nΘwñuWúúXAuiΓíσ≤µí (PDF)vM]uW
σrOyÑ (HTML)vµíGhttp://www.ibm.com/software/tivoli/libraryC
YnbwñMΣúXA÷@Uw¬ΣúΓUCMßA
MΣ÷@U Tivoli nΘΩTññúWC
ΩTOúsA]A READMEBwΓUBΓUBzΓUMoΓUC
: YnTO PDF Xα≈TCLAbuAdobe Acrobat CLv°í]ϕz÷
@U → CLYiñ÷@UXjp∩C
≤Uuπ
≤Uuπ\αi≤U¡Θ]pµúKz°AQnΘúC
búñAziH≤UNѲCbwºßAz]iHΣ
LN½@í\αC
pnΘΣñ
boDns IBM Tivoli nΘΣñºeA\ Tivoli nΘΣñ⌠G
http://www.ibm.com/software/sysmgmt/products/support/
pGznΣL≤UAUC⌠ IBM Software Support Guide íΦk
snΘΣñG
http://techsupport.services.ibm.com/guides/handbook.html
ΓUúUCΩTG
v ⁿΣ UPAD
v bΩaúPCXqXMqll≤
v pßΣñºe¼ΩTMµ
viii IBM Tivoli Directory Server: wPtmΓU
ΓUD
ΓUXDABzSϕNyM@AH@túP
ⁿOM⌠C
rΘD
ΓUUCrΘDG
Θ V°bσrB÷ΣrBB∩BJava OWH½≤ñA°Hδp
gⁿOVXjpgⁿOÑAíHΘϕC
Θ XDBHnjSϕµryí ΘC
< Θ>
]tb < > ñA < Θ> ϕC
ÑerΘ
V°bσrBtTºBΘJºσrBHⁿO∩ñA
°HδíXdBⁿOµB⌡ΘXBM²WÑAíÑe
rΘϕC
@ttº
UNIX Dⁿw⌠M²ϕkCϕ Windows ⁿOµAN
⌠ñ $variable N %variable%AN²⌠ñC@ u (/) N
u (\)CpGzOb Windows tW Bash ShellAiH UNIX DC
eÑ ix
x IBM Tivoli Directory Server: wPtmΓU
1 tw
Ynϕµ⌡µwAñ∩MµCpGzOqi
µαA!∩MµC÷ⁿ\ 29 5 , yqαzC
__ 1. TwzXCDnBwΘC
ΩT\ 13 4 , ytDzCC@@tú]tß
M°AC
t\ IBM Tivoli Directory Server 5.2 °A ReadmeBIBM Tivoli Directory
Server 5.2 ß Readme M IBM Tivoli Directory Server Version 5.2 Readme
Addendum ñsΩTC]psuWX÷ΩTA\ viii
ysuWXzC
__ 2. WzΩwC
ΩT\ 111² A, yΩwtmWzC
__ 3. pGznw°AA !Ωw IDC]b UNIX ¼¡xWA
ziHÑ¿wºßA²bltmºew IDC
ΩT\ 81ybztmºeG ! DB2 ΩwMΩwΩ
zC
__ 4. pGz@t¡xiHA InstallShield GUI w IBM Tivoli
Directory ServerCziHb WindowsBAIXBxSeries Linux M Solaris @t
W InstallShield GUIC
Y Windows ¡xA\ 47yb Windows ¡xWwzC
Y UNIX ¼¡xA\ 51yb UNIX ¼¡xWwzC
: pGznz@tíw IBM Tivoli Directory ServerA
\÷z@tCo G
v 55 7 , y AIX íw IBM Tivoli Directory
Serverz
v 61 8 , y Linux íw IBM Tivoli Directory
Serverz
v 65 9 , y Solaris íw IBM Tivoli Directory
Serverz
v 71 10 , y HP-UX íw IBM Tivoli Directory
Serverz
__ 5. b Windows WA≤t½sºßAHwínJiµnJC
__ 6. btmuπºßA]wzOW (DN) MKXC
ΩT\ 80y]wz DN PKXzC
: pGz@tíwAzqⁿOµUCΣñ@ⁿOtmG
v ldapxcfg itmuπC
v ldapcfg iⁿOµíCΩT\ 88 y
ldapcfg ízC
© Copyright IBM Corp. 1998, 2003 1
__ 7. tmuπtmΩwC
ΩT\ 82ytmΩwzC
__ 8. ]∩ⁿJdΩwHKτwPtmC
ΩT\ 125² G, yⁿJdΩwzC
__ 9. °AM Web zuπC
ΩT\ 93 13 , ybzwPtmºßzC
__ 10. p]w°A÷ΩTA\ IBM Tivoli Directory Server 5.2
zΓUC
2 IBM Tivoli Directory Server: wPtmΓU
2 ÷≤
ú÷ IBM Tivoli Directory Server ñΩ@s\αM
ΩTC
ñsW\α
IBM Tivoli Directory Server 5.2 ñ[jPºBpUG
≤ssú
InstallShield GUI wí]AUCúπXíwCo ú]iHq CD
UⁿΦíoC
v tí 2 º DB2® Universal Database 8.1 Enterprise Server Edition
(DB2)C
v Global Security Kit (GSKit) 7a CGSKit ]t±lXíwC
v WebSphere Application Server - Express O 5.0.2 C
Σ Windows Server 2003IBM Tivoli Directory Server Σ Microsoft® Windows Server 2003 @t
P°C
ub AIX Wú D SSL M≤
b²eñA@t¡xWúúuw Socket h (SSL)vMD
SSL M≤Cb IBM Tivoli Directory Server 5.2 Aub AIX W"úD
SSL M≤C
b AIX Wπ 64 °AΣ
IBM Tivoli Directory Server ub AIX Wα½ 64 [cC
SolarisBHP-UXBLinux zSeriesBLinux IntelBLinux iSeries M pSeriesAH
Windows # 32 °ACWeb zuπ]O 32 íCAIX
wLkA 32 °AF²OASDK #MiHϕ@ 32 í
C64 [ciú¬jq²αOC
:
1. 64 AIX °An AIX 5.1 ≤sC
2. Ynú 64 °AΣAαzΩwCMAzún°
ⁿM½sⁿJΩCΩT\ 29 5 , yqαzC
LDAP OΦk (RFC 2829) RFC 2829 ºwqAIBM Tivoli Directory Server 5.2 ú DIGEST-MD5
µτwÑh (Simple Authentication and Security Layer, SASL) O
ΣAHΘhw (Transport Layer Security, TLS) ΣC
TLS LDAP v3 XR (RFC 2830)TLS ²ßα≈súw≡W°AoX TLS ⁿOCp
GwF GSKitA°AKⁿnDl !Pßws
uCRFC 2830 z LDAP H≤ΦíΣ TLSC
DIGEST-MD5 SASL ≈ε (RFC 2831)RFC 2831 wqp≤ HTTP KníO (HTTP Diges t
© Copyright IBM Corp. 1998, 2003 3
Authentication, Digest) @⌠≤π SASL ]wºqT≤w SASL
≈εC]RFC 2222 wq SASLCDIGEST-MD5 Y CRAM-MD5
∩A]O@Σ WebBl≤BLDAP MΣLqT≤wµ@O≈ε
KΦíC
yÑX (RFC 2596)
RFC 2596 wq@≈εAiH²²NMyÑXPXY MyÑD
!÷pCIBM Tivoli Directory Server 5.2 Σµ@yÑX∩MyÑ
ΣC
jMl≡
bziHQ@≥ªjMl≡Coú@²ñ
tΦkCbeXñAC@rún⌡µhjM"αjMπ²C
@
IBM Tivoli Directory Server 5.2 &\zO@CoiT
OúΓP²CpAΓúαP ID
qll≤]pGo ntm¿jε@C
N°AzeúYzs
bñAIBM Directory Server nDzz ID "α⌡µ°
A@]pg@tmBε°AÑC5.2 @zs
AΣñtπzvQPMv IDCoiHKz
@µ@z ID CRoot ziHbzs ñsWú¿
C
Aw
b 5.2 W[@ΣAiε'°AⁿcN≡PAzIC
°AiHtm¿bºßL!ßC]Σ÷¼
Sw IP DN oXsuCϕu@εCñFSw]i≤°
AWtmAKi≥µ⌡µⁿCozú@ΦkAΣib
A≡ís°ACtiHzLitmA²½¡
!suC
s DN/IP s
w[j\αi²zjε(Sws DN IP sCA
@\αñsW≥µ⌡µⁿiTOz@wsvAi(s DN
M IP sAq[jFo\αC
sSwjM¡ε
bAziHw∩ⁿwDzAτDzs ¿s HAtmuX
RvjM¡εC
@Os
@ creatorsNameBcreateTimestampB lastModifiedBy MlastModifiedTime bíwOsAΣbD°A°AºííαO@PCAo bw ldif2db M bulkload íJAdb2ldif íXC
AO&\NtmPΣxsbOΘñAWiSwjM
Lo°≤jMαCϕ]tLo°≤⌡µjMAB
Lo°≤OzíΣ¼AhiHbOΘñRLo°≤F
oiHWijMαC
4 IBM Tivoli Directory Server: wPtmΓU
Wj
UCs\αWjF IBM Tivoli Directory Server G
°AΘJMΘXOⁿ
biHOⁿ°AΩΘJPΘXAHúD*R
GCbñALDAP ßíwN BER ΩX stderr
ñCs\αW[FNPµí BER Ω@íO²O
Θ lñ\αCpAKiQl≈αoΩC
Al\α
bziH°AñlΩTAúε½s°A
Cz]iHAtmlΘXilhMjpC
[j\α
sWF\h cn=monitor ΘXΩTAH*R°AαCo ²zCsΩT]A¼]p
BINDBMODIFYBCOMPAREBSEARCH Ñ*¿@p
Bu@εCBiu@íB[J°AΘxñTº
pBfΘxBⁿOµAH SSL supÑCΣñτ]
Aebiµ≤u@í⌡µⁿΣíÑΩTC
iSeries M pSeries Linux ΣLΣ
b IBM Tivoli Directory Server 5.1 í 1 ñW[Fs iSeries M pSeries
Linux ¡xΣCIBM Tivoli Directory Server 5.2 hW[F≤h iSeries M
pSeries ΣGWeb zuπbibo ¡xWAB]sWFTº
C
tMⁿ¡ ACL - P OS/390® e
w∩tⁿ¡OAW[F ACL WµP⌠ΣCoiHM IBM
Tivoli Directory Server M OS/390 LDAP Server UCeDC
v bñAIBM Tivoli Directory Server °Abgí]t÷t
ⁿ¡Oº ACL Wµ⌠≤²ΩC]Aq OS/390 °
Aúg IBM Tivoli Directory Server °A@Kó
C
v bñALkgibΓ¼°AWT⌡µ ACL zíXC
w∩ IBM Tivoli Directory Server ⌠gßíiαLkb
OS/390 °AWB@A] ACL iαú&\í¬tC
aApGíbtⁿ¡W]w ACLAw∩ OS/390 °
A⌠oßíKLkb IBM Tivoli Directory Server °
AWB@C
o\αHπ²M ACL ΣN²uIBM Directory Server
5.1 sεΩTO@v\α (ibm-slapdACLAccess) ú¡¡ε
O ACL ΣC\αµP ACL ΣúΣLs
OµO@PGBPBYC
YnP IBM Directory Server ACL í@PA]tπT ACL
ⁿw 5.1 ²NαAHúw]¬BjMM±
sDD DN group:cn=anybodyAH⌠≤Sws IDCoOFε
bαºßw]svDwa≥óCpGnAASw
DMO IBM Tivoli Directory Server znAb²ñTaⁿ
wC
2 ÷≤ 5
¡≈n] Proxy OΣ
W[F¡≈n]] LDAP Proxy vεΣCProxy vε&
\ßnDG@nwúºv¡≈BzAúnPsu÷p
ºµv¡≈BzC
°Aw]OW∩
bñAJava™ RWM² (JNDI) w]FOWCo@AY
°AñL⌠≤OWsbAOP°AαCCñW
[F@°Atm∩AiHm½ßjMnDñⁿw∩C
ApG²ñL⌠≤OW½≤sbA°AñLΦC
hDg
hDghD°Aa¼M*egΩTπg⌠⌠ChD
gDnnBOC⌠⌠yqC
Web zuπ[j\α
Web zuπ[JFUC[j\αG
v Σ OS/400® V5R3 M z/OS™ R4 LDAP °Az
v Σh½Wh½≤½≤O
v ΣI∩Ig@
v ΣhDg@
v Web zΣjí≈s\α
Σ
IBM Tivoli Directory Server 5.2 Ω@UCCMµ]AbñΩ@Cs
Ω@P (*)C
v RFC 1274 COSINE P Internet X.500 ⌡
v RFC 1777 ²sqT≤w (V2)
v RFC 1778 ykrΩϕk
v RFC 1779 OWrΩϕk
v RFC 1823 LDAP í (V2)
v RFC 2052 ≤ⁿwAm (DNS SRV) DNS RR
v RFC 2219 ⌠⌠A DNS OW
v RFC 2222 µτwÑh (SASL)
v RFC 2247 b LDAP/X.500 OWñΓ
v RFC 2251 ²sqT≤w (V3)
v RFC 2252 ²sqT≤w (V3)Gykwq
v RFC 2253 ²sqT≤w (V3)GOW UTF-8 rΩϕk
v RFC 2254 LDAP jMLo°≤rΩϕk
v RFC 2255 LDAP URL µí
v RFC 2256 ≤ LDAPv3 X.500(96) ⌡Kn
v * RFC 2596 b LDAP ñyÑX
v RFC 2696 µ*G@ LDAP ε&
v * RFC 2829 LDAP OΦk
6 IBM Tivoli Directory Server: wPtmΓU
v * RFC 2830 (V3) Θhw (TLS) XR
v * RFC 2831 DIGEST O@ SASL ≈ε
v RFC 2849 LDAP Ωµ½µí (LDIF) - NWµ
v RFC 2891 °AjMG LDAP ε&
v liPerson M liOrganization (NAC/LIPS) The Open Group ⌡
2 ÷≤ 7
8 IBM Tivoli Directory Server: wPtmΓU
3 wBtmPαº[
ní IBM Tivoli Directory Server 5.2 αBwPtmC
pGz IBM HoF²sqT≤w (LDAP)Abw IBM
Tivoli Directory Server e²NªúCpGzbSúΣL¼pU
w IBM Tivoli Directory ServerAhy¿W≡Aiα²oΓ
LkB@C
: í*@tww]w LDAP YC
qα
pGww IBMDirectory]p SecureWay® 3.1.1.5B3.2B3.2.1 3.2.2 A
O IBM Directory Server 4.1B5.1 5.1 for Linux iSeries M pSeries Ahi
µαAHOdz∩⌡wq⌠≤≤ABOdz²°AtmC
YnαzΩAbliµ IBM Tivoli Directory Server 5.2 weA²
\ 29 5 , yqαzC
i: pGzeww SecureWay Directory 3.1.1.5B3.2 3.2.1 ABQα
zΩAhbw IBM Tivoli Directory Server 5.2 ºeA²Nª 3.2.2
CziHq IBM Directory ⌠
]http://www.ibm.com/software/tivoli/products/directory-server/Uⁿ SecureWay Directory
3.2.2 C
÷q 3.1.1.5 αíA\ SecureWay Directory 3.2.2 σ≤C
wºeGzipBtar P iso
IBM Tivoli Directory Server úúFTµíGzipBtar P isoC
pGzOUⁿ zip AbzNUⁿqúßA PKZIP ºúNªú
YC
tar O@ Tape ARchive ¼CbzUⁿ tar ºßANªC
ú iso N²w CD-ROMAHKbwñCiso OMA
zL CD-ROM N²íBzA"α ! CD-ROMCbz ! CD-ROM A
TwzúOs@ iso Ω*C∩i iso ñºΩNN²b
CD-ROM ∩C
bzBzUⁿßAYi÷AϕwñwⁿAw IBM Tivoli
Directory ServerC
w
ziHbw IBM Tivoli Directory Server Awßnß°AC
© Copyright IBM Corp. 1998, 2003 9
AziHN Web zuπwb]t]ú]A°Aßí°
AWCziH Web zuπq z IBM Tivoli Directory Server °
ACziHw@ Web zDxAzh IBM Tivoli Directory Server °
AC]ziHz°AA]A SecureWay Directory 3.2.xAH IBM Directory
Server 4.1 M 5.1 Cpiⁿzπ°AMµA\ 25yWeb
zuπDzC
IBM Tivoli Directory Server 5.2 w∩CziH InstallShield í
(GUI) O¡xSwwΦk]pⁿOµ@twuπA
iµwC 47 6 , y InstallShield GUI wz ñⁿ
InstallShield GUI ⁿC
÷¡xSwwⁿA\znwº¡xwCpA\ 55
7 , y AIX íw IBM Tivoli Directory ServerzC
: HP-UX WulwΦkFiSeriesBpSeries M zSeries Linux @tFH AIX
4.3.3]ßC
÷wΘMnΘDA\ 13 4 , ytDzC
tm
ziH GUI ítmuπ (ldapxcfg) ldapcfg ⁿOµíAtm°ACYnútm°AAi ldapxcfg ldapucfg ⁿOµíC
bQw°AºßApGzϕO InstallShield GUI wAhtmuπK
i⌡µC]eúO¡xiΣ InstallShield GUICpGzúO InstallShield GUI
wAh⌡µtmuπAO ldapcfgCz²⌡µUCtm@A"α°AG
v ]w IBM Tivoli Directory Server zOW (DN) KXCziHNPb
UNIX tWwq root ID MKX@±C
v tmΩwC]Twzw² !Ωw IDCΩT\ 81
ybztmºeG ! DB2 ΩwMΩwΩzC
ldapxcfg íi⌡µUC@G
v ]w≤ IBM Tivoli Directory Server zOW (DN) KXC
v tmútmΩw
v P≤Θx
v sWúr
v bN≤ⁿJ⌡MµñAsWú⌡
v JPX LDAP Ωµ½µí (LDIF) Ω
v ≈BPΩw
pGz±wⁿOµAiHX]A ldapcfgBldapucfgBdbbackBdbrestoreBrunstatsBbulkloadBldif2db db2ldif ÑⁿOµíAKα¿Mµñ@C
10 IBM Tivoli Directory Server: wPtmΓU
ziHb 79 12 , ytmzM 95 14 , yútmΩwP
úw IBM Tivoli Directory ServerzñΣ÷ ldapxcfgBldapcfgBldapucfgBdbbackBdbrestore P runstats ΩTC
3 wBtmPαº[ 11
12 IBM Tivoli Directory Server: wPtmΓU
4 tD
Ynw IBM Tivoli Directory Server M≤Bz°AAH Global Security
Kit (GSKit)AzqúXzCtDC
ßD
UCUí IBM Tivoli Directory Server ßtDC
Windows @tßD
bwºeA²\ IBM Tivoli Directory Server 5.2 ß ReadmeAHo
Σº Windows @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme ±
b installpath\doc\lang ²U client.txtBclient.pdf M client.htm ÑAΣñG
v lang zw IBM Tivoli Directory Server ∩yÑ⌠C
v installpath IBM Tivoli Directory Server ßwbmC
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
Windows ßnwΘDpUG
@t
UC Windows @t¡xΣßG
v Microsoft Windows 2000
v Windows XP
v Windows Server 2003 °
v Windows NT® 4.0]t Service Pack 6 ≤s
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
í
pGz+Γ InstallShield GUI wATwzb TEMP ⌠ⁿw
²ñ'π 100 MB iíC
ΣLnΘ
Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
AIX @tßD
bwºeA²\ IBM Tivoli Directory Server 5.2 ß ReadmeAHo
Σº AIX @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme ±b
/usr/ldap/doc/lang ²U client.txtBclient.pdf M client.htm ÑñAΣñ lang O
ϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
© Copyright IBM Corp. 1998, 2003 13
AIX ßnwΘDpUG
@t
UC AIX ΣßG
v AIX 4.3.3
v AIX 5.1
v AIX 5.2
: ß 32 C
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
í
pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 200 MB iíC
: b AIX 4.3.3 Sú InstallShield GUIC
ΣLnΘ
v Korn Shell OnC
v b AIX 4.3.3Azw AIX Maintenance Level 8 ≤sCb AIX
5.1 WAzw AIX Maintenance Level 4 ≤sCb AIX 5.2A
zw AIX Maintenance Level 1 ≤sC
: pGzyÑ⌠SSwDAbzMztAßA½stA²≤C
v ∩≤xWyÑ⌠w bos.loc.iso.ZH_TW CAIX 4.3.3 wCΘ
ñúC
v AIX 5.1 M 5.2 W GSKit 7a n xlC.rte 6.0.0.0 ≤sC
v AIX 4.3.3 W GSKit 7a n xlC.aix43.rte 6.0.0.0 ≤sC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
xSeries Linux @tßD
bwºeA²\ IBM Tivoli Directory Server 5.2 ß ReadmeAHo
Σº Linux @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme ±b
/usr/ldap/doc/lang ²U client.txtBclient.pdf M client.htm ÑñAΣñ lang O
ϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
xSeries Linux ßnwΘDpUG
@t
UC xSeries Linux ΣßG
v Red Hat Enterprise Linux 3.0
v UnitedLinux 1.0
v SuSE Linux Enterprise Server 8
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
14 IBM Tivoli Directory Server: wPtmΓU
í
pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 200 MB iíC
ΣLnΘ
v Korn Shell OnC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
zSeries Linux @tßD
bwºeA\ IBM Tivoli Directory Server 5.2 ß ReadmeAHoΣ
º zSeries Linux @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme
±b /usr/ldap/doc/lang ²U client.txtBclient.pdf M client.htm ÑñAΣñ lang
Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
zSeries Linux ßnwΘDpUG
@t
UC zSeries Linux ΣßG
v Red Hat Enterprise Linux 3.0
v SuSE Linux Enterprise Server 8
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
ΣLnΘ
v Korn Shell OnC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
iSeries P pSeries Linux @tßD
bwºeA\ IBM Tivoli Directory Server 5.2 ß ReadmeAHoΣ
º iSeries pSeries Linux @t⌠≤≤sΩTCΣW client.txtC
≤*²ñAOzúYßM≤b²ñCbwßAß
Readme ±b /usr/ldap/doc/lang ²U client.txtBclient.pdf M client.htm Ñ
ñAΣñ lang Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
Linux ß iSeries P pSeries nUCwΘMnΘG
@t
UC Linux iSeries P pSeries ΣßG
v Red Hat Enterprise Linux 3.0
v UnitedLinux 1.0
v SuSE Linux Enterprise Server 8
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
4 tD 15
ΣLnΘ
v Korn Shell OnC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
Solaris @tßD
bwºeA²\ IBM Tivoli Directory Server 5.2 ß ReadmeAHo
Σº Solaris @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme ±b
/opt/IBMldaps/doc/lang ²U client.txtBclient.pdf M client.htm ÑñAΣñ lang
Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
Solaris ßnwΘDpUG
@t
UC Solaris ΣßG
v Solaris Operating Environment™ Software 7B8 9
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
í
pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 200 MB iíC
ΣLnΘ
v Korn Shell OnC
v TwwwrXૡ]en_US.UTF-8 1.0C
v pGz+Γ InstallShield GUI iµwAh Java 2 Runtime
Environment, v. 1.4.1 níC
YnoíA\UC SunSolve Σ⌠G
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/J2SEC
pbztWO r¼M≤÷ΩTAτ\
http://java.sun.com/j2se/1.3/font-requirements.htmlC
v Yn GSKitAnHUG
– b Solar i s 7Agsk ⌡µM SDK 2 nHUíG
106950-22B106327-18B106300-19B107834-04B107544-03B106541-24 M
106980-22C
– b S o l a r i s 8Ag s k ⌡µnHUíG1 0 8 4 3 4 - 0 2
111327-02B108991B108827 M 108528A gsk SDK 2 nG
109505-08B109508-04B109510-03 M 109513-05C
– b S o l a r i s 9Ag s k ⌡µnHUíG1 0 8 4 3 4 - 0 2
111327-02B108991B108827 M 108528Cgsk SDK2 nHUíG
109505-08B109508-04B109510-03 M 109513-05C
– n IBM JRE JDK 1.4.1 PÑ JRE JDKC
16 IBM Tivoli Directory Server: wPtmΓU
Hewlett-Packard UNIX (HP-UX) @tßD
bwºeA\ IBM Tivoli Directory Server 5.2 ß ReadmeAHoΣ
º HP-UX @t⌠≤≤sΩTCΣW client.txtC≤*
²ñAOzúYßM≤b²ñCbwßAß Readme ±b
/usr/IBMldap/doc/lang ²U client.txtBclient.pdf M client.htm ÑñAΣñ lang
Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
HP-UX ßnwΘDpUG
@t
tUCí HP-UX 11 11i iΣßG
v 2001 ' 12 δ GOLDBASE11i nΘ
v 2001 ' 12 δ GOLDAPPS11i nΘ
v í PHSS_26560
OΘ 'n 128 MB RAMC]DGA 256 MB HWC
ΣLnΘ
v Korn Shell OnC
v Yn GSKitAn Java 2 ¡x 1.4.1 HP-UX Runtime EnvironmentC
v Yn GSKitAnHUíG
– w∩ HP-UX 11Agsk ⌡µn 108434-02 111327-02B108991B108827
M 108528 ÑíFgsk SDK n 109505-08B109508-04B109510-03
M 109513-05 ÑíC
– w∩ HP-UX 11iAgsk ⌡µn PHSS_26946 íC
°A]]tßD
UCUíw°AtDCo D]AßDC
Windows @t°AD
bwºeA\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo÷
Σº Windows @t⌠≤≤sΩTCReadme ≤*²ñAO
zúY°AM≤b²ñCbwßAReadme ±b installpath\doc\lang
²U server.txtBserver.pdf M server.htm ÑAΣñG
v installpath IBM Tivoli Directory Server wmC
v lang zw IBM Tivoli Directory Server ∩yÑ⌠CHcΘñσA
ΣyÑ⌠ zh_TWC
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
Windows °AnwΘDpUG
@t
UC Windows Σ°AG
4 tD 17
v Windows 2000
v Windows Server 2003A°
v Windows NT 4.0]t Service Pack 6 ≤sFwΣhn
Windows NT t (NTFS)C
OΘ 'n 256 MB RAMC]DGA 512 MB HWC
í
v pGz+Γ InstallShield GUI wATwzb TEMP ⌠ⁿ
w²ñ'π 100 MB iíC
v pGzww DB2Ah 25 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 110 MBC
v xsΩníAM≤ΩwqMjpCb Windows
tW'd 80 MB zΩwCtA]&\ 2 3 MB
íA ! DB2 ΩC\ IBM Tivoli Directory Server 5.2
°A Readme M IBM Tivoli Directory Server Version 5.2 Readme
AddendumAHoΩwDs≤C]psuWX÷
ΩTA\ viiiysuWXzC
ΣLnΘ
v DB2 CΣhAtí 5 ≤s DB2 7.2 C IBM
Tivoli Directory Server HOtí 2 DB2 8.1 Enterprise
Server EditionApGbztWΣ DB2 AKwH
CpGztwO± DB2 7.2 ]tí 5
Ah²ú ßAAw IBM Tivoli Directory Server 5.2 C
i: pGzww SecureWay Directory Abú DB2 º
eA²\¬PΘ 29 5 , yqαzñαCpG
zbαºeú DB2ANóhΩC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
AIX @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº AIX @t⌠≤≤sΩTCΣW server.txtC≤*
²ñAOzúY°AM≤b²ñCbwßAReadme ±b
/usr/ldap/doc/lang ²U server.txtBserver.pdf M server.htm ÑñAΣñ lang O
ϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
AIX °AnwΘDpUG
@t
UC AIX Σ°AG
v AIX 5.1
v AIX 5.2
: AIX 4.3.3 úΣ°AC
18 IBM Tivoli Directory Server: wPtmΓU
OΘ 'n 512 MB RAMC]DGA 1 GB HWC
í
v pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 400 MB iíC
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]TwΩwº
l²ñt 4 MB íAHK ! DB2 ΩC]o
²qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLwΘ
zb 64 wΘW⌡µCpzwΘO 64 ÷Ω
TA\ 108yτ AIX wΘ 64 zC
ΣLnΘ
v z⌡µ 64 CpO⌡µ 64 ÷ΩTA
\ 108yτ AIX O 64 zC
v Korn Shell OnC
v b AIX 5.1 WAzw AIX Maintenance Level 4 ≤sCb
AIX 5.2Azw AIX Maintenance Level 1 ≤sC
: pGzyÑ⌠SSwDAbzMztAßA½stA²≤C
v GSKit 7a n xlC.aix50.rte 6.0.0.0 ≤sC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
ΣL TwwDPB I/OCΩT\ 109y⌡µ db2start AIX
5.1 ozC
v IBM Tivoli Directory Server Htí 2 (DB2) DB2 Universal Database for
AIX 8.1 Enterprise Server EditionAb AIXAúΣ⌠≤ DB2C
:
1. pGzww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 AO IBM
Directory Server 4.1 5.1Abzú DB2 eA²\¬PΘ 29
5 , yqαzñαC
2. pGzn z DB2 hATwzOϕ DB2 αiµ]n
DzεíCpGz²°AB≤P⌡µ¼AAzb½s
w IBM Tivoli Directory Server Uúw DB2A²°ANLkC
4 tD 19
xSeries Linux @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº Linux ⌠≤≤sΩTCΣW server.txtC≤*²ñA
OzúY°AM≤b²ñCbwßA°A Readme ±b
/usr/ldap/doc/lang ²U server.txtBserver.pdf M server.htm ÑñAΣñ lang O
ϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
xSeries Linux °AnwΘDpUG
@t
UC xSeries Linux Σ°AG
v UnitedLinux 1.0]]A SP2
v SuSE Linux Enterprise Server 8
v Red Hat Enterprise Linux 3.0
OΘ 'n 256 MB RAMC]DGA 512 MB HWC
í
v pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 400 MB iíC
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]bΩwº
l²ñtOd 4 MB íAHK ! DB2 ΩC]o²
qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLnΘ
v Korn Shell OnC
v ÷M]Σtí 5 DB2 7.2 ≤sA²Otí 2
(DB2) DB2 Universal Database for Linux 8.1 Enterprise Server EditionA
]Hb IBM Tivoli Directory Server ñC
i: pGzww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 A
O IBM Directory Server 4.1 5.1Abzú DB2 eA²\
¬PΘ 29 5 , yqαzñαCpGzbαº
eú DB2ANóhΩC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
20 IBM Tivoli Directory Server: wPtmΓU
zSeries Linux @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº zSeries Linux ⌠≤≤sΩTCΣW server.txtC≤*
²ñAOzúY°AM≤b²ñCbwßA°A Readme ±b
/usr/ldap/doc/lang ²U server.txtBserver.pdf M server.htm ÑñAΣñ lang O
ϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
zSeries Linux °AnwΘDpUG
@t
UC zSeries Linux Σ°AG
v SuSE Linux Enterprise Server 8
v Red Hat Enterprise Server 3.0
OΘ 'n 256 MB RAMC]DGA 512 MB HWC
í
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]bΩwº
l²ñtOd 4 MB íAHK ! DB2 ΩC]o²
qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLnΘ
v Korn Shell OnC
v ÷M]Σtí 5 DB2 7.2 ≤sA²Otí 2
(DB2) DB2 Universal Database for Linux 8.1 Enterprise Server EditionA
]Hb IBM Tivoli Directory Server ñC
i: pGzww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 A
O IBM Directory Server 4.1 5.1Abzú DB2 eA²\
¬PΘ 29 5 , yqαzñαCpGzbαº
eú DB2ANóhΩC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
iSeries P pSeries Linux @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº iSeries M pSeries Linux ⌠≤≤sΩTCΣW server.txtC
≤*²ñAOzúY°AM≤b²ñCbwßA°A
4 tD 21
Readme ±b /usr/ldap/doc/lang ²U server.txtBserver.pdf M server.htm Ñ
ñAΣñ lang Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
iSeries P pSeries Linux °AnwΘDpUG
@t
UC iSeries M pSeries Linux Σ°AG
v Red Hat Enterprise Server 3.0
v SuSE Linux Enterprise Server 8C
OΘ 'n 256 MB RAMC]DGA 512 MB HWC
í
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]bΩwº
l²ñtOd 4 MB íAHK ! DB2 ΩC]o²
qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLnΘ
v Korn Shell OnC
v ÷M]Σtí 5 DB2 7.2 ≤sA²Otí 2
(DB2) DB2 Universal Database for Linux 8.1 Enterprise Server EditionA
]Hb IBM Tivoli Directory Server ñC
i: pGzww IBM Directory Server 5.1 for Linux iSeries M pSeriesA
bzú DB2 ºeA²\¬PΘ 29 5 , yq
αzñαCpGzbαºeú DB2ANóhΩC
v Yn GSKitAn IBM JRE JDK 1.4.1APÑ JRE JDKC
Solaris @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº Solaris ⌠≤≤sΩTCΣW server.txtC≤*²
ñAOzúY°AM≤b²ñCbwßA°A Readme ±b
/opt/IBMldaps/doc/lang ²U server.txtBserver.pdf M server.htm ÑñAΣñ lang
Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
Solaris °AnwΘDpUG
22 IBM Tivoli Directory Server: wPtmΓU
@t
UC Solaris Σ°AG
v Solaris Operating Environment Software 8 9
OΘ 'n 256 MB RAMC]DGA 512 MBC
í
v pGz+Γ InstallShield GUI wATwzb /var ²ñ'π
100 MB iíAB /tmp ²' 400 MB iíC
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]bΩwº
l²ñtOd 4 MB íAHK ! DB2 ΩC]o²
qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLnΘ
v Korn Shell OnC
v TwwwrXૡ]en_US.UTF-8 1.0C
v ApGz+Γ InstallShield GUI wAOtmuπtmA
h Java 2 Runtime Environment, v. 1.4.1 níC
YnoíA\UC SunSolve Σ⌠G
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/J2SEC
pbztWO r¼M≤÷ΩTAτ\
http://java.sun.com/j2se/1.3/font-requirements.htmlC
v ÷M]Σtí 5 DB2 7.2 ≤sA²Otí 2
(DB2) DB2 Universal Database for Solaris 8.1 Enterprise Server EditionA
]Hb IBM Tivoli Directory Server ñC
i: pGzww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 A
O IBM Directory Server 4.1 5.1Abzú DB2 eA²\
¬PΘ 29 5 , yqαzñαCpGzbαº
eú DB2ANóhΩC
pGzO DB2 8.1AhnUCíG
– b Solaris 8]32 WGu Pwív+ 108921-12 +
108940-24 + 108434-03 108528-12
– b Solaris 8]64 WGu Pwív+ 108921-12 +
108940-24 + 108435-03 108528-12
u PwíviHqUC⌠WoG
http://sunsolve.Sun.comCb SunSolve uW⌠WA÷@U¬eW
4 tD 23
Patches \αϕAAq Browse & Download Patches qñ∩Recommended & Security PatchesC
P]n J2SE Solaris íOCªúiqUC⌠oG
http://sunsolve.Sun.comCq SunSolve uW⌠WA÷@U¬eW
Patches \αϕAAq Browse & Download Patches qñ∩Recommended & Security PatchesC
b Solaris Ww DB2 An SUNWlibC nΘC
zn Java Runtime Environment (JRE)A"α⌡µH DB2 Java ≥ª
uπ]puεñAH !M⌡µ Java íA]Axs
wqτCbwBzíApGwTh JREAK[
HwC
b°uWíns²C
v Yn GSKitAnHUG
– b S o l a r i s 8Ag s k ⌡µnHUíG1 0 8 4 3 4 - 0 2
111327-02B108991B108827 M 108528A gsk SDK 2 nG109505-08B
109508-04B109510-03 M 109513-05C
– b Solaris 9Agsk ⌡µnHUíG108434-02 111327-02B
108991B108827 M 108528Cgsk SDK2 nHUíG
109505-08B109508-04B 109510-03 M 109513-05C
– n IBM JRE JDK 1.4.1 PÑ JRE JDKC
HP-UX @t°AD
bwºeA²\ IBM Tivoli Directory Server 5.2 °A ReadmeAHo
÷Σº HP-UX ⌠≤≤sΩTCΣW server.txtC≤*²ñA
OzúY°AM≤b²ñCbwßA°A Readme ±b
/usr/IBMldap/doc/lang ²U server.txtBserver.pdf M server.htm ÑñAΣñ lang
Oϕzw IBM Tivoli Directory Server ∩yÑ⌠C
t\ IBM Tivoli Directory Server Version 5.2 Readme Addendum ñsΩTC
]psuWX÷ΩTA\ viiiysuWXzC
HP-UX °AnwΘDpUG
@t
tUCí HP-UX 11i iΣ°AG
v 2001 ' 12 δ GOLDBASE11i nΘ
v 2001 ' 12 δ GOLDAPPS11i nΘ
v í PHSS_26560
OΘ 'n 512 MB RAMC
í
v pGzww DB2Ah 30 MB íAHK !Ωw
°AC]DB2 n 300-500 MB íCIBM Tivoli Directory
Server]]Aß°Abn 160 MBC
24 IBM Tivoli Directory Server: wPtmΓU
v xsΩníAM≤ΩwqMjpCb UNIX t
W'd 80 MB zΩwCA]TwΩwº
l²ñt 4 MB íAHK ! DB2 ΩC]o
²qO /homeA²OpG /home ²ñíú¼Az]iHⁿwΣL
²CΩT\ 81ybztmºeG ! DB2 ΩwM
ΩwΩzC\ IBM Tivoli Directory Server 5.2 °A
Readme M IBM Tivoli Directory Server Version 5.2 Readme AddendumA
HoΩwDs≤C]psuWX÷ΩTA\
viiiysuWXzC
ΣLnΘ
v Korn Shell OnC
v A≤ Java 2 Platform 1.4.1 HP-UX Runtime EnvironmentC∩tm
uπM GSKit OnC http://www.hp.com/go/java Uⁿ JavaC
v Yn GSKitAgsk ⌡µn PHSS_26946 íC
v ]wµtmC÷nA\ 71y]wµ
tmzC
v ÷M]Σtí 5 DB2 7.2 ≤sA²Otí 2
(DB2) DB2 Universal Database for AIX 8.1 Enterprise Server EditionA
]Hb IBM Tivoli Directory Server ñC
Web zuπD
ziHN Web zuπwbπSß°AqúWCWeb zuπi
zUC¼ LDAP °AG
v IBM Tivoli Directory Server 5.2
v IBM Directory Server 5.1
v IBM Directory Server 4.1
v IBM SecureWay Directory 3.2.2
v OS/400 V5R3
v z/OS R4
: Y z/OS R4AuΣUC]wG
– µ@ TDBM ßí
– µ@ SDBM ßí
– @ TDBM M SDBM ßí
UC@t¡xΣ Web zuπG
Windows ¡xG
v Windows NT 4.0
v Windows 2000
v Windows XP
v Windows Server 2003 °
AIX ¡xG
AIX 4.3.3B5.1 5.2
4 tD 25
xSeries Linux ¡xG
v UnitedLinux 1.0
v SuSE Linux Enterprise Server 7 8
v Red Hat Advanced Server 2.1
v Red Hat Enterprise Linux 3.0
zSeries Linux ¡xG
v Red Hat Advanced Server 3.0
v SuSE Linux Enterprise Server 8.0
iSeries and pSeries Linux ¡xG
v UnitedLinux 1.0
v SuSE Linux Enterprise Server 8.0
v Red Hat Advanced Server 3.0
Solaris ¡xG
v Solaris 7B8 9
HP-UX ¡xG
HPUX 11 11i
Yn Web zuπAznUCG
v UCΣñ@íí°AG
– WebSphere Application Server - Express O V5.0 ≤sCIBM Tivoli
Directory Server 5.2 O 5.0.2 C]iSeries LinuxBpSeries Linux M HP-UX
n 5.0.2 CpGw IBM Directory Server ú 5.0 A\ 42
yα Web zuπP WebSphere Application Server - Express O
zC
– IBM WebSphere® 5.0 ≤sC]iSeries LinuxBpSeries Linux M HP-UX
n 5.0.2 C
v bzN Web zuπqúWAπUC@Web s²C]ú@wObww
Web zuπqúG
b Windows ¡xW
Microsoft Internet Explorer 6.0
b AIX WMozilla 1.3 1.4
b xSeries Linux WMozilla 1.3 1.4
b iSeriesBpSeriesBzSeries Linux Wúús²ΣC
b Solaris 7B8 9Mozilla 1.3 1.4
b HP-UX WMozilla 1.3 1.4
26 IBM Tivoli Directory Server: wPtmΓU
w Socket h (SSL) Global Security Kit (GSKit)Global Security Kit (GSKit) 7a ∩nΘM≤Aubznw Socket h (SSL)
wΘhw (TLS) A"nM≤C
IBM Tivoli Directory Server 5.2 ¡úúq IBM Tivoli Directory Server ßi
µ SSL su\αCziHw IBM GSKit 7a M≤AHK SSL \αCGSKit M
≤]t SSL ΣM÷p RSA Data Security, Inc. (4) NC
OpenSSL tb GSKit ñAiH≤[K@]C OpenSSL nΘvDC
IBM Tivoli Directory Server °Aúnw GSKit NαB@CbípUA°A
uⁿ⌠≤ Directory ßoXDwsuCPaAIBM Tivoli Directory Server
ßúnw GSKit NαB@CpGzQwsuAb°AßWú
w GSKitC
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
4 tD 27
28 IBM Tivoli Directory Server: wPtmΓU
5 qα
αOOdz∩⌡wq⌠≤≤OdΩM²°AtmCp
GznbP@íΩΘqúWq SecureWay Directory IBM Directory Server α
²°AAñC
pGzw]Ag°AAb⌠≤°AαºeA²\¬ 115
² C, yαg°AzñΩTC
: pGzuw@ßAqúniµαCúLApGzOq IBM Directory
Server 4.1 ºeiµαABzπ IBM JNDI JAR Java
íAhwíNú JAR F]Aw IBM Tivoli Directory Server 5.2
ºeA²NªxsC∩≤ Windows¡xA\BJ 31 2A∩≤
UNIX ¡xAh\ 35 2AHo÷ΩTC
q IBM Directory Server 4.1 lAKúAn IBM JNDICIBM Directory Server
4.1B5.1 M 5.1 for Linux iSeries M pSeriesAH IBM Tivoli Directory Server 5.2
ú]t Sun Microsystems JNDICp Sun JNDI ÷ΩTA\ Sun í
σ≤Cb IBM Sun Iµºíiα tºAn∩ JNDI íi
µ≤CIBM JNDI í#MiH⌡µA²oiaGA!Yl
Sun JNDIC
pGznq SecureWay Directory αA\UCΣñ@G
v Y WindowsA\ 30yq SecureWay Directory V3.2.2 for Windows
InstallShield GUI wαzC
v Y AIXA\ 32yq SecureWay Directory V3.2.2 for AIX w
αzC
v Y Solaris M LinuxA\ 34yq Solaris M Linux SecureWay
Directory 3.2.2 wαzC
pGznq IBM Directory Server 4.1B5.1 5.1 for Linux iSeries M pSeries αA
\UCΣñ@G
v Y WindowsA\ 36yq IBM Directory Server V4.1 5.1 for Windows
wαzC
v Y AIXA\ 37yq IBM Directory Server V4.1 5.1 for AIX w
αzC
v Y SolarisBLinuxBzSeries LinuxBiSeries M pSeries Linux HP-UXA\
41yq IBM Directory Server V4.1 5.1 for UNIX wαzC
znα SecureWay Directory O 3.2.2 ≤sCpGzew
SecureWay Directory ± 3.2.2 Ah² 3.2.2 AAw IBM Tivoli
Directory Server 5.2CziHq IBM Directory ⌠Uⁿ SecureWay Directory 3.2.2 G
http://www.ibm.com/software/tivoli/products/directory-server/C
© Copyright IBM Corp. 1998, 2003 29
N
b IBM Directory Server 4.1 ºeñALDAP °A LDAP ΣKerberos AWAHKMΣß Kerberos KDC iµqTC]pA
LDAP/ldaphost.austin.ibm.comAΣñ ldaphost KO LDAP °AbºqúD
≈WCY IBM Directory Server 4.1B 5.1 M IBM Tivoli Directory Server
5.2AhpgAW]pAldap/ldaphost.austin.ibm.comC]o
≤Aq 3.2.2 °AαºßAIBM Directory Server 4.1 5.1A IBM
Tivoli Directory Server 5.2 °AiαLkCoO] 4.1B5.1 5.2 °A
b≈ϕµñMΣ ldapA LDAP AWbABe 3.2.2 °ACYn≤¼pAziH⌡µUC@@G
v sWpg LDAP Kerberos AWHKú keytab As
keytab iµqTC
v b°AºeA²N⌠ LDAP_KRB_SERVICE_NAME ]¿
LDAPC⌠y¿ LDAP °A≥b keytab ñjg LDAP
°AAWABPΣßiµqTCbßípñAbß
W]w⌠AHKßαjg LDAP AWAPΣ°A
iµqTC
fΘxM≤ΘxLkiµαCpGzQnOdzfΘxM≤Θx]
wAb≥ºe²µO²Cbzw IBM Tivoli Directory Server ºßAKizL
Web zuπ½]fΘx]wAzLtmuπ½]≤Θx]wCNf
πs]wAw]O]w 2CpGznw∩σRfΘx⌠≤íA
@zºefOⁿαOAzNf]w 1CΩT\ IBM Tivoli
Directory Server zΓUC
i: ²⌡µ db2ldif íAMß"iHúw 3.2.2 SecureWay
DirectoryC! DB2BACKUP ⁿOC
\ze]IBM Tivoli Directory Server 5.2 ºeíσ≤Ao⌡µ db2ldifí÷ⁿCúDw 3.2.2 db2ldif ≈ΩwAhz∩úαútmúhΩwCpGpAhΩNí≥óC
q SecureWay Directory V3.2.2 for Windows InstallShield GUI wα
pGznq 3.2.2 SecureWay Directory iµ ABz InstallShield GUI
N IBM Tivoli Directory Server wb Windows tWAhwz¿í≈
αC
YnαA⌡µUCG
emwBJG
1. N ins tal lpath \e tc ²ñ s lapd32.conf H⌠≤⌡A≈
installpath\etc\userV52 ²ñC]z ! installpath\etc\userV52 ²Cinstallpath
Oⁿ SecureWay Directory w²C
o ]AUCWG
v .oc
30 IBM Tivoli Directory Server: wPtmΓU
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
2. pGz⌠≤ IBM JNDI íBIBMJNDI.JAR ⌠≤÷ JNDI A
÷MwúAΣ IBM JNDIAzOiHxso CYnxso G
v N installpath\jre\bin ñ]]Al²xs
installpath\etc\userV52\jre\bin ñ
v N installpath\jre\lib ñ]]Al²xs
installpath\etc\userV52\jre\lib ñ
JNDI ÷G
v Ibmjcefw.jar
v Ibmjceprovider.jar
v IBMjgssprovider.jar
v Local_policy.jar
v US_export_policy.jar
v Krb5.ini
v Ibmjndi.jar
v Ibmjndi.zip
3. pGzpG
a. db2ldif XΩwG
db2ldif -o outputfile
Σñ outputfile ⁿw LDIF ΘXAHK]t LDIF µí²C
bzXΩweAi\zº SecureWay zΓUñ db2ldif σ≤AHo db2ldif ⁿOΩTC
i: ! DB2BACKUP ⁿOXzΩCbzútmPúΩweApGz db2ldif XAzN≥óΩC
b. bⁿOúUΘJUCⁿOAHútmPúΩwG
ldapucfg -d
c. ΘJ yAHTúCϕⁿOQ¿Aw] LDAP ΩwMΩN
qtñúC]pGzΩwΩWMΩwWúO ldapdb2AYwtmFw]ΩwC
:
1) pGzqΩwAzqtΓú DB2 ΩwC
2) úDzQ 3.2.2 db2ldif X SecureWay Directory 3.2.2 Ωwñ
ΩAzL IBM Tivoli Directory Server 5.2 ú bulkload íJAho ΩNLkM IBM Tivoli Directory Server 5.2 eC
5 qα 31
3) pGzαΩwA°ANúC
4) ≤ΘxΩwñ≤MsΩµíúeABLkCslapd32.conf
ñt≤Θx]wαstmWC
5) fΘxúαAB½stmC
6) pGz±]tí 5 DB2 7.2 AbzXΩwº
ßA DB2 7.2 í 5]HWCOAziHbXΩ
wºßú DB2AAw IBM Tivoli Directory Server ú DB2
C
wBJG
4. InstallShield GUI w IBM Tivoli Directory Server 5.2C÷ⁿ\
48 yN IBM Tivoli Directory Server wb Windows ¡xWzC
InstallShield GUI αtmP⌡C
:
a. wiαzOnNY tmC∩OiµiNC
b. YwtmΩwAhⁿz⌡µ@ BBJA"α≥
iµwCwíCXb≥we⌡µBJCbzTo B
JnBJßAwíK⌠CunwtmΩwAIBM
Tivoli Directory Server wíK½@C
ßmwBJG
5. bz¿w½sqúºßAtmuπCtmuπ
]wz DN KXAtms LDAP ΩwCpp≤tm LDAP
Ωw÷ⁿA\ 79 12 , ytmzC
: pGzQ≤ΘxΩwATwwzLtmuπ≤ΘxAOb ldapcfg íñ -g ∩C
6. pU bulkload íAHJ db2ldif XΩG
bulkload -i ldiffile -c -d
Σñ ldiffile OtnⁿJ²ñº LDIF ΩΘJWC
: ÷iúΣL\αhºⁿOµ]wíA\ IBM Tivoli
Directory Server 5.2 zΓUñ bulkload íσ≤C
q SecureWay Directory V3.2.2 for AIX wα
ñⁿAA≤ AIX wCY Solaris M LinuxA\ 34yq Solaris
M Linux SecureWay Directory 3.2.2 wαzC
Ynα AIX W²°AA⌡µUCG
emwBJG
1. N install path/etc ²ñ slapd32.conf H⌠≤⌡A≈ install
path/etc/userV52 ²ñC]z ! install path/etc/userV52 ²Cinstall path
Oⁿ SecureWay Directory w²C
o ]AUCWG
v .oc
32 IBM Tivoli Directory Server: wPtmΓU
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
2. pGz⌠≤ IBM JNDI íBIBMJNDI.JAR ⌠≤÷ JNDI A
÷MwúAΣ IBM JNDIAzOiHxso CYnxso G
v N installpath\java\bin ñ]]Al²xs
installpath\etc\userV52\java\bin ñC
v N installpath\java\lib ñ]]Al²xs
installpath\etc\userV52\java\lib ñ
JNDI ÷G
v Ibmjcefw.jar
v Ibmjceprovider.jar
v IBMjgssprovider.jar
v Local_policy.jar
v US_export_policy.jar
v Krb5.ini
v Ibmjndi.jar
v Ibmjndi.zip
3. pU db2ldif XΩwG
db2ldif -o outputfile
Σñ outputfile ⁿw LDIF ΘXAHK]t LDIF µí²C
bzXΩweAi\zº SecureWay zΓUñ db2ldif σ≤AHo db2ldif ⁿOΩTC
i: ! DB2BACKUP ⁿOXzΩCbzútmPúΩweApGz db2ldif XAzN≥óΩC
4. bⁿOúUΘJUCⁿOAHútmPúΩwG
ldapucfg -d
5. ΘJ yAHTúCϕⁿOQ¿Aw] LDAP ΩwNqtñ
úC]pGzΩwΩWMΩwWúO ldapdb2AYwtmFw]ΩwC
:
a. pGzqΩwAzqtΓú DB2 ΩwC
b. úDzQ db2ldif X SecureWay Directory 3.2.2 ΩwñΩAz
L IBM Tivoli Directory Server 5.2 ú bulkload íJAho ΩNLkM IBM Tivoli Directory Server 5.2 eC
c. pGzαΩwA°ANúC
5 qα 33
d. pGz±]tí 2 DB2 8.1 AbzXΩwºßA
DB2 8.1 í 2COAziHbXΩwºßú DB2A
Aw IBM Tivoli Directory Server ú DB2 C
e. ≤ΘxΩwñ≤MsΩµíúeABLkC≤Θxñ⌠
≤N≥óCslapd32.conf ñtº≤Θx]wAαstm
WC
f. fΘxúαAB½stmC
wBJG
6. SMIT w IBM Tivoli Directory Server 5.2CΩT\ 56
ySMIT wzC
ßmwBJG
7. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿOG
cd installpath/etc../sbin/migrate52
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf ñ
s⌡MABMúeC
8. ldapcfg ldapxcfg ⁿOA]wz DN KXAtms
LDAP ΩwCpp≤tm LDAP Ωw÷ⁿA\ 79
12 , ytmzC
: pGzQ≤ΘxΩwATwwzLtmuπ≤ΘxAOb ldapcfg ⁿOñ -g ∩C
9. bulkload íJ db2ldif XΩG
bulkload -i ldiffile -c -d
Σñ ldiffile OtnⁿJ²ñº LDIF ΩΘJWC
: ÷iúΣL\αhºⁿOµ]wíA\ IBM Tivoli
Directory Server 5.2 zΓUñ bulkload íσ≤C
q Solaris M Linux SecureWay Directory 3.2.2 wα
ñⁿA≤ Solaris M LinuxC!o ⁿAb AIX tWiµαC
pGzOb AIX tWαA\ 32yq SecureWay Directory V3.2.2 for
AIX wαzC
Ynα²°AA⌡µUCG
emwBJG
1. N installpath/etc ²ñ slapd32.conf H⌠≤⌡A≈ install
path/etc/userV52 ²ñC]z ! installpath/etc/userV52 ²Cinstallpath
Oⁿ SecureWay Directory w²C
o ]AUCWG
v .oc
v .at
34 IBM Tivoli Directory Server: wPtmΓU
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
2. pGz⌠≤ IBM JNDI íBIBMJNDI.JAR ⌠≤÷ JNDI A
÷MwúAΣ IBM JNDIAzOiHxso CYnxso G
v N installpath\java\bin ñ]]Al²xs
installpath\etc\userV52\java\bin ñC
v N installpath\java\lib ñ]]Al²xs
installpath\etc\userV52\java\lib ñ
JNDI ÷G
v Ibmjcefw.jar
v Ibmjceprovider.jar
v IBMjgssprovider.jar
v Local_policy.jar
v US_export_policy.jar
v Krb5.ini
v Ibmjndi.jar
v Ibmjndi.zip
3. pU db2ldif XΩwG
: bzXΩweA²\¬zº SecureWay zΓUñ db2ldifíσ≤C
db2ldif -o outputfile
Σñ outputfile ⁿw LDIF ΘXAHK]t LDIF µí²C
i: ! DB2BACKUP ⁿOXzΩCbzútmPúΩweApGz db2ldif XAzN≥óΩC
4. bⁿOúUΘJUCⁿOAHútmPúΩwG
ldapucfg -d
5. ΘJ yAHTúCϕⁿOQ¿Aw] LDAP ΩwNqt
ñúC]pGzΩwΩWMΩwWúO ldapdb2AYwtmFw]ΩwC
:
a. pGzqΩwAzqtΓú DB2 ΩwC
b. úDzQ db2ldif X SecureWay Directory 3.2.2 ΩwñΩA
zL IBM Tivoli Directory Server 5.2 ú bulkload íJAho ΩNLkM IBM Tivoli Directory Server 5.2 eC
c. pGzαΩwA°ANúC
5 qα 35
d. pGz±]tí 5 DB2 7.2 AbzXΩw
ºßA DB2 7.2 í 5]HWCOAziHb
XΩwºßú DB2AAw IBM Tivoli Directory Server ú
DB2 C
e. ≤ΘxΩwñ≤MsΩµíúeABLkCslapd32.conf
ñt≤Θx]wαstmWC
f. fΘxúαAB½stmC
6. úw SecureWay Directory 3.2.2C
wBJG
7. w IBM Tivoli Directory Server 5.2C⌡µUCº@G
v Y SolarisA⌡µ pkgaddCΩT\ 67 y
pkgadd iµⁿOµwzC
v RPM for LinuxCΩT\ 61yw IBM Tivoli Directory
ServerzC
v InstallShield GUICΩT\ 51yb UNIX ¼¡xWw
zC
ßmwBJG
8. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿ
OG
cd installpath/etc../sbin/migrate52
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf
ñs⌡MABMúeC
9. ldapcfg ldapxcfg ⁿOA]wz DN KXA
tms LDAP ΩwCpp≤tm LDAP Ωw÷ⁿA
\ 79 12 , ytmzC
: pGzQ≤ΘxΩwATwwzLtmuπObldapcfg ⁿOñ -g ∩≤ΘxC
10. bulkload íJ db2ldif XΩG
bulkload -i ldiffile -c -d
Σñ ldiffile OtnⁿJ²ñº LDIF ΩΘJWC
: ÷iúΣL\αhºⁿOµ]wíA\ IBM
Directory Server 5.2 zΓUñ bulkload íσ≤C
q IBM Directory Server V4.1 5.1 for Windows wα
pGz InstallShield GUI Windows tW IBM Directory Server 4.1
5.1 ANiµαCbw 5.2 ºeAInstallShield GUI ²≈°At
mP⌡ANo α 5.2 WC
36 IBM Tivoli Directory Server: wPtmΓU
: pGzwq IBM Directory Server 5.1 w Web zuπA\ 42y
α Web zuπP WebSphere Application Server - Express OzoΩ
TC
q IBM Directory Server V4.1 5.1 for AIX wα
ñⁿAA≤ AIX wCY SolarisBLinuxBzSeries Linux HP-UXA
\ 41yq IBM Directory Server V4.1 5.1 for UNIX wαzC
: pGzwq IBM Directory Server 5.1 w Web zuπA\ 42y
α Web zuπP WebSphere Application Server - Express OzoΩ
TC
w∩Tαdí*¿TlG
v yq IBM Directory Server 4.1 αz
v 38yq IBM Directory Server 5.1 DB2 8.1A32 αz
v 39yq IBM Directory Server 5.1 DB2 7.2 αz
q IBM Directory Server 4.1 α
Ynα AIX W IBM Directory Server 4.1A⌡µUCG
emwBJG
1. N /usr/ldap/etc ²ñ slapd32.conf ibmslapd.conf H⌠≤⌡A≈
D /usr/ldap l²²ñC
o ]AUCWG
v .oc
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
2. pGz InstallShield GUI wA InstallShield GUI úwC
wBJG
3. InstallShield GUI SMIT w IBM Tivoli Directory Server 5.2C÷Ω
T\ 51yb UNIX ¼¡xWwz 56ySMIT wzC
ßmwBJG
4. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿOG
cd installpath/etc../sbin/migrate52 -s backuppath
Σñ backuppath OzbBJ 1 ñ≈⌠C
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf ñ
s⌡MABMúeC
5 qα 37
q IBM Directory Server 5.1 DB2 8.1A32 α
Ynα AIX W IBM Directory Server 5.1AN DB2 Workgroup Server Edition
8.1A32 α DB2 Enterprise Server Edition 8.1A64 AUCG
emwBJG
1. UCΦíεΩwΩG
a. nJ DB2 ΩC
b. TwS⌠≤íb DB2 ΩΩwCYnoΩ
ºíMµAΘJ db2 list applications ⁿOCziHΘJdb2 terminate ⁿO⌠Ñq@Cún db2 force applications allⁿOjóñεíA]í≈íⁿOεAiαD
wµCp÷o ⁿOΩTA\ DB2 Command ReferenceC
c. ϕíúεAΘJ db2stop ⁿOε DB2 ΩΩ
w°ABzC
d. ΘJ db2licm end ⁿOε DB2 nΘvníC
e. b⌡µⁿOµBzCÑq@ñΘJ db2 terminate ⁿOAεⁿOµBzÑq@C
f. ΘJ db2_kill ⁿOMú⌠≤l DB2 ΩC
g. nXC
2. N /usr/ldap/etc ²ñ slapd32.conf ibmslapd.conf H⌠≤⌡A
≈D /usr/ldap l²²ñC
o ]AUCWG
v .oc
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
3. útmetm IBM Directory Server Ωw]pAldapdb2A²únRú
ΩMΩwCziH ldapucfg -d ⁿOtmuπC
4. UCεΩwΩG
a. HΩ¡≈nJC
b. db2istop ⁿOεΩC
/usr/opt/db2_08_01/instance/db2istop InstName
5. pGz InstallShield GUI wA InstallShield GUI úwC
wBJG
6. úw DB2 Workgroup Server Edition 8.1C
7. w DB2 Enterprise Server Edition 8.1C
8. InstallShield GUI SMIT w IBM Tivoli Directory Server 5.2C÷
ΩT\ 51 yb UNIX ¼¡xWwz 56 ySMIT w
zC
ßmwBJG
38 IBM Tivoli Directory Server: wPtmΓU
9. UCΦí≤s IBM Tivoli Directory Server ΩwΩ 64 e
G
a. H root ¡≈nJC
b. UCΦí⌡µ db2iupdt ⁿOG
/usr/opt/db2_08_01/instance/db2iupdt -w 64 InstName
10. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿOG
cd installpath/etc../sbin/migrate52 -s backuppath
Σñ backuppath OzbBJ 382 ñ≈⌠C
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf
ñs⌡MABMúeC
q IBM Directory Server 5.1 DB2 7.2 α
Ynα AIX W IBM Directory Server 5.1A DB2 Enterprise Server Edition
7.2A32 α DB2 Enterprise Server Edition 8.1A64 AUCG
emwBJG
1. α DB2 ΩCbziHα DB2 ΩºeAεΩº
⌠≤ΩwíCYn DB2 ΩHiµαAUCG
a. nJ DB2 ΩC
b. TwS⌠≤íb DB2 ΩΩwCYnoΩ
ºíMµA db2 list applications ⁿOCziHΘJdb2 terminate ⁿO⌠Ñq@Cún db2 force applications allⁿOjóñεíA]í≈íⁿOεAiαD
wµCp÷o ⁿOΩTA\ DB2 Command ReferenceC
c. ϕíú¿AΘJ db2stop ⁿOε DB2 ΩΩ
w°ABzC
d. ΘJ db2licm end ⁿOε DB2 nΘvníC
e. b⌡µⁿOµBzCÑq@ñΘJ db2 terminate ⁿOAεⁿOµBzÑq@C
f. ΘJ db2_kill ⁿOMú⌠≤l DB2 ΩC
g. nXC
2. τΩwOiHαCpGz 2 ⌡XíAn
αNC
DB2 ú db2ckmig αⁿOAτOiHαsΩwCdb2imigr ⁿO db2ckmig ⁿOτOiHαsΩwC
YnTwziHαΩA⌡µ db2ckmig ⁿOCpGΩαóAz≤ⁿO°iCziHA⌡µ db2ckmig ⁿOτwQ≤AM
ßAαΩC
p db2ckmig ⁿOΩTA\ DB2 Command ReferenceC
YnτOiHαsΩwA⌡µUCBJG
a. HΩ¡≈nJC
b. ΘJUCⁿOG
DB2DIR/bin/db2ckmig -h -a 0 -l INSTHOME/migration.log
5 qα 39
Σñ DB2DIR = /usr/lpp/db2_06_01
c. dΘxCΘxπz⌡µ db2ckmig ⁿOoCpGπ⌠≤A⌡µ≤@C
d. ≥αΩºeAdαΘxOC
e. ≤ßA≈ΩwC
3. w DB2 Enterprise Server Edition 8.1A64 C
4. N /usr/ldap/etc ²ñ slapd32.conf ibmslapd.conf H⌠≤⌡A
≈D /usr/ldap l²²ñC
o ]AUCWG
v .oc
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
5. pGz InstallShield GUI wA InstallShield GUI úwC
6. α DB2 ΩCu≤ DB2 ΩñsΩw"dOiαC
wúsΩwAbΩαºßiαLkC
bΩwiiµαºßAUCΦí db2imigr ⁿOαΩG
a. Hπ root v¡nJC
b. pG library_path ⌠O] /usr/lib B /usr/lib ñ 7 libdb2 @
íwAbíU db2imigr ⁿOiαPCYnAΘJUCⁿON library_path ⌠½]úo ⌠ñ
íwG
unset LIBPATH
c. UCΦí⌡µ db2imigr ⁿOG
/usr/opt/db2_08_01/instance/db2imigr [-d] [-a AuthType][-u fencedID] InstName
Σñ
v -d ]wúíA²ziHPwDCoO∩C
v -a AuthType ⁿwΩO¼CO¼ (SERVER)B(CLIENT)
M (DCS)CpGww DB2 °AAϕⁿw -a AO¼w](SERVER)ChAAuthType ] (CLIENT)CoO∩C
:
1) ΩO¼A≤ΩΩwC
2) ϕO¼ (DCE) O∩AⁿO∩ (DCE) OL
v -u fencedID Obj≈wqτ (UDF) MxsU⌡µ
CoubwwuDB2 ⌡µßv"O∩C∩
ΣL DB2 úOnC
v InstName OΩnJWC
40 IBM Tivoli Directory Server: wPtmΓU
7. UCα½ DB2 Ω 64 eG
a. Hπ root v¡nJC
b. UCΦí⌡µ db2iupdt ⁿOG
/usr/opt/db2_08_01/instance/db2iupdt -w 64 InstName
c. α DB2 ΩºßAN LIBPATH ½]ΣlC
8. UCBJαΩΩwG
a. Hπ SYSADM v¡ ID nJApΩC
b. TwznαΩwwiµsC
c. ⌡µ db2C
d. b DB2 ⁿOúUAΘJUCⁿOG
migrate database DATABASE-NAME
9. l]wΩwzítm UTIL_IMPACT_LIM Σw]CUDB 7.1 S
UTIL_IMPACT_LIM tmAbα Enterprise Server Edition 8.1 ⁿ
w 0Cd≥ 1 100CUCG
a. Hπ SYSADM v¡ ID nJC
b. ⌡µ db2C
c. b DB2 ⁿOúUAΘJUCⁿOG
update database manager configuration using UTIL_IMPACT_LIM value
value ObCG1 10 ºíC
wBJG
10. InstallShield GUI SMIT w IBM Tivoli Directory Server 5.2C÷
ΩT\ 51 yb UNIX ¼¡xWwz 56 ySMIT w
zC
ßmwBJG
11. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿOG
cd installpath/etc../sbin/migrate52 -s backuppath
Σñ backuppath OzbBJ 40 4 ñ≈⌠C
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf
ñs⌡MABMúeC
q IBM Directory Server V4.1 5.1 for UNIX wα
ñⁿAA≤ SolarisBLinuxBzSeries LinuxBiSeries pSeries Linux M
HP-UXC!o ⁿAb AIX tWiµαCpGzOb AIX tWαA
\ 37yq IBM Directory Server V4.1 5.1 for AIX wαzC
: pGzwq IBM Directory Server 5.1 w Web zuπA\ 42y
α Web zuπP WebSphere Application Server - Express OzoΩ
TC
5 qα 41
Ynα²°AA⌡µUCG
emwBJG
1. N installpath/etc ²ñ slapd32.conf ibmslapd.conf H⌠≤⌡A
≈ installpath/etc/userV52 ²ñC]z ! installpath/etc/userV52 ²C
installpath O IBM Directory Server 4.1 5.1 w²C
o ]AUCWG
v .oc
v .at
v .conf
MUCG
v V3.ldapsyntaxes
v V3.matchingrules
v V3.modifiedschema
2. zbwP@íAúw IBM Directory Server 4.1 5.1C
]únb HP-UX WúwC
wBJG
3. UCΣñ@BJw IBM Tivoli Directory Server 5.2G
v Y SolarisA⌡µ pkgaddCΩT\ 67y pkgadd i
µⁿOµwzC
v RPM for LinuxCΩT\ 61 yw IBM Tivoli Directory
ServerzC
v swinstall for HP-UXCΩT\ 71 10 , y HP-UX
íw IBM Tivoli Directory ServerzC
v InstallShield GUICΩT\ 51yb UNIX ¼¡xWwzC
4. ⌡µ migrate52 ScriptAHαtmP⌡CbⁿOúñΘJUCⁿOG
cd installpath/etc../sbin/migrate52
: Yz∩⌡A#⌡µ migrate52 ScriptCibmslapd.conf ñs
⌡MABMúeC
α Web zuπP WebSphere Application Server - Express O
pGzewF IBM Directory Server 5.1 Web zuπ WebSphere Application
Server - Express O V5.0AiHUCΣñ@w WebSphere Application
Server - Express O V5.0 5.0.2 íHα 5.2 Web zuπC
Windows w
b Windows wApGz InstallShield GUI iµwAwí WebSphere
Application Server - Express O V5.0 5.0.2ABw Web zuπ
WebSphere Application Server - Express OCoO Windows WzQwΦ
kCUhú@C
b WindowsAiUCΦí WebSphere Application Server - Express O V5.0
Mα Web zuπG
42 IBM Tivoli Directory Server: wPtmΓU
1. qzUⁿ IBM Tivoli Directory Server ⌠Uⁿ WebSphere Application Server -
Express O V5.0 í 2C
2. ≈
WASPath\installedApps\DefaultNode\IDSWebApp.war.ear\IDSWebApp.war\WEB-INF\classes\
²ñUCtmG
v security\console_passwd
v IDSConfig\IDSSessionConfig\IDSSessionMgmt.xml
v IDSConfig\IDSServersConfig\IDSServersInfo.xml
Σñ WASPath Ozw IBM Directory Server V5.1 úº WebSphere Application
Server - Express O V5.0 ⌠CpGz ⌠AWASPath
ldaphome\appsrv\C
3. ⌡µUCⁿOúw Web zuπG
WASPath\bin\wsadmin.bat -conntype NONE -c "$AdminApp uninstall IDSWebApp.war"
4. UCΦíw WebSphere Application Server - Express O 5.0.2 íG
a. pGí°A⌡µñAUCⁿOεG
WASPath\bin\stopServer.bat server1
b. ΘJUCⁿOwíG
set JAVA_HOME=WASPath\javaWAS_FP2_Path\updateSilent.sh -installDir \WASPath -fixpack -install
-fixpackDir \WAS_FP2_Path\fixpacks -skipIHS -skipMQ-fixpackID was50_express_fp2_win -noBackup -noLog -noHistory
Σñ WAS_FP2_Path Ozb 1 BJñUⁿí²C
5. pGzpAw IBM Tivoli Directory Server 5.2 ú Web zu
πC
6. 117yw Web zuπ WebSphere Application Server - Express
Ozñⁿws Web zuπ WebSphere Application Server - Express
O V5.0.2C
7. zb 2 BJñ≈ Web zuπtmC
8. WebSphere Application Server - Express OC\ 93y
í°AHK Web zuπzC
: pGzQnbDσ⌠ñ Web zuπA\ 105yΘJ
Web zuπΩlzC
UNIX w
bD zSeries Linux UNIX wAUCΦíα Web zuπG
1. qzUⁿ IBM Tivoli Directory Server ⌠Uⁿ WebSphere Application Server
- Express O V5.0 í 2C
2. ≈
WASPath/installedApps/DefaultNode/IDSWebApp.war.ear/IDSWebApp.war/WEB-INF/classes/
²ñUCtmG
v security/console_passwd
v IDSConfig/IDSSessionConfig/IDSSessionMgmt.xml
v IDSConfig/IDSServersConfig/IDSServersInfo.xml
5 qα 43
Σñ WASPath Ozw IBM Directory Server V5.1 úº WebSphere Application
Server - Express O V5.0 ⌠CpGz ⌠AWASPath
ldaphome/appsrv/C
3. ⌡µUCⁿOúw Web zuπG
WASPath/bin/wsadmin.sh -conntype NONE -c "\$AdminApp uninstall IDSWebApp.war"
4. UCΦíw WebSphere Application Server - Express O 5.0.2 íG
a. pGí°A⌡µñAUCⁿOεG
WASPath/bin/stopServer.sh server1
b. ΘJUCⁿOwíG
export JAVA_HOME=WASPath/javaWAS_FP2_Path/updateSilent.sh -installDir /WASPath -fixpack -install
-fixpackDir /WAS_FP2_Path/fixpacks -skipIHS -skipMQ-fixpackID fp_name -noBackup -noLog -noHistory
Σñ
v WAS_FP2_Path Ozb 43 1 BJñUⁿí²C
v fp_name OíWA@t¡xG
AIX was50_express_fp2_aix
xSeries Linuxwas50_express_fp2_linux
Solariswas50_express_fp2_solaris
HP-UXwas50_express_fp2_hpux
5. pGzpAw IBM Tivoli Directory Server 5.2 ú Web zu
πC
6. 117yw Web zuπ WebSphere Application Server - Express
Ozñⁿws Web zuπ WebSphere Application Server - Express
O V5.0.2C
7. zb 43 2 BJñ≈ Web zuπtmC
8. WebSphere Application Server - Express OC\ 93y
í°AHK Web zuπzC
: pGzQnbDσ⌠ñ Web zuπA\ 105yΘJ
Web zuπΩlzC
w∩ zSeries Linux w
Ynb zSeries Linux W WebSphere Application Server - Express OG
1. b WAS_home/bin ²A⌡µHUⁿOAH !ztm≈G
backupConfig.sh
o !@s WebSphereConfig_yyyy-mm-dd.zip zip C
2. N zip z WAS_home ²Y²ñC
WAS_home Ow WebSphere Application Server - Express O²CpG
zO ²wAo²O ldaphome/appsrvC
44 IBM Tivoli Directory Server: wPtmΓU
3. ≈
WASPath/installedApps/DefaultNode/IDSWebApp.war.ear/IDSWebApp.war/WEB-INF/classes/
²ñUCtmG
v security/console_passwd
v IDSConfig/IDSSessionConfig/IDSSessionMgmt.xml
v IDSConfig/IDSServersConfig/IDSServersInfo.xml
Σñ WASPath Ozw IBM Directory Server V5.1 úº WebSphere
Application Server - Express O V5.0 ⌠CpGz ⌠AWASPath
ldaphome/appsrv/C
4. ú WAS_home ²Aúw WebSphere Application Server - Express O
5.0 C
5. w WebSphere Application Server - Express O 5.0.2
6. b WAS_home/bin ²A⌡µHUⁿOG
restoreConfig.sh backup_path/WebSphereConfig_yyyy-mm-dd.zip
Σñ b a c k u p _ p a t h Oz W A S _ h o m e / b i n / r e s t o r e C o n f i g . s h
WebSphereConfig_yyyy-mm-dd.zip ⌠C
oⁿO⌡µHU@G
v ! 5.0.2 tm≈C]oOW WAS_home/config.old ²
v N 5.0 tmss 5.0.2 w⌠]b config ²C
7. ∩ WAS_home/config/cells/DefaultNode/security.xml HJHU <entry> q
¿G
<entries xmi:id="JAASConfigurationEntry_6" alias="wssecurity.IDAssertion"><loginModules xmi:id="JAASLoginModule_6"
moduleClassName="com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy"authenticationStrategy="REQUIRED">
<options xmi:id="Property_8" name="delegate"value="com.ibm.wsspi.wssecurity.auth.module.IDAssertionLoginModule"/>
</loginModules></entries><entries xmi:id="JAASConfigurationEntry_7" alias="wssecurity.Signature"><loginModules xmi:id="JAASLoginModule_7"
moduleClassName="com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy"authenticationStrategy="REQUIRED">
<options xmi:id="Property_9" name="delegate"value="com.ibm.wsspi.wssecurity.auth.module.SignatureLoginModule"/>
</loginModules></entries>
: FnXAdñY µQ(CTwbµ@µñΘJFC@loginmodules MC@ options C
pGzb⌡µΓαºeAwb 5.0 tmñsWFAziαn≤
IDC
8. b°AhAq WAS_home/config.old ²ANX ws-security.xml A
s WAS_home/config ²ñ∩mC
9. b°A templates ²hAq WAS_home/config.old ²AN variables.xml
M ws-security.xml As WAS_home/config ²ñ∩mC
10. N WAS_home/config.old/templates/system/nodes/servers/jmsserver ñ server.xml A
s WAS_home/config ²ñ∩mC
5 qα 45
11. N WAS_home/config.old/templates/system/jdbc-resource-provider-templates.xml s
WAS_home/config ²ñ∩mC
12. ⌡µUCⁿOúw Web zuπG
WASPath/bin/wsadmin.sh -conntype NONE -c "\$AdminApp uninstall IDSWebApp.war"
13. pGzpAw IBM Tivoli Directory Server 5.2 ú Web zu
πC\ 61 8 , y Linux íw IBM Tivoli Directory
ServerzC
14. 117yw Web zuπ WebSphere Application Server - Express
Ozñⁿws Web zuπ WebSphere Application Server -
Express O V5.0.2C
15. zbBJ 453 ñ≈ Web zuπtmC
16. WebSphere Application Server - Express OC\ 93y
í°AHK Web zuπzC
: pGzQnbDσ⌠ñ Web zuπA\ 105yΘJ
Web zuπΩlzC
46 IBM Tivoli Directory Server: wPtmΓU
6 InstallShield GUI w
ziH InstallShield GUIAN IBM Tivoli Directory Server wb WindowsBAIX
M Solaris ¡xWCª]A≤ xSeries Linux ¡xCpGzúQ InstallShield GUI
wAΓUτbOñúC@¡xΓwCíAziH
\ 55 7 , y AIX íw IBM Tivoli Directory ServerzC
lwºeATwX@tDCΩT\ 13 4 , yt
DzC
N
pb AIX tW½swßAp≤α≈÷ⁿA\
32yq SecureWay Directory V3.2.2 for AIX wαz 37yq
IBM Directory Server V4.1 5.1 for AIX wαzC
÷b LinuxBSolaris HP-UX tW½swßAnp≤αP≈
íA\¬PA 34yq Solaris M Linux SecureWay Directory
3.2.2 wαz 41yq IBM Directory Server V4.1 5.1 for UNIX
wαzñαC
pG Windows tñww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 A
O IBM Directory Server 4.1 5.1Ablw IBM Tivoli Directory Server
5.2 eA²\¬Θ 30yq SecureWay Directory V3.2.2 for Windows
InstallShield GUI wαz 36yq IBM Directory Server V4.1
5.1 for Windows wαzñαC
bzlw IBM Tivoli Directory Server 5.2 eAn≈PX⌡
P°AtmC
pGz InstallShield GUI w IBM Tivoli Directory ServerAhτ
InstallShield GUI úwCwp DB2BWebSphere Application Server - Express
OM GSKit ÑsúτOpC÷ InstallShield GUI ú IBM Tivoli
Directory Server íA\ 95yúw IBM Tivoli Directory ServerzC
b Windows ¡xWw
QUCUΩTA InstallShield GUI N IBM Tivoli Directory Server 5.2 w
b Windows ¡xWC
wºe
bwºeATwzwXUC°≤CpGúXo °≤AwíN⌠C
v pGtñww SecureWay Directory 3.2.2 ºeG
© Copyright IBM Corp. 1998, 2003 47
bw IBM Tivoli Directory Server 5.2 eA² 3.2.2 ≤sCA
29 5 , yqαzñⁿAαΩw IBM Tivoli
Directory Server 5.2C
v pGzwbqúWw SecureWay Directory 3.2.2 IBM Directory Server4.1 5.1G
29 5 , yqαzñⁿAαΩw IBM Tivoli
Directory Server 5.2C
v pGzwbqúWw DB2 7.2]tí 5ºeG
DB2 7.2 í 5 ≤sAOú DB2C IBM Tivoli Directory
Server Otí 2 DB2 8.1CpGzbtWπ⌠@
DB2AYz∩w°AAh InstallShield GUI wªC
i: bútmMúΩwºeA² db2ldif XΩC! DB2BACKUP ⁿOCpGzbútmMúΩwºeXAzNóhΩC
v pGzwbqúWw WebSphere Application Server - Express OG
IBM Tivoli Directory Server 5.2 HO WebSphere Application Server - Express
O V5.0.2CpGwgw 5.0 WebSphere Application Server - Express
OAInstallShield GUI wíNΣ 5.0.2 C
DB2 Ωw
bweA² !Twzw !@ IDAo ID Nxs
²Ω DB2 ΩwCbwHt½sß⌡µtmAbtmí
nDzúo ID PΣKXC ID °b 8 rAB
Ouzvs ñ¿CpGz !OsΩwAh !P ID π
PW DB2 ΩAHKOdΩwC
N IBM Tivoli Directory Server wb Windows ¡xW
Ynw IBM Tivoli Directory Server 5.2A⌡µUC@G
1. bzw IBM Tivoli Directory Server bqúWAε⌠≤⌡µñíA
÷¼°íCpGzñ°íAhl IBM Tivoli Directory Server
w°íAiα⌠bΣL°íºßC
2. pGzOq*wAN*±i CD-ROM *≈ñC
3. pGzOq*q ⌠⌠iµwAz CD-ROM *≈
Aϕ⌠⌠⌠≈CpGzwUⁿ zip AúYb²C
4. b \ismp Ω¿ñA÷ΓU setup.exe C
oπyÑ°íC
: ϕzwb Windows WApGwí⌠BSXyÑ°íAiαO
UC@]y¿G
v e@°TXíCNz°TXí≤sshAH≤
DC
v TEMP ⌠ⁿw²ñíú¼CTwzb²ñA'π
100 MB iíC
5. ∩bw IBM Tivoli Directory Server ízQyÑC÷@UTwC
48 IBM Tivoli Directory Server: wPtmΓU
: wíñyÑAD IBM Tivoli Directory Server ñyÑC
ziHbBJ 11 ñ∩nb IBM Tivoli Directory Server ñyÑC
6. buw∩v°íñ÷@UU@BC
7. pGtWwµ IBM Tivoli Directory ServerA⌡BJ
8CpGtWww IBM Tivoli Directory ServerA⌡µUCº@G
v pGztWww IBM Tivoli Directory ServerGtNzOnαtmCYnαA÷@UOFYngwA÷@UC
\ 29 5 , yqαzHoπαⁿC
i: pGz∩Bn\ewAzNóhΩML⌡
≤C
v pGtWww IBM Tivoli Directory Server Client SDKGt
NzOn≥wCYnwb Client SDK WA÷@UOF
Yn⌠wA÷@UC
v pGtWww IBM Tivoli Directory Server Web zuπG
tNzOn≥wCYnwb Web zuπWA÷
@UOFYn⌠wA÷@UC
v pGtWwwµ°ABß SDK Web zuπGtN
zOn⌠wCpGzú⌠A]S≈zAbwío
QgC
v pGzw 5.0 WebSphere Application Server - Express OAi
zN 5.0.2 C
8. b¬nΘvXßA∩ⁿvXñ°C÷@UU@BC
9. π⌠≤w²w≤M∩hC÷@UU@BC
10. Ynww]²A÷@UU@BCziH÷@Us²AHⁿwúP
²C
: bw²WñA!SϕrApsr (-) PyI (.) ÑCpG
zúw]mAⁿ ldap ldapdir ÑWC!ⁿldap-dir ldap.dir WC
11. ∩zQb IBM Tivoli Directory Server 5.2 ñyÑC÷@UU@BC
12. X@°íAΣñπnwUC≤G
v Client SDK 5.2
v Web zuπ 5.2
v Server 5.2
v IBM WebSphere Application Server - Express 5.0.2
v DB2 V8.1
v GSKit
w≤úww²∩CziH∩½sw°ABß Web z
uπ]pGwwC
:
a. pGzw Web zuπA²AOyÑ (DSML) ]szq
úWCpwtm DSML ÷ΩTA\ 123² F, yw
Ptm DSMLzC
6 InstallShield GUI w 49
b. pGzw Web zuπAhn@í°AAH⌡µuπCpG
z∩ IBM WebSphere Application Server - ExpressABzSw5.0 Atzwtm WebSphere Application Server - Express O
V5.0.2CpGwgw 5.0 WebSphere Application Server - Express
OAInstallShield GUI wí ª 5.0.2 C Web zuπ
⌠≤tmúiµ≈CpGzOt@í°A]
p WebSphereAhbwºßAN Web zuπ IDSWebApp.war w
í°AñCpw WebSphere Application Server - Express
O WebSphere ÷ΩTA\ 121² E, yN Web zu
πw WebSpherezC
°í]ⁿX∩≈WHiíjpC
Twnw≤w∩XAMß÷@UU@BC
13. pGzb 49 12 BJñ∩F DB2 V8.1ANπ@°íAúzΘJDB2 t ID Windows ID PKXCw] ID O db2adminCb°íñG
a. ΘJ IDAⁿw]C
b. ΘJKXAMß½sΘJ@AHKτC
c. ÷@UU@BC
:
a. o ID úαOzb 48y ! DB2 Ωwzñ !
IDC
b. pGz Windows IDATwKXOTChADB2 N
LkTwC
c. pGz Windows IDAªOzs ¿C
d. pGzS IDADB2 zΘJKXA !ⁿw
IDC
14. wíw¼≈ΩTiHlwCKn°íπz∩≤H
∩≤wmC÷@UW@Bi≤z⌠≤∩C÷@UU@Bil
wC
: bwliµºßAún°w@CpGúV°wA\ 100yqwóñzßA½swC
15. wºßG
v pGzwOßANπß Readme C¬AMß÷@U
U@BC
v pGzwO°AAτπ°A Readme C¬AMß÷@U
U@BC
v pGzwO Web zuπAτπ Web zuπ Readme C¬
AMß÷@UU@BC
16. ∩n!YyA½sqúC÷@U¿C
: pGzwO°AAz½stA"α¿ IBM Tivoli Directory
Server tmC¿@ßAz"α IBM Tivoli Directory ServerC
50 IBM Tivoli Directory Server: wPtmΓU
pGzwO°AAbqú½sºßAw IBM Tivoli Directory Server
ID nJCtmuπ⌡µAHK²z¿°AtmCz²]w
z DN PKXAtmxs²ΩΩwßAz"α°ACYn
¿tmAϕUCⁿG
1. Yn]wz DN PKXA 80y]wz DN PKXzñⁿ
C
2. YntmΩwA 82ytmΩwzñⁿC
zw¿wPtmC
pGΘßn≤tmAi\ 79 12 , ytmzAotmuπ÷
ΩTC
pGwtmío⌠≤A\ 99 15 , y°zHoΩ
TC
b UNIX ¼¡xWw
QUCUΩTA InstallShield GUI N IBM Tivoli Directory Server 5.2 b
UNIX ¼¡xWwC
wºe
bwºeATwzwXUC°≤C
v pGtñww SecureWay Directory A\ 32yq SecureWay
Directory V3.2.2 for AIX wαz 34yq Solaris M Linux
SecureWay Directory 3.2.2 wαzC
v pGtñww IBM Directory Server A\ 37yq IBM Directory
Server V4.1 5.1 for AIX wαz 41yq IBM Directory Server V4.1
5.1 for UNIX wαzC
v pGzwbqúWw WebSphere Application Server - Express OG
IBM Tivoli Directory Server 5.2 HO WebSphere Application Server - Express
O V5.0.2CpGwgw 5.0 WebSphere Application Server - Express
OA 42yα Web zuπP WebSphere Application Server
- Express Ozñⁿw WebSphere Application Server - Express O
í 2 Web zuπC
: 5.0.2 úOzL UNIX ¡xW InstallShield GUI ¿Cz
zL InstallShield GUI ϕ 42yα Web zuπP WebSphere
Application Server - Express OzñΓⁿúw 5.0 Hw
5.0.2C
N IBM Tivoli Directory Server b UNIX ¼¡xWw
Ynw IBM Tivoli Directory Server 5.2A⌡µUC@G
1. pGzOq*wAN*±i CD-ROM *≈ñⁿ*CpGzwU
ⁿ tar A tar ²C
2. b*²z tar ²ñAΘJ ./setupCeXyÑ°íC
3. ∩bw IBM Tivoli Directory Server ízQyÑC÷@UTwC
6 InstallShield GUI w 51
: wíñyÑAD≤ IBM Tivoli Directory Server ñCzN
bBJ 7 ñ∩nb IBM Tivoli Directory Server ñyÑC
4. buw∩v°íñ÷@UU@BC
i: pGtñww SecureWay Directory IBM Directory Server Ah
X@hTºAiDz²úMßAwCbúwºeA\ 29
5 , yqαzAo÷xs≈ΩⁿCpGzSxs≈Ω
AzNbúwñ≥óΩC.
5. ¬unΘvvºßA∩ⁿvXñ°C÷@UU@BC
6. π⌠≤w²w≤M∩hC÷@UU@BC
7. ∩zQb IBM Tivoli Directory Server 5.2 ñyÑC÷@UU@BC
8. X@°íAΣñπUC≤G
v Client SDK 5.2
v Web zuπ 5.2
v Server 5.2
v IBM WebSphere Application Server - Express 5.0.2
v DB2 V8.1
v GSKit
w≤úww²∩C
°í]ⁿX∩≈WHiíjpC
Twnw≤w∩XAMß÷@UU@BC
:
a. pGzw Web zuπADSML ]szqúWCpw
tm DSML ÷ΩTA\ 123 ² F, ywPtm
DSMLzC
b. pGzw Web zuπAhn@í°AAH⌡µuπC
pGz∩ IBM WebSphere Application Server - ExpressABzSw 5.0 Atzwtm WebSphere Application Server -
Express O V5.0.2CpGzúPí°AAOpGww
WebSphere Application Server - Express OAhw¿ßAz
N IDSWebApp.war wí°Aí²ñCpH
ΓΦíwPtm WebSphere Application Server - Express O
÷ΩTA\ 117² D, ywBtmúw WebSphere
Application Server - Express OzC
9. wíw¼≈ΩTiHlwCKneπz∩≤
MYNw∩≤mC÷@UW@Bi≤z⌠≤∩C÷@U
U@BilwC
: bw°Aß Solaris íApGoD IBM
LDAPAh /usr/bin/ldapsparc ²C
10. wºßG
52 IBM Tivoli Directory Server: wPtmΓU
v pGzwOßANπß Readme C¬AM
ß÷@UU@BC
v pGzwO°AAτπ°A Readme C¬AM
ß÷@UU@BC
v pGzwO Web zuπAτπ Web zuπ Readme
C¬AMß÷@UU@BC
11. ÷@U¿Cw¿C
pGzwO°AAtmuπ⌡µAHK²z¿°AtmCz
²]wz DN PKXAtmxs²ΩΩwßAz"α
°ACYn¿tmAϕUCⁿG
1. Yn]wz DN PKXA 80y]wz DN PKXzñ
ⁿC
2. YntmΩwA 82ytmΩwzñⁿC
zw¿°AtmC
pGΘßn≤tmAi\ 79 12 , ytmzAotmuπ÷
ΩTC
pGwtmío⌠≤A\ 99 15 , y°zH
oΩTC
6 InstallShield GUI w 53
54 IBM Tivoli Directory Server: wPtmΓU
7 AIX íw IBM Tivoli Directory Server
ziHUC⌠≤@íAN IBM Tivoli Directory Server wb AIX WG
v SMIT]zQwΦkCΩT\ 56ySMIT wzC
v installpCΩT\ 57y installp iµⁿOµwzC
w IBM Tivoli Directory Server ºeATwzww DB2 8.1 í 2Cz
iH db2_install ⁿOwú DB2 C
pGzwO Web zuπAhPw@í°A]p WebSphere
Application Server - Express OCΩT\ 117² D, ywB
tmúw WebSphere Application Server - Express OzC
i: pGzQq SecureWay Directory 3.2.2 O IBM Directory Server 4.1 5.1
iµαA SMIT]\ 56ySMIT wzw IBM Tivoli
Directory ServerCblw IBM Tivoli Directory Server eA 29 5
, yqαzñAϕαC 29 5 , yqαz ñí
ϕzb AIX tW½swßAp≤αP≈Cbzlw IBM Tivoli
Directory Server 5.2 eAn≈PX⌡P°AtmC
:
1. πßM°An X11 ⌠Cñúhún X11 D
IBM Tivoli Directory Server ßP°ACYún X11 DßA
hOwpßAΣñú IBM Tivoli Directory Server Client Runtime
(ldap.client.rte) P IBM Tivoli Directory Server Client SDK (ldap.client.adt)C
Yún X11 D°AAhúw IBM Tivoli Directory Server tmu
π (ldapxcfg)Cldapxcfg ≤ ldap.server.cfg ñC
2. pGzúnw\αAKún[HwCziHw IBM Tivoli Directory
Server 5.2 Global Security Kit (GSKit) ú SSLC
3. pGznN IBM Tivoli Directory Server wb RS/6000® SP™ ⌠ñYIA
bzlwºeA²\ywb RS/6000 SP ⌠ñYIºezC
÷ AIX @twPⁿOΩTA\@t AIX wΓ
UC
wb RS/6000 SP ⌠ñYIºe
: uϕznb RS/6000 SP ⌠ñYIWiµwA"αΩTC
pGznN IBM Tivoli Directory Server wb RS/6000 SP ⌠ñYIAz
²sWMs uεu@x (CWS)vñAUCBJQ
/var/sysamn/supper update ⁿOANªV&IWG
1. N ldap Ms sW CWS ñCpG
mkgroup id=300 ldapmkuser id=300 ldapchgrpmem -m + ldap ldap
© Copyright IBM Corp. 1998, 2003 55
: B ID Ms ID dCziHw∩z⌠t∩
ID Ps IDAOtw]C
2. ú ldap l²C
rm -rf /home/ldap
3. HsPs ≤s RS/6000 SP IC
/var/sysamn/supper update
bzwgiHlb RS/6000 SP IWwPtm IBM Tivoli Directory ServerC
SMIT w
Yn SMIT w IBM Tivoli Directory ServerA⌡µUC@G
1. H root ¡≈nJC
2. Nt IBM Tivoli Directory Server 5.2 *íJ CD-ROM *≈ⁿ*A
z tar ²C
3. bⁿOúeñAΘJUCrΩG
smit install
÷ Enter ΣCXunΘwP@v°íC
4. ÷@UwP≤snΘCXuwP≤snΘv°íC
5. ÷@UqinΘwP≤sC
6. ÷@UnΘΘJm/²µCC
7. ∩Aϕ CD-ROM *≈t IBM Tivoli Directory Server M²C
8. NσnwnΘC⌡µUCΣñ@G
v ΘJ ldap Hw ldap ]O ldap.server ldap.clientGpGA
ϕC
v ÷@UMµAHCX*ñAA∩zQwA]AU
úP IBM Tivoli Directory Server TºC
: w]ASMIT AIX tñtmyÑAwTºC
pGz∩C∩AhzG
> ldap.client ALL5.2.0.0 Directory Client Runtime (No SSL)5.2.0.0 Directory Client SDK
> ldap.html.en_US ALL5.2.0.0 Directory HTML Install/Config Gd-U.S. English5.2.0.0 Directory HTML Man Pages - U.S. English
> ldap.server ALL5.2.0.0 Directory Server Config5.2.0.0 Directory Server Framework (No SSL)5.2.0.0 Directory Server Java5.2.0.0 Directory Server Runtime
> ldap.webadmin ALL5.2.0.0 Directory Administrative Interface
: ldap.html M≤HyÑúPCldap.html.en_US M≤uO@@dC
56 IBM Tivoli Directory Server: wPtmΓU
∩zQwAA÷@UTwC
9. ÷@UTwCYπzTwHTºC
10. ÷@UTwwC
11. dΘXwKnATwQwnC
12. ÷@U¿C
13. Yn⌠ SMITA÷ F12A÷@U°A!ⁿOúεCYnτ
IBM Tivoli Directory Server Oww¿\AbⁿOúUΘJG
lslpp -L | grep ldap
bΘXGñACXH ldap YCo≈Mµ]A°AB
ßBHTML TºCpG
ldap.client.adt 5.2.0.0 C Directory SDKldap.client.rte 5.2.0.0 C Directory Clientldap.html.en_US.config 5.2.0.0 C Directory HTMLldap.html.en_US.man 5.2.0.0 C Directory HTML manldap.msg.en_US 5.2.0.0 C Directory Messagesldap.server.cfg 5.2.0.0 C Directory Serverldap.server.java 5.2.0.0 C Directory Serverldap.server.com 5.2.0.0 C Directory Serverldap.server.rte 5.2.0.0 C Directory Serverldap.webadmin 5.2.0.0 C Directory Administrative
14. pGzQ]tw\αAw GSKit 7aC\ 59yw GSKitzC
:
1. pGzw Web zuπADSML ]szqúWCpwtm
DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
2. pGzw Web zuπAhn@í°A]p WebSphere Application
Server - Express O⌡µuπCpwtmí°A÷Ω
TA\ 117² D, ywBtmúw WebSphere Application
Server - Express OzC
installp iµⁿOµw
: pGzQq SecureWay Directory 3.2.x IBM Directory Server Y
iµαA 56ySMIT wzñⁿw IBM Tivoli Directory
ServerC
YnqⁿOúw IBM Tivoli Directory ServerG
1. H root ¡≈nJC
2. Nt IBM Directory 5.2 *íJ CD-ROM *≈ⁿ*AOz
tar ²C
3. Mwzn IBM Tivoli Directory Server M≤CΣM≤pUG
v pGO°APßAM≤W ldap.serverC
v pGuOßAM≤W ldap.clientC
v pGO Web zuπAhM≤WKO ldap.webadminC
v M≤WúO ldapA]ATºMσ≤yÑC
4. MwnTºMσ≤yÑCYndiyÑAΘJUCⁿ
OG
7 AIX íw IBM Tivoli Directory Server 57
installp -ld /dev/cd0 | grep ldap
πiw IBM Tivoli Directory Server M≤MµC
HUOⁿΩyMM≤dG
ldap.html.en_US.manldap.msg.en_US
5. bⁿOúUΘJUCⁿOAHwnM≤G
installp -acgXd /dev/cd0 packages
ΣñG
v -a NϕMC
v -c NϕTwC
v -g Nϕw]pnC
v -X NϕW[tí]pnC
v -d NϕmC
v packages OznwºM≤WM≤WMµC
dG
pGunw IBM Tivoli Directory Server °AMßAΘJG
installp -acgXd /dev/cd0 ldap.server
Ynw IBM Tivoli Directory Server ]]AC@iyÑ
TºAΘJG
installp -acgXd /dev/cd0 ldap
6. w¿Atú@≈wKnCτuGvµOπⁿJ
úwQ¿Cz]iHbⁿOúeñAΘJUCⁿOAτ IBM Tivoli
Directory Server Oww¿\G
lslpp -L | grep ldap
bΘXGñACXH ldap YCo≈Mµ]A°ABß
BWeb zuπBHTML TºCpG
ldap.client.adt 5.2.0.0 C F Directory SDKldap.client.rte 5.2.0.0 C F Directory Client Runtimeldap.server.cfg 5.2.0.0 C F Directory Server Config GUIldap.server.com 5.2.0.0 C F Directory Server Frameworkldap.server.java 5.2.0.0 C F Directory Server Javaldap.server.rte 5.2.0.0 C F Directory Server Runtimeldap.webadmin 5.2.0.0 C F Directory Administrative
7. pGzQ]tw\αAw GSKit 7aC\ 59yw GSKitzC
:
1. pGzw Web zuπADSML ]szqúWCpwtm
DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
2. pGzw Web zuπAhn@í°A]p WebSphere Application
Server - Express O⌡µuπCpwtmí°A÷Ω
TA\ 117² D, ywBtmúw WebSphere Application
Server - Express OzC
58 IBM Tivoli Directory Server: wPtmΓU
w GSKitpGzwO IBM Tivoli Directory Server SSL Azw GSKit "α
Qw\αCziH SMIT installpC
Yn SMIT wG
1. bⁿOµΘJ smit HKIs SMITC
2. ∩nΘw&@C
3. ∩wM≤snΘC
4. ∩qinΘwP≤sC
5. bm/²°íñAⁿwtiwnΘ²C
6. qh½∩Mµñ∩ gskta M≤M gsksa M≤C
7. ∩nwºnΘM≤C
8. qu∩v°íñ∩AXw≥nD∩C
: Nwn°≤∩]OC
9. Tzn¿wC
installp ⁿOiwewM≤ñinΘúCYn installp wGSKitAbⁿOúñΘJUCⁿOG
installp -acgXd gskta.rteinstallp -acgXd gsksa.rte
Σñ
v -a NϕM
v -c NϕTw
v -gGwTw⌠≤nΘúC
v -X it]pnC
v -d NϕmCoOⁿwwCΘbC
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
]w AIX @tt
ikeyman GUI ]w¡⌠A²ú]A JAVA_HOMECYnF ikeyman p≤]
wΣ⌠AsΦ /usr/opt/ibm/gsksa/bin/gsk7ikm-64 C
z]wUC AIX Aikeyman "α⌡µGJAVA_HOME=locationAΣñ location
JDK 1.3.1 1.4.1 wmC
: pGúz]w JAVA_HOMEAziH]wtw Java ]t≤ IBM
Directory Server Java CpGz IBM Directory Server Azn
]w LIBPATH ⌠pUG
export LIBPATH=/usr/ldap/java/bin:/usr/ldap/java/bin/classic:$LIBPATH
7 AIX íw IBM Tivoli Directory Server 59
ú GSKitn SMIT ú GSKitG
1. bⁿOµΘJ smit HKIs SMITC
2. ∩\αϕñnΘwP@C
3. ∩nΘ@MíC
4. bu@v°íñA∩úwwnΘAHuúnΘúv°íC
5. ΘJM≤W
6. NúnΘH X]OAⁿtú≤znúºúnΘú
M≤sC
7. T¿M≤ú@C
Yn installp ú GSKitAbⁿOúUΘJG
installp -u -g -V2 gskta.rteinstallp -u -g -V2 gsksa.rte
Σñ
v -uGNⁿwnΘHΣ⌠≤ww≤sqtñúC
v -gGúⁿwnΘC
v -V2G÷r/LX FAILURES M WARNINGS MµC
60 IBM Tivoli Directory Server: wPtmΓU
8 Linux íw IBM Tivoli Directory Server
ñⁿO]zH root ¡≈nJAB IBM Tivoli Directory Server 5.2 *
wⁿb /SD_CDROM ñC
i: pGzww SecureWay Directory 3.1.1.5B3.2B3.2.1 3.2.2 AO IBM
Directory Server YABzQαΩA÷ 29 5 , yq
αzñⁿw IBM Tivoli Directory Server 5.2Cbzlw IBM Tivoli
Directory Server 5.2 eAn≈PX⌡P slapd32.conf C
w IBM Tivoli Directory Server
: blw IBM Tivoli Directory Server ºeAz²ú²ewwº⌠≤
LDAP CpGzb LDAP Ww IBM Tivoli
Directory ServerAIBM Tivoli Directory Server NLkTwCpGoípA
z²ú IBM Tivoli Directory Server MßA½swC\ 95y
úw IBM Tivoli Directory ServerzC
í*@tww]w LDAP YCP²eSw LDAP
Φkº@ANOoXUµⁿOdwwM≤G
rpm -qa | grep -i ldap
oⁿOMΣ⌠≤tW ldap wwíCLDAP íW
ñt “ldap” rΩAoΦk"αC
w IBM Tivoli Directory Server ºeATwzww DB2 7.2 í 5
≤sCziH db2_install ⁿOwú DB2 (8.1 í 2) C
pGzwO Web zuπAhw@í°A]p WebSphere
Application Server - Express OCΩT\ 117² D, ywB
tmúw WebSphere Application Server - Express OzC
UCM≤úF Linux @t IBM Tivoli Directory ServerC
xSeries Linux M≤G
v ldap-serverd-5.2-1.i386.rpm
v ldap-clientd-5.2-1.i386.rpm
v ldap-msg-xxx-5.2-1.i386.rpm ]Σñ xxx OyÑOXC
v ldap-html-xxx-5.2-1.i386.rpm ]Σñ xxx OyÑOXC
v ldap-webadmind-5.2-1.i386.rpm
zSeries Linux M≤G
v ldap-serverd-5.2-1.s390.rpm
v ldap-clientd-5.2-1.s390.rpm
v ldap-msg-xxx-5.2-1.s390.rpm ]Σñ xxx OyÑOXC
v ldap-html-xxx-5.2-1.s390.rpm]Σñ xxx OyÑOXC
© Copyright IBM Corp. 1998, 2003 61
v ldap-webadmind-5.2-1.s390.rpm
iSeries P pSeries Linux M≤G
v ldap-server-5.2-1.ppc.rpm
v ldap-client-5.2-1.ppc.rpm
v ldap-msg-xxx-5.2-1.ppc.rpm]Σñ xxx OyÑOXC
v ldap-html-xxx-5.2-1.ppc.rpm]Σñ xxx OyÑOXC
v ldap-webadmind-5.2-1.ppc.rpm
: Linux Intel M≤dC
Ynw IBM Tivoli Directory ServerA⌡µUC@G
1. bⁿOúñAΘJUCⁿOwßG
rpm -ihv ldap-clientd-5.2-1.i386.rpm
2. bⁿOúUΘJUCⁿOAHw°AG
rpm -ihv ldap-serverd-5.2-1.i386.rpm
3. bⁿOúUΘJUCⁿOAHτM≤OwTG
rpm -qa | grep ldap
pGúwQ¿wAKXUµG
ldap-clientd-5.2-1ldap-serverd-5.2-1
4. bⁿOúUΘJUCⁿOAHw°yÑwTºσ≤G
rpm -ihv ldap-msg-xxx-5.2-1.i386.rpmrpm -ihv ldap-html-xxx-5.2-1.i386.rpm
5. pGzQ]tw\αAw GSKit 7aC\yw GSKitzC
Ynw Web zuπG
1. bⁿOúñΘJUCⁿOG
rpm -ihv ldap-webadmind-5.2-1.i386.rpm
:
a. pGzw Web zuπADSML ]szqúWCpwtm
DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
b. pGzw Web zuπAhn@í°A]p WebSphere
Application Server - Express O⌡µuπC\ 117² D,
ywBtmúw WebSphere Application Server - Express OzAH
owtmí°A÷ΩTC
w GSKitpGzQb Linux @tWwnΘM≤ gsk7bas.tarAiUCΩTCziHzL
ⁿOµwM≤C
Linux ¡xW GSKit 7a M≤WpUG
xSeries LinuxGrpm -ihv gsk7bas-7.0-1.0.i386.rpm
62 IBM Tivoli Directory Server: wPtmΓU
zSeries Linux:gsk7bas-7.0-1.0.s390x.rpm
iSeries M pSeries LinuxGgsk7bas-7.0-1.0.ppc32.rpm
Ynw rpm w GSKitAUCΣñ@ⁿOG
v Ynwbw]m /usr/localAH root ¡≈nJAbⁿOúUΘJUCⁿOG]o d xSeries Linux M≤WC
rpm -ihv gsk7bas-7.0-1.0.i386.rpm
v YnwbⁿwmATwz∩²πgJvAMß÷pU --noscripts
XG
rpm -ihv --prefix new_location gsk7bas-7.0-1.0.i386.rpm --noscripts
Σñ new_location znw⌠CpG
rpm -ihv --prefix /tmp/usr gsk7bas-7.0-1.0.i386.rpm --noscripts
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
ú GSKitnú GSKitAbⁿOúΘJUCG
rpm -evv gsk7bas-7.0.1
Σñ
v -evv iⁿwúhM≤AπúΩTCpGzúnlúΩTAu-eC
8 Linux íw IBM Tivoli Directory Server 63
64 IBM Tivoli Directory Server: wPtmΓU
9 Solaris íw IBM Tivoli Directory Server
ñⁿO]zH root ¡≈nJAB CD-ROM *≈ñw IBM Tivoli
Directory Server 5.2 *C
i: pGzww SecureWay Directory 3.2.x IBM Directory Server Y
AzQαΩA÷ 29 5 , yqαzñⁿw IBM
Tivoli Directory Server 5.2Cbzlw IBM Tivoli Directory Server 5.2 ºeA
n≈PX⌡P ibmslapd.confC
w IBM Tivoli Directory Serverw IBM Tivoli Directory Server ºeATwzww DB2 7.2 í 5
≤sCziH db2_install ⁿOwú DB2 (8.1 í 2) C
pGzwO Web zuπAhw@í°A]p WebSphere
Application Server - Express OCΩT\ 117² D, ywB
tmúw WebSphere Application Server - Express OzC
ziHqⁿOúñA admintool í pkgaddAw IBM Tivoli
Directory ServerC
: pGzúnw\αAKún[HwCziHw Global Security Kit
(GSKit) ú SSLC
UCⁿO]zq CD-ROM *≈iµwC
M≤÷Y
HUOiw IBM Tivoli Directory Server M≤G
v IBMldapcGIBM Tivoli Directory Server ß
v IBMldapsGIBM Tivoli Directory Server °A
v IBMldixxxGIBM Tivoli Directory Server íσ≤]Σñ xxx OyÑOX
v IBMldmxxxGIBM Tivoli Directory Server Tº]Σñ xxx OyÑOX
v IBMldapw: IBM Tivoli Directory Server Web zuπ
: IBMldaps]°AM≤wσTºCSσOTºM
≤C
≤M≤÷YAwD½nCUCwM≤G
1. ß
2. °A
3. σ≤MTº
pGzunwßnΘA÷UCiµwG
1. ß
© Copyright IBM Corp. 1998, 2003 65
2. σ≤MTº
ú²wßM≤AKLkiµwC
: ≤ Web zuπM≤MΣL⌠≤M≤íúAM≤wzM
wC
tWuD IBM LDAPvb Solaris Operating Environment Software 8 9 Ww°AßAb
7 Ww°AAziαoUCTºG
ztWw@D IBM LDAPCFⁿOµ IBM úA]ldapaddBldapdeleteBldaplistBldapmodifyBldapmodrdnBldapsearch½s±mCⁿwnα@s²(/usr/bin/ldapsparc) [?,q]
÷U Enter Σⁿw]² (/usr/bin/ldapsparc)AΘJs⌠WAMßA÷
Enter ΣAΘJ q MßA÷ Enter ΣhXC
½s±mo ßAziαHUΣlTºG
## BztΩTCWARNING: /usr/bin/ldapadd <úAO>WARNING: /usr/bin/ldapdelete <úAO>WARNING: /usr/bin/ldapmodify <úAO>WARNING: /usr/bin/ldapmodrdn <úAO>WARNING: /usr/bin/ldapsearch <úAO>## τM≤C## τí≥nDC## dOPwwM≤≡CUCwwbtWAt@M≤G/usr/bin/ldapadd/usr/bin/ldapdelete/usr/bin/ldapmodify/usr/bin/ldapmodrdn/usr/bin/ldapsearch
znwo≡ [y,n,?,q]
ΘJ yAA÷ Enter Σ≥wCz²eⁿw²ñAB IBM
Tivoli Directory Server wb /usr/bin ²ñC
AdminTool w
Yn admintool íw IBM Tivoli Directory ServerG
1. b root ⁿOúñAΘJUCⁿOGadmintool&
oπuv°íC
2. ÷@Us² —> nΘCXunΘv°íC
3. ÷@UsΦ —> sWCXu]wCΘv°íC
i : !÷Uu]wCΘv°í¬UñqCpGz÷UqA
AdminTool wKεC≤ LDAP S⌠≤iq∩A]ún÷U
qC
4. ∩teΘz CDCCD-ROM ⌠w] /cdrom/cdrom0/
5. (½⌠ /cdrom/cdrom0/ldap52_usAMß÷@UTwC
6. ÷@UTwC
7. qUCiwM≤Mµñ∩@M≤G
66 IBM Tivoli Directory Server: wPtmΓU
IBM Tivoli Directory Client
IBM Tivoli Directory Server
IBM Tivoli Directory íσ≤]A≤yÑ
IBM Tivoli Directory Tº]A≤yÑ
IBM Tivoli Directory Webadmin
Oo²wßM≤C\ 65yM≤÷YzAHoTw
C
8. ÷@UsWC
9. wízOn /opt ≥²CpGí\iA /opt
≥w²CYnⁿ /opt ≥²A÷ Enter ΣC
:
a. wßM°AM≤AtúzUCNGM≤ñ]tFb
M≤wñANW\iv⌡µ ScriptCo Script
! IBM Tivoli Directory Server IDCΘJ yA≥@C
b. pGzbw°AM≤A]UCúGznNow¿
setuid/setgid H ΘJ yA≥@C
wnM≤ºßAXnΘ°íC
10. w∩znwΣLUM≤A½BJ 667 9CϕzwUM≤ßA
∩ —> ⌠⌠ admintool íC
11. pGzQ]tw\αAw GSKit 7aC\ 69yw GSKitzC
:
1. pGzw Web zuπADSML ]szqúWCpwtm
DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
2. pGzw Web zuπAhn@í°A]p WebSphere Application
Server - Express O⌡µuπC\ 117² D, ywBtm
úw WebSphere Application Server - Express OzAHowtm
í°A÷ΩTC
pkgadd iµⁿOµw
YnqⁿOúw IBM Tivoli Directory ServerA⌡µUC@G
1. ⁿ CD-ROM tar º²²C
2. bⁿOúUAw∩C@M≤ΘJUCⁿOAHwM≤G
pkgadd -d pkgfilename
Σñ pkgfilename OnwM≤WC!tw]Ch]t
LkTwM≤LkiµwC
UϕπiM≤CpGznw°AAz²wßM≤AMßAw
°AM≤CAziHH≈wíσ≤BTºM Web zuπC
ϕ 1. A≤ Solaris IBM Directory Server M≤
M≤ M≤W W
IBM Tivoli Directory Client IBMldapc ldap.client_rted.pkg
IBM Tivoli Directory Server IBMldaps ldap.server_rted.pkg
9 Solaris íw IBM Tivoli Directory Server 67
ϕ 1. A≤ Solaris IBM Directory Server M≤ (≥)
M≤ M≤W W
IBM Tivoli Directory íσ≤ IBMldixxx ldap.man.xx_XX.pkg
IBM Tivoli Directory Tº IBMldmxxx ldap.msg.xx_XX.pkg
IBM Tivoli Directory Webadmin IBMldapw ldap.webadmin_rted.pkg
xxx M xx_XX OSwyÑOXC
: IBMldaps]°AM≤wσTºCSMw∩σTº
M≤C
dG
v YnwßM≤AΘJG
pkgadd -d ldap.client_rted.pkg
v Ynw°AM≤AΘJG
pkgadd -d ldap.server_rted.pkg
v Ynwíσ≤M≤AΘJG
pkgadd -d ldap.man.xx_XX.pkg
v YnwTºM≤AΘJG
pkgadd -d ldap.msg.xx_XX.pkg
v Ynw Web zuπM≤AΘJG
pkgadd -d ldap.webadmin_rted.pkg
:
a. pGzw Web zuπADSML ]szqúWCpwt
m DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
b. pGzw Web zuπAhn@í°A]p WebSphere
Application Server - Express O⌡µuπCpwtm
í°A÷ΩTA\ 117² D, ywBtmúw
WebSphere Application Server - Express OzC
3. bwíAwízOn /opt ≥²CpGí\iA
/opt ≥w²CYnⁿ /opt ≥²A÷ Enter ΣC
:
a. bwßM°AM≤AtúzUCdGM≤ñtbM≤
wñANW\iv⌡µ ScriptCzn≥wHo
Script ! IBM Tivoli Directory Server IDCΘJ y ≥C
b. pGzbw°AM≤AτUCúGznNow¿ setuid
P]setgid H o íα≈níB⌡µ DB2 ⁿOH
! IBM Tivoli Directory Server DB2 Ω ID s A]ª
nH root ¡≈⌡µCΘJ y ≥C
4. wnºßAΘJ qA!ⁿOúC
5. pGzQ]tw\αAw GSKit 7aC\ 69yw GSKitzC
68 IBM Tivoli Directory Server: wPtmΓU
w GSKitziH AdminTool ⁿOµw GSKit 7aC
Yn admintool íw GSKitA⌡µUC@G
1. H root ¡≈nJC
2. b root ⁿOúñAΘJUCⁿOGadmintool&
oπuv°íC
3. ÷@Us² —> nΘCXunΘv°íC
4. ÷@UsΦ —> sWCXu]wCΘv°íC
5. b⌠µñAΘJ GSKit wíXb²π⌠WCpAYzq
CD-ROM wG
/cdrom/cdrom0/gskit
6. ÷@UTwC
7. ∩M SSL Base Runtime (gsk7bas)
8. ÷@UsWCNzOn≥wC
9. ΘJ y ÷ Enter ΣCbwM≤ßAX@hTºAⁿz÷U Return ΣC
10. ÷ Enter ΣC
11. ϕzwUM≤ßA÷@U —> ⌠⌠ admintool íC
nⁿOµw GSKitG
1. íJ CDC
2. H root ¡≈nJC
3. bⁿOúñAUCⁿOw tar G
pkgadd -d /cdrom/cdrom0/gskit
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
ú GSKitnú GSKitAbⁿOúΘJUCG
pkgrm gsk7bas
9 Solaris íw IBM Tivoli Directory Server 69
70 IBM Tivoli Directory Server: wPtmΓU
10 HP-UX íw IBM Tivoli Directory Server
i: pGzwgw IBM Directory ServerABQnαΩAbw IBM Tivoli
Directory Server 5.2 eA²\¬PΘ 41yq IBM Directory Server V4.1
5.1 for UNIX wαzñαCbzlw IBM Tivoli Directory Server
5.2 eAn≈PX⌡P°AtmC
w IBM Tivoli Directory Server ºe
UCUíp≤]wµtmMw IBM Tivoli Directory ServerCz²
]wetmA Java Runtime Environment 1.4.1 P DB2 7.2
í 5 ≤sAMß"αlw IBM Tivoli Directory ServerCziH
db2_install ⁿOwú DB2 (8.1 í 2) CYnw Java 2 Platform
1.4.1 HP-UX Runtime EnvironmentA Java M≤úⁿC
pGzwO Web zuπAhw@í°A]p WebSphere
Application Server - Express OCΩT\ 117² D, ywB
tmúw WebSphere Application Server - Express OzC
: blw DB2 eAz²ú⌠≤ww DB2 CpGzb
DB2 Ww DB2ADB2 NLkTwCpGooípAz
ú DB2 Mß½swC
]wµtm
Uϕtbzw IBM Tivoli Directory Server ºe]wPC
ϕ 2. HP-UX @ttm
256MB+ ΩΘOΘ
maxuprc 512
maxfiles 256
nproc 1024
nflocks 8192
ninode 2048
nfile (4 * ninode)
msgseg 32767
msgmnb 65535 (1)
msgmax 65535 (1)
msgtql 1024
msgmap 258
msgmni 256
msgssz 16
© Copyright IBM Corp. 1998, 2003 71
ϕ 2. HP-UX @ttm (≥)
256MB+ ΩΘOΘ
semmni 512
semmap 514
semmns 1024
semmnu 1020
shmmax 268435456 (2)
shmseg 16
shmmni 300
max_thread_proc]u¡ Web zuπ 1024
maxusers]u¡ Web zuπ 256
: bz≤s max_thread_proc maxusers ºßATw nproc w]¿ 2068
HWAB nkthread ]]¿ 3635 HWC
Yn]wtmG
1. bⁿOúUAΘJ sam
YutzívC
2. ÷ΓUtmC
3. ÷ΓUitmC
4. ÷ΓUznsΦAMßbΘJsí/µñΘJsC÷@UTwC
5. w∩C@]w½BJ 4C
6. ÷@U@ —> BzsC
7. Yniµ∩A÷@UOC
8. ∩NJwY÷≈/½s≈AMß÷@UTwC
w IBM Tivoli Directory Serverblw IBM Tivoli Directory Server ºeAú²ewwº⌠≤D IBM
LDAPCpGzbD IBM LDAP]p OpenLDAPWw IBM Tivoli
Directory ServerAIBM Tivoli Directory Server iαLkTwCpGoípA
z²ú IBM Tivoli Directory ServerAMßA½swC\ 95yú
w IBM Tivoli Directory ServerzC
bw IBM Tivoli Directory Server ºeA²Twz]wtmLA
ww Java Runtime Environment 1.4.1 M DB2 7.2 í 5 ≤sC
ñⁿO]zH root ¡≈nJAB IBM Tivoli Directory Server 5.2 *
wⁿb /SD_CDROM ñC
Ynw IBM Tivoli Directory ServerA⌡µUC@G
1. bⁿOúUΘJ swinstallC
72 IBM Tivoli Directory Server: wPtmΓU
: swinstall ú¬*CznúwMπ⌠Cß-°A
M≤⌠O /SD_CDROM/ldap52_us/hpux11_ibmldap52servers.depotC
ziHwUCM≤G
°A/ß
hpux11_ibmldap52servers.depot
ß
hpux11_ibmldap52clients.depot
2. ∩znw IBM Tivoli Directory Server 5.2 M≤CziHbUCMµñ@∩
G
v LDAPServerGw°APßΓC
v LDAPClientGuwßC
v ids_tools iw Web zuπC
3. ÷@U@ —> iµwC
4. ÷@U@ —> w]RCϕu¼AvµπA*RYi¿C
5. ÷@UTwC
6. ÷@UOilwCϕϕu¼Avµπ¿AwYi¿C
7. ÷@U —> ⌠C
:
1. Yn SSLAz]w GSKitC\yw GSKitzC
2. pGzw Web zuπADSML ]szqúWCpwtm
DSML ÷ΩTA\ 123² F, ywPtm DSMLzC
3. pGzw Web zuπAhn@í°A]p WebSphere Application
Server - Express O⌡µuπCpwtmí°A÷Ω
TA\ 117² D, ywBtmúw WebSphere Application
Server - Express OzC
w GSKitziHzLⁿOµAOzLtz GUI í samAw GSKit M≤
(gsk7bas.tar.Z)C
Ynw GSKitG
1. Uⁿs GSKit M≤ /tmpC
2. ⌡µUCⁿOAH /tmp ²G
cd /tmp
3. úYM≤G
zcat gsk7bas.tar.Z | tar -xvf - cd
4. ⌡µUCⁿOHwG
swinstall -s /var/spool/pkg/gsk7bas gsk7bas
Σñ
v -sGnΘπ⌠ (full_path)C
v gsk7basGt Restricted GSKit Base Toolkit wMC
10 HP-UX íw IBM Tivoli Directory Server 73
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
]w HP-UX t
b .profile ñ]wUC⌠]τOw]wC
SHLIB_PATH=/usr/lib
pG
export SHLIB_PATH=/usr/lib;$SHLIB_PATH
Yn]wyÑΣ⌠A⌡µUCⁿOG
echo ’export NLSPATH=/usr/lib/nls/msg/%L/%N’ >>~/.profile
: Tw /.profile e@ ~ rC
ú GSKitnú GSKitAbⁿOú⌡µUCⁿOG
swremove gsk7bas
74 IBM Tivoli Directory Server: wPtmΓU
11 b Windows ¡xWLnw
íp≤LnwΦíAN IBM Tivoli Directory Server 5.2 wb
Windows qúWAHp≤q Windows WⁿOµAwúw GSKitC
Lnw
LnwOⁿbw IBM Tivoli Directory Server íAúnΘJC
bUC∩PípUAXiµLnwG
v ' 100 MB iOΘA"αIsLnwC
v zúPwßP°ACziH∩uwßC
v Lnwúw DB2BGSKit WebSphere Application Server - Express
OC
v Twb TEMP ⌠ⁿw²ñ'π 100 MB iíC
v pGznw°AAhww DB2C
v pGzwwßAibßwñsW°AC
v pGzb∩ñ∩nw°AAhwß]pGw
Aúzb∩ñO∩nwßC
v úOw°AßAiw Web zuπC
v YnsΦw⌠]wAN InstallServer.txt Aq optionsFile ²sigJ
mC
YnLnwΦílw IBM Tivoli Directory Server 5.2A⌡µUC@G
1. pGzOq*wAN*íJ CD-ROM *≈ñChA(½ IBM
Tivoli Directory Server UⁿúY²C
2. bⁿOúUAΘJUCⁿOG
cd \ismpconsoleSetup -is:silent -options d:\ismp\optionsFiles\InstallServer.txtΣñ d: O*≈úYb≈C
: YnⁿwΣLΘxAΘJG
consoleSetup -is:silent -options d:\ismp\optionsFiles\InstallServer.txt-log !c:\mydirectory\ldapinst.log @ALL
c:\mydirectory\ldapinst.log i∩ⁿVznΘxmCΘx#bw
²ñ !Cw]m C:\Program Files\IBM\LDAP\ldapinst.logC
: z consoleSetup.exe D setup.exeA]u consoleSetup.exe "
!!XC
3. Nw IBM Tivoli Directory Server Búni@BΘJCpGw]G⌠A
zi°!Xd installpath\ldapinst.log AHΣX÷⌠ΩTC
]installpath O IBM Tivoli Directory Server w⌠C
© Copyright IBM Corp. 1998, 2003 75
d .bat ñ %ERRORLEVEL% AHΣX!XC!XY 0Aϕw
wQ¿CY!XúOsAhϕwóC\yd!XzAo
!XMµC
ϕε!ⁿOµIsíAwKi¿C
pGwóAdHTwz∩]wⁿOµOC
4. wºßA½stCpGzbwΣLúAiHbAϕí½s
CpGww°AA²iµtm"α°ACziH ldapcfg ⁿOµíAHLnΦítmCΩT\ 88y ldapcfg
ízC
τLnw
YnτLnwOwQ¿AziHd!XMΘxC
Lnwó@δ]pUG
v wµ IBM Tivoli Directory ServerC
v úC°An DB2 C
v S¼≈íwC
v ∩úTCVsΦ∩CñúαµεrCpGw
⌠BSúΘxAqO]∩L]ptµAO]
ⁿw∩⌠úTC
dX%ERRORLEVEL% t!XCHUiα¼!XG
v 3001 ≥
v 3002 Java º¼p
v 3003 ∩Lnw\α
v 3004 whhCu\bµhWwµh
InstallShield íiα!ΣL!XC
dΘxYnQΘxτLnwOQ¿A⌡µUC@G
1. dΘxAib²ñΣCpGΣúΘxAϕwóA
ziH\t -log ∩ºLnwⁿOñⁿwΘxAHAwó]C
2. dΘxñO Exiting LdapExit rΩC
3. d Windows n²AHτwOw¿C°zw≤An²ñX
UCσrG
b HKEY_LOCAL_MACHINE\SOFTWARE\IBM\LDAP\ ñ
ClientMajorVersion 5.2ServerMajorVersion 5.2WebadminMajorVersion 5.2
b HKEY_LOCAL_MACHINE\SOFTWARE\IBM\LDAP\Client\ ñ
ClientMinorVersion 0.0LDAPHome install_location
b HKEY_LOCAL_MACHINE\SOFTWARE\IBM\LDAP\Webadmin\ ñ
76 IBM Tivoli Directory Server: wPtmΓU
WebadminMinorVersion 0.0LDAPHome install_location
b HKEY_LOCAL_MACHINE\SOFTWARE\IBM\LDAP\Server\ ñ
ServerMinorVersion 0.0LDAPHome install_location
Lnw∩
IBM Tivoli Directory Server ú∩πUCσrG
#Sample response file for the Server/Client package#(Lines beginning with # are comments)# Be sure there are no blank lines in this file!## The following 3 lines MUST be present, and NOT modified-silent-G createDirectoryResponse="yes"-G replaceExistingResponse="yesToAll"## install destination - this can be modified to install location-P product.installLocation="C:\Program Files\IBM\ldap"## Select the features to install. Note: if the server is selected, the# client will automatically be installed. To deselect a feature, set the# field to false.-P ServerFeature.active=true-P ClientFeature.active=true-P WebadminFeature.active=true################################################################################ Selected Locales## The list of selected locales. This list determines which locale-specific# components are installed for the product. Legal values are:## en - English# fr - French# de - German# it - Italian# ja - Japanese# ko - Korean# pt_BR - Portuguese (Brazil)# zh - Simplified Chinese# es - Spanish# zh_TW - Traditional Chinese## For example, to select English, use## -P selectedLocales=en###-P selectedLocales=en# This must be last line. Be sure no blank lines or carriage controls follow!# This must be last line. Be sure no blank lines or carriage controls follow!
ziHsΦUC@µAHⁿVw²G
-P product.installLocation="C:\Program Files\IBM\ldap"
pGzúQwY\αAisΦ\αµCpA-P WebadminFeature.active=true i
∩ -P WebadminFeature.active=falseAHⁿXzúQw IBM Tivoli Directory Server
Web zuπC
11 b Windows ¡xWLnw 77
ziHsΦUC@µAHⁿwTyÑ⌠G
-P selectedLocales=en
N en ∩¿zQwyÑC
b Windows @tWw GSKitpGzLnwΦíw IBM Tivoli Directory ServerAΦíúw
GSKitCziHUCw GSKitC
Ynw GSKit 7aA⌡µUC@G
1. bⁿOúUA≤ gsk7bas.exe b²ñΘJUCⁿOAHúY
GSKit ñG
gsk7bas.exe path /D
Σñ
v path Oßb²
v /D ϕzn !²
2. bzúY²ñA⌡µUCⁿOG
setup LDAP path -s -f1"extracted file location\setup.iss"
Σñ
v LDAP OzíWABb Windows n²ñ
SOFTWARE\\IBM\\GSK\\REGAPPS ≈XUAn²wn² GSK C
v path zn GSKit w⌠CNAwíbzΘJ⌠W[W
\ibm\gsk7C
: !÷U setup.exeC
i∩pUG
v -sGbLníU⌡µwC
v -f1extracted file location\setup.issGⁿwbLníU⌡µw!C
NA-f1 P extracted file location]ß±mmíúαµC
pG
setup LDAP gskit -s -f1"d:\temp\setup.iss"
pwºß]w GSKit ÷ΩTA\ 131² I, y]w GSKit HΣ
CMS ≈ΩwzC
ú GSKitYnú GSKitA⌡µUCⁿOG
gsk7BUI LDAP
78 IBM Tivoli Directory Server: wPtmΓU
12 tm
ziHtmuπ (ldapxcfg) ldapcfg ⁿOµíAtm°ACibⁿOµ ldapucfg útm°AC
z' 80 MB iwí"αiµtmΩwC
pGz InstallShield GUI iµwAhbw¿ß]YOb Windows t
WAhObwBt½sßAKtmuπC
w¿ßApGtm@AztmuπⁿOµtmí⌡
µUC@G
v wq IBM Tivoli Directory Server zOW (DN) PKXCziHNPb
UNIX tWwq root ID MKX@±C
v tmΩwC
: tm¿ºßA\ 93 13 , ybzwPtmºßzHoUC
U÷ΩTG
– °A
– pGzQ Web zuπA WebSphere Application Server - Express
OA
ziHb IBM Tivoli Directory Server 5.2 zΓUñΣΩTC
AziHtmuπ⌡µUC@G
v tm]½stmPútmΩw
v P≤Θx
v sWPúr
v sWPú⌡
v JPX LDIF Ω
v ≈BPΩw
: pGztmO UNIX ¼tAhqπ other ⌡µv²A⌡µtmí]ldapcfg M ldapxcfgCτYA²']w --------x \ivCY]w\ivAhbiµΩw !BJAziαTºABß
≥oóCYnµ²]w\ivAziΘJⁿOG
chmod o+x .
ⁿOñtyI ( . )AHNϕµ²C
IBM Tivoli Directory Server tmuπ (ldapxcfg)Yntmuπtm IBM Tivoli Directory ServerA⌡µUC@G
1. Y UNIX tAH root ¡≈nJCY Windows tAHuzvs
ñ⌠@nJC
© Copyright IBM Corp. 1998, 2003 79
2. bⁿOúñAΘJ ldapxcfgCApGOb Windows tWAziH÷@U
l —> í —> IBM Tivoli Directory Server 5.2 —> ²tmC
3. Xtmuπ°íC
: pGzO Windows ¡xA!NbtmíXutmuπv
°íAⁿOú°íYpAHKoLkwGC
b¬Σ@MµñA÷@UzQ⌡µ@C÷⌡µ@íA\UC
UG
]w≤z DN PKX
\y]wz DN PKXzC
tmΩw
\ 82ytmΩwzC
útmΩw
\ 83yútmΩwzC
tmútm≤Θx
\ 83y≤ΘxzC
zr
\ 84yzrzC
z⌡
\ 84yz⌡zC
J LDIF Ω
\ 85yJ LDIF ΩzC
X LDIF Ω
\ 86yX LDIF ΩzC
≈Ωw
\ 87y≈ΩwzC
Ωw
\ 87yΩwzC
Ωw
\ 87yΩwzC
4. bz¿tm@ßA÷¼tmuπC
]wz DN PKX
Yn]wz DN MKXG
1. b IBM Tivoli Directory Server tmuπñA÷@U¬@Mµñz DN/KXC
2. bkuz DN/KXv°íz DN µñAΘJ@ DN]
ⁿw] DNGcn=rootC
IBM Directory Server z DN O²z DNCozNO∩
≤²ñΩππsvC
w] DN cn=rootCDN ú*jpgCpGzú⌠x X.500 µíAO]Y
zúQwqs DNAiHⁿw] DNC
80 IBM Tivoli Directory Server: wPtmΓU
3. bzKXµñΘJz DN KXCzwq@KXCKX*j
pgC
OUKXHKΘßC
4. bTKXµñ½sΘJKXC
5. ÷@UTwC
: bKXñúΣ r (DBCS) rC
tmútmΩw
bztmΩwAtmuπbtm (ibmslapd.conf) ñsW÷xs²Ω
ºΩwΩTCApGΩwúsbAhtmuπ !ΩwC
:
1. btmΩwºeATw]w⌠ DB2COMMC
2. ²ε°Aß"αtmútmΩwC
ϕzútmΩwAtmuπNΩwΩTqtmñúC°z∩
wAiατRúΩw]PΣñΩAHútΩwΩC
bztmºeG DB2 ΩwMΩwΩ
bztmΩwºeA∩xs²Ωº DB2 ΩwA !@
IDCzⁿw IDAN DB2 ΩwbΩwΩAB
DB2 ΩN≤l²ñC
: pGzQnúPΩwΩWA ldapcfg ⁿOP -t ∩tmΩwCΩT\ 88ytmΩwzC
ID úoWL 8 rCG
v b Windows ¡xWAOuzvs ñ¿C
v b UNIX ¡xWG
– @l²ABOl²C
– l²s vOw DB2 DB2 s Cb AIX M Solaris
ñAos WqO dbsysadmCb zSeries Linux ñAos Wq
O db2iadmCpAbW ldapdb2 ípñA ID l
² AIX M Solaris ñ ldapdb2:dbsysadm AO zSeries Linux W
ldapdb2:dbsysadm C
bztmΩwA s iααDns δTB@C
íA]b Linux ñDns usersAhiαoDCpGzQTwDns OαB@Ab Linux W otherC
root OºDns ñ¿CpG root Ds ñ¿AsW root H¿s ¿C
– ozQGAnJ Shell Korn Shell Script (/usr/bin/ksh)C
– KX]wTBwiCpAKXúαLAbÑ⌠
≤í@τC]τKXO]wTnkAO Telnet P@q
úAα¿\aH ID KXnJC
– bztmΩwA÷D@w²DWⁿw ID l²Ωw
mCúLApGz∩ⁿwΣLmAl²# 3 4 MB i
12 tm 81
íCoO] DB2 !bΩ]τYAl
²ñsWAYΩw¡ObOBCpGl²ñíú¼Azi
H !¼≈íAOⁿwt@²l²C
tmΩwYntm²ΩwG
1. btmuπñA÷@U¬@MµñtmΩwC
2. tmuπPzOwΩwCpGzwtm@Ωw]τYAtm
ñwΩwΩTAhtmuπúzΘJnp≤ΩTCpApGzw
tmΩwA²obtñΣúΩwAziH∩HtmñⁿwW
!@ΩwC°íñΩTAtmΩwC
°zOwΩwwAπUCí≈°íC
3. YnD ID KXG
a. b ID µñΘJ IDCo ID sbAz"αt
mΩwCzb 81ybztmºeG ! DB2 ΩwM
ΩwΩz ñ ! IDC]bñpG ID ús
bh !A²bhúC
b. bKXµñAΘJKXCKX*jpgC
c. ÷@UU@BC
4. YnDΩwWG
a. ΘJznw DB2 ΩwWCW°i 1 8 rCΩw
N !bM ID PWΩñC
: pGzQnúPΩwΩWA ldapcfg ⁿOP -t ∩tmΩwCΩT\ 88ytmΩwzC
b. ÷@UU@BC
5. YnDΩwmG
a. bΩwmµñAΘJΩwmCY Windows ¡xAhO@
≈NCY Windows H¡xAmO@²WA
O /home/ldapdb2C
Twzⁿwmñ' 80 MB iwíABt@ í
i²ñXWsC
b. ÷@UU@BC
6. YnDr∩G
a. ÷@UzQ !ºΩw¼CziH ! UCS α½µí (UTF-8) Ω
w] LDAP ßxs UTF-8 rΩA !rXΩw]
rXΩwC
pGznyÑAΩwO UTF-8 ΩwC÷ UTF-8
ΩTA\ 127² H, yUTF-8 ΣzC
b. ÷@UU@BC
7. bτ°íñAπzⁿwºtm∩÷ΩTCYn!²e°í
H≤ΩTA÷@UW@BCYnltmA÷@U¿C
8. X¿°íC÷@U÷¼C
82 IBM Tivoli Directory Server: wPtmΓU
útmΩwYnútmΩwG
1. btmuπñA÷@U¬@MµñútmΩwC
2. buútmΩwv°íñA÷@UUC@G
uútm
úa⌠≤ LDAP DB2 ΩCúLANΩwtmΩTqt
m (ibmslapd.conf) ñúAΩwNLks²°AC
útmaΩw
úΩwPΣeANΩwtmΩTqtmñúC
útmaΩwAHRúΩ
úΩwPΣeANΩwtmΩTqtmñúAH
RúΩwbΩC
i: baΩeATwΩñLnOdΩwC
3. ÷@UútmC
≤Θx
≤ΘxΩwO²σ¼ LDAP c]ΣizL LDAP API ñ⌡
²≤C≤ΘxñO²F≤s@GaddBdeleteBmodify P
modrdnC≤Θxi² IBM Tivoli Directory Server ßíw∩ IBM Tivoli
Directory Server Ωw@ ≤CAßYi≤sΣsΩ
C
ziHtmuπ≤ΘxC
: ²ε°Aß"α≤ΘxC
≤ΘxYn≤ΘxG
1. btmuπñA÷@U¬@Mµñtm/útm≤ΘxC
2. butm/útm≤Θxv°íñA∩≤ΘxΩw∩C
3. pGzQ²≤Θxúⁿ¡εAbΘxW¡ñ÷@Uú]¡ C
pGzQ¡εA÷@UAAΘJnO²W¡Cw]
1,000,000 C
4. pGznL¡εaOdb≤ΘxñAb°Od¡Φñⁿw]ú
]¡A÷@UOd¡ΘJCnOdΘPpC
5. ÷@U≤sC
≤ΘxYn≤ΘxG
1. btmuπñA÷@U¬@Mµñtm/útm≤ΘxC
2. butm/útm≤Θxv°íñAMú≤ΘxΩw∩C
3. ÷@U≤sC
12 tm 83
zr
r]τRWσO@OW (DN)AiO≤Odº²Ñhñ
C≤ LDAP ñ∩RWtmAo DN ]OCΣLb²
ÑhñrC²°AihrACrUNϕ@Od²Ñ
hFpAo=ibm,c=usC
: XrSwsW²ñC
sW²ñΣrX DN AOGou=Marketing,o=ibm,c=usCpGd
ñrAMtmΩw⌠≤rúAhNdαw]α
O LDAP °ACpGⁿw LDAP w]αAh!½≤úsbGC
: ²ε°Aß"αsWúrC
sWr
YnsWrG
1. btmuπñA÷@U¬@MµñzrC
2. buzvr°íñAΘJzQb SuffixDN µñsWrAA÷@UsWC
3. ϕzsWznrßA÷@UTwC
: bz÷UsWArYsWµr DN MµñFúLAbz÷UTweAΩWNrsW²C
úr
YnúrG
1. btmuπñA÷@U¬@MµñzrC
2. buzrv°íñA÷@Uµr DN ñzQúrAA÷@U
úC
3. ϕz∩znúrßA÷@UTwC
: ϕz÷@UúArYqµr DN MµñúFúLAbz÷UTweAΩWúrC
z⌡
ziHtmuπ⌡µUC⌡@G
v sW⌡uNbⁿJ⌡vMµñ
v NY⌡quNbⁿJ⌡vMµñú
v ≤⌡τd¼
: ²ε°Aß"αsWú⌡C
sW⌡YnsW⌡uNbⁿJ⌡vMµñG
1. btmuπñA÷@U¬@Mµñz⌡C
2. buz⌡v°íñAΘJzQbⁿJº⌡⌠PWC]
Ai÷@Us²jMC
3. ÷@UsWC
84 IBM Tivoli Directory Server: wPtmΓU
: ϕz÷@UsWA⌡YsWµ⌡MµñFúLAÑ
z÷UTwßA⌡"u[JMµñC
4. ϕzsWzn⌡ßA÷@UTwC
ú⌡YnNY⌡quNbⁿJ⌡vMµñúG
1. btmuπñA÷@U¬@Mµñz⌡C
2. buz⌡v°íµ⌡ñA÷@Uznú⌡C
3. ÷@UúC
:
a. t system rΩ⌡@tABLkRúC
b. ϕz÷@UúA⌡Yqµ⌡MµñúFúLA
Ñz÷UTwßA⌡"úC
4. ϕz∩nú⌡ßA÷@UTwAHBzC
≤τd¼
Yn≤⌡τd¼G
1. btmuπñA÷@U¬@Mµñz⌡C
2. buz⌡v°íñAⁿ⌡τWhñw]⌡τWhA÷@U
znWhCziH∩UCΣñ@WhG
v 3]Yµ
⌡µ LDAP 3 Yµ¼τd@CpGτd¼AϕsW
Aú/½≤OC
v 3]eP
⌡µ LDAP 3 eP¼τd@CpGτd¼AϕsW
Aúú/½≤OC
oOw]C
v 2
⌡µ LDAP 2 dC
v L
ú⌡µτdC
3. ÷@UTwC
JPX LDIF Ω
ziHtmuπAJuLDAP Ωµ½µí (LDIF)vñΩANΩ
wñΩX LDIF ñCLDIF OHσrµíNϕ LDAP CϕJA
ziHNsW²ΩwñAsWwtΩwñCz]iH
tmuπτ LDIF ñΩAúsWΩ²ñC
J LDIF Ω
:
1. bzJ LDIF ñΩeAOosW⌠≤rC÷sWríA
\ 84ysWrzC
12 tm 85
2. ²ε°Aß"αJ LDIF ΩC
YnJ LDIF ñΩG
1. btmuπñA÷@U¬@MµñJ LDIF ΩC
2. bkuJ LDIF Ωv°íñA≤⌠M LDIF WµñAΘJ LDIF
⌠MWCA÷@Us²AHMΣC
3. pGzQ ldif2db íJΩA÷@UJFpGzQ
bulkload íJΩA÷@UjqⁿJC
: ∩≤j¼ LDIF ÑApGznJhAh bulkload ín± ldif2db toC
4. pGznúΩñµA∩úJjqⁿJñµ
∩C
5. pGz∩jqⁿJAbjqⁿJ∩ñA÷@Uzn∩ LDIF Ω⌡µ
d¼CziH∩UC@hG
v ⌡d
v ACL d
v KXh
÷@UJC
: ⁿJjqΩºßASOO bulkload jqJΩΩwºßAΩwCoiHπ∩ΩwαC
τ LDIF ΩAúNΩsWΩwYnτ LDIF ñΩAúNΩsWΩwñG
1. btmuπñA÷@U¬@MµñJ LDIF ΩC
2. bkuJ LDIF Ωv°íñA≤⌠M LDIF WµñAΘJ LDIF
⌠MWCA÷@Us²AHMΣC
3. ÷@UΩτC
4. ÷@UJC
X LDIF ΩbzX LDIF ΩºeATw¼≈íiHXΩC
YnNΩwñΩX LDIF G
1. btmuπñA÷@U¬@MµñX LDIF ΩC
2. bkuX LDIF Ωv°íñA≤⌠M LDIF WµñAΘJ LDIF
⌠MWCA÷@Us²AHMΣC
3. pGzQgñΩA∩pGsbhg∩C
4. pGznX creatorsNameBcreateTimestampBmodifiersName M modifyTimestamp
@A∩X@∩C
o @O°Ab !∩² !M∩Fϕ∩
]H∩o @Co ]t !∩ºAH !
∩ºí÷ΩTC
86 IBM Tivoli Directory Server: wPtmΓU
5. pGzuQX²ñí≈ΩA±l≡ DN µCl≡ DN Oⁿng
LDIF ΘXºl≡WhCHb²ÑhñΣUúg
ñCpGzⁿw∩Ah IBM Directory Server tmñⁿw
rANxsbΩwñ²AgΘXñC
6. ÷@UXC
≈BPΩw
ziHtmuπ⌡µUCΩw@G
v ≈ΩwñΩ
v ΩAH∩a²e≈tm]w
v ≤sΩϕµ÷pΩAHú αPdtC
≈Ωwbz≈ΩwºeA²ε°AC
Yn≈ΩwG
1. btmuπñA÷@U¬@Mµñ≈ΩwC
2. bku≈Ωwv°í≈²µñAΘJHxs≈º²Ω
Ptm]w²⌠CA÷@Us²AHΣX²⌠C
3. ÷@UUC@G
v pGzQ !²]pGΣúA÷@U÷n≈²C
v pGzúQ !zⁿw²A÷@UpGΣú≈²hñεCpG
²úsbAz∩∩Ahú≈ΩwC
4. ÷@U≈C
ΩwbzΩwºeA²ε°AC
YnΩwG
1. btmuπñA÷@U¬@MµñΩwC
2. bkuΩwv°í≈²µñAΘJxsz²e≈º²⌠
CA÷@Us²AHMΣ⌠C
3. pGzuQ²ΩAúQtm]wA∩Ω]Dtm]
w∩CpGzPQΩPtm]wAOoMú∩C
4. ÷@UC
Ωw²ε°Aß"αΩwC
ϕNΩwA≤sΩϕµ÷pΩFoiú αPdtC
w⌡µ@Abjq≤sΩwß⌡µ]pAbJΩwßC
1. btmuπñA÷@U¬@MµñΩwC
2. bkuΩwv°íñA÷@UC
12 tm 87
ldapcfg í
ldapcfg íO@ⁿOµuπAitm IBM Tivoli Directory ServerCzi
HútmuπA∩ ldapcfg ⌡µUC@G
v ]wz DN PKXC÷ⁿ\y]wz DN PKXzC
v tmΩwC÷ⁿ\ytmΩwzC
v ≤°Atmñ DB2 zKXC÷ⁿ\ 90y≤ DB2
zKXzC
v ≤ΘxC÷ⁿ\ 90y≤ΘxzC
v sWrC÷ⁿ\ 90ysWrzC
]wz DN PKX
Ynwqz DN MKXAbⁿOúUAΘJUCⁿOG
ldapcfg -u "adminDN" -p password
Σñ
v adminDN znz DNC
v password z DN KXC
: bKXñúΣ r (DBCS) rC
pG
ldapcfg -u "cn=root" -p secret
: !µ (‘) wqtµ DNCªLkQTC
Ynⁿw]z DN (cn=root)Awq@KXAbⁿOúUΘJUCⁿOG
ldapcfg -p password
Σñ password z DN KXC
pG
ldapcfg -p secret
tmΩw
bztmΩwA1 bⁿOµWⁿw ID PKXCΩWw]P
ID PC ID wgsbABXSwDCpGQnúP
ΩWAziH -t ∩ⁿwCW]OXSwDIDCpb Windows P UNIX ¡xWo D÷ΩTA\ 81ybz
tmºeG ! DB2 ΩwMΩwΩzC
N:
1. btmΩwºeATw]w⌠ DB2COMMC
2. bz ldapcfg ⁿOºeA\¬Cí≈∩]p -f P -swg≤CpGzaªAObºeñªANy¿Lkw
GC
3. ²ε°Aß"αtmΩwC
88 IBM Tivoli Directory Server: wPtmΓU
YntmΩwAziHUC∩G
-l mⁿw D B 2 ΩwmCY U N I X tAh²WA
pG/home/ldapdbCpGO Windows tAh≈NAp C:C
-a id ⁿw DB2 z IDC
-c H UTF-8 µí !ΩwC]pGzⁿw∩Ahw]KObX
ñ !ΩwC
-i aetm IBM Tivoli Directory Server ⌠≤ΩCΩ÷
pΩwτQaC
-w KXⁿw DB2 zKXC
: ldapcfg -w password ⁿOúA≤ΩwtKXCªu≤s
ibmslapd.conf C÷µW -w ∩ΩTA\ 90y≤
DB2 zKXzC
-d Ωwⁿw DB2 ΩwWC
-t dbinstance
ⁿwΩwΩCpGzúⁿwΩAhΩWP DB2 z ID PC
-o pGwΩwsbAhNΣgCw]ANúRúngΩwC
-r aewtm IBM Tivoli Directory Server ⌠≤ΩwC
-f ⁿwπ⌠AH½sVΘXºCpGft -q ∩AhuNC
-q bLníU⌡µCϕεHΘXC
-n bLúíU⌡µCúΘXA²ú]AnJTºC
pGS⌠≤wtmΩw]τY@tmAhH DB2 zW
db2adminAKX mypasswordAHΩwW dbNameAtm /home/ldapdb2 W
ΩwAΣⁿOpUG
ldapcfg -l /home/ldapdb2 -a db2admin -w mypassword -d dbName
pGS⌠≤wtmΩw]τY@tmAYnH DB2 zW
db2adminBKX mypassword BΩwW dbNameAHΩW dbInstancetm /home/ldapdb2 WΩwAΣⁿOpUG
ldapcfg -l /home/ldapdb2 -a db2admin -w mypassword -d dbName -t dbInstance
bwgtmΩwAYnb /home/ldapdb2 WtmΩwB[HgAhΣⁿOp
UG
ldapcfg -l /home/ldapdb2 -a db2admin -w mypassword -d dbName -o
÷ ldapucfg ⁿOµíútmΩwíA\ 95yú
tmΩwzC
12 tm 89
≤ DB2 zKX
pGzzL@t≤ DB2 zKXA ldapcfg M -w ∩≤KXC@O≤°AtmñKXCPaApGz ldapcfg ⁿO≤ DB2 zKXA]zL@t≤KXC
YnN DB2 zKX≤ newpasswordAΘJUCⁿOG
ldapcfg -w newpassword
: bKXñúΣ r (DBCS) rC
≤Θx
Yn≤ΘxA -g ∩C≤ΘxOOΩwAO²∩D²≤CznB 30 MB !ΩwC
: ²ε°Aß"α≤ΘxC
Yn]wNb≤ΘxñOⁿjA -m maxentries ∩CpGzú
QⁿwjAhw] 0 ϕ∩S⌠≤¡εC
Yn]wOdb≤ΘxñíA -y maxdays M -h maxhours ∩C
pAYnNOd¡¡ε]¿ 30 .S 12 pAΘJ ldapcfg -y 30 -h 12C
÷ ldapucfg ⁿOµí≤ΘxíA\ 95yút
mΩwzC
sWr
Yn ldapcfg íb ibmslapd.conf ñsWrAUCⁿOG
ldapcfg -s "suffix"
Σñ suffix zQsWrC
: ²ε°Aß"αsWrC
JXΩ
YnJ LDIF ñΩAziH ldif2db bulkload íC
YnNΩX LDIF ñAzi db2ldif íC
÷ⁿ\ IBM Tivoli Directory Server 5.2 zΓUC
≈BP Ωw
UCUíp≤ⁿOµíA≈BΩwC
dbback ⁿO≈Ωw
YnⁿOµ≈²ΩwA dbback íC
90 IBM Tivoli Directory Server: wPtmΓU
:
1. bz≈ΩwºeA²ε°AC
2. í ibmslapd.conf tmC
i∩pUG
-d directory
ⁿwxs≈Ωw²Ctmº²Ωw IDA
π²gJvC
-w filename
ⁿwπ⌠MWAH½sVΘXºC
dbrestore ⁿOΩw
YnⁿOµ²ΩwA dbrestore íC
: bzΩwºeA²ε°AC
i∩pUG
-d directory
ⁿwnq@²ΩwC
-n ún ibmslapd.conf C
-w filename
ⁿwπ⌠MWAH½sVΘXºC
runstats ⁿOΩw
YnⁿOµN²ΩwA runstats íCⁿO≤sMΩϕµ÷pΩC
: ²ε°Aß"αΩwC
i∩pUG
-f config_file_name
ⁿwtmWCYⁿwAh ibmslapd.confC
12 tm 91
92 IBM Tivoli Directory Server: wPtmΓU
13 bzwPtmºß
bzw°AºßA]wz DN PKXABtmΩwAKiH²
°ACpGzww Web zuπP WebSphere Application Server - Express O
AKií°AC
²°A
Yn²°AAbⁿOúñΘJ ibmslapdC
b Windows tWA]iHzLAΩ¿Mε°AC
v Yn°AA÷@U IBM Tivoli Directory Server V5.2CMß÷@U@
—> C
v Ynε°AA÷@U IBM Tivoli Directory Server V5.2CMß÷@U@
—> εC
p Web zuπPⁿOµMε°AAH⌡µΣLz@÷
ΩTA\ IBM Tivoli Directory Server 5.2 zΓUC
í°AHK Web zuπ
pGz WebSphere Application Server - Express O@í°AAn
í°AG
1. w WebSphere Application Server - Express Oº² bin l²Cp
Gz InstallShield GUI iµwAhOw IBM Tivoli Directory Server º
² appsrv/bin l²C
2. bⁿOúñΘJUCΣñ@G
v b Windows tWAΘJ startServer server1.bat
v b UNIX tWAΘJ startServer.sh server1
εí°A
UCΣñ@ⁿOεí°AG
v b Windows tWG
WASPath\bin\stopServer.bat server1
v b UNIX tWG
WASPath/bin/stopServer.sh server1
Σñ WASPath Ozw WebSphere Application Server - Express O⌠C
Web zuπ
Yn Web zuπG
© Copyright IBM Corp. 1998, 2003 93
1 . bzí°AºßAb W e b s²ñAΘJUCG
http://localhost:9080/IDSWebApp/IDSjsp/Login.jsp
eπuIBM Tivoli Directory Server Web zvnJ°íC
: ubzObww Web zuπqúW⌡µs²A"B@C
pG Web zuπOwbúP≈WA Web zuπwbº
qúD≈W IP N localhostC
p Web zuπ÷ΩTA\ IBM Tivoli Directory Server 5.2
zΓUC
94 IBM Tivoli Directory Server: wPtmΓU
14 útmΩwPúw IBM Tivoli Directory Server
YnN IBM Tivoli Directory Server qqúñúAz²útmΩwAAú
w°ACUútmPú°AC
útmΩw
ziHtmuπ (ldapxcfg) útmΩwCΩT\ 83yú
tmΩwzC
ldapucfg í∩P ldapcfg í∩ⁿC]\ 88y
ldapcfg ízAHo÷ ldapcfg íC²OAb ldapucfg íñG
v -d ∩úewtm DB2 ΩwCpwAª]ú≤ΘxC
– -r ∩ft -d Aaetm IBM Tivoli Directory Server ⌠≤
ΩwAúúΩTC
– -i ∩ft -d Aaetm IBM Tivoli Directory Server ⌠≤
ΩAúúΩTCΩ÷pΩwτQaC
v -g ∩G≤ΘxC÷¼≤Θxú≤ΘxΩwHΣñtΩ]≤O²C -g ∩úvTD²ΩwC
: pGzútmO UNIX ¼tAhqπ other ⌡µv²A⌡µldapucfgCτYA²']w --------x \ivCY]w\ivAhiαTºABoóCYnµ²]w\ivAziΘ
JⁿOG
chmod o+x .
ⁿOñtyI ( . )AHNϕµ²C
i: ≈⌠≤⌡Mz²Aºß"⌡µUCBJC
Ynú DB2 tmΩTG
1. b UNIX ¡xWAH root ¡≈nJCb Windows tWAHz¡≈
nJC
2. εM IBM Tivoli Directory Server °AsßC
3. ldapucfg íAN DB2 tmΩTq°AñúCbⁿOúUΘJG
ldapucfg -d
iαúznΣL÷≤úΩwP DB2 ΩΩTC
úw IBM Tivoli Directory ServerbzútmßAUCúw IBM Tivoli Directory ServerC
InstallShield GUI úw
UCUíp≤ InstallShield GUI úw IBM Tivoli Directory ServerC
© Copyright IBM Corp. 1998, 2003 95
:
1. pGzO InstallShield GUI w IBM Tivoli Directory ServerA
InstallShield GUI úwC
2. bzúw WebSphere Application Server - Express OºeAzε
í°AC]ΩT\ 93yεí°AzCbz
lúwºeA÷¼°íAHTw installpath/appsrv ²úbñC
búw WebSphere Application Server - Express OºßAτ
installpath/appsrv ²wúCpGSAbz½swºeA²úªC
Windows ¡x
Yn InstallShield GUI ú Windows ¡xW IBM Tivoli Directory ServerG
1. ÷@Ul —> ]w —> εx —> sW/úíC
2. ∩ IBM Tivoli Directory Server 5.2C÷@U≤/úC
3. ∩búwLñnyÑC÷@UTwC
4. buw∩v°íñ÷@UU@BC
5. ∩znúw\αC÷@UU@BC
: pGzOqww DMT P Java \α IBM Directory Server 4.1 wiµ
αADMT P Java NXbnúw\αMµñC∩o\αHKúCbz InstallShield GUI úo\αºeAªN≥πbn
úwMµñC
6. bT°íñApGTwnúw∩\αA÷@UU@BC
UNIX ¡x
: iSeries LinuxBpSeries LinuxBzSeries Linux P HP-UX úú InstallShield GUIC
Yn InstallShield GUI ú UNIX ¡xW IBM Tivoli Directory ServerG
1. bⁿOúUA IBM Tivoli Directory Server _uninst ²C
v b AIX P Linux @tñA² /usr/ldap/_uninstC
v b Solaris @tñA² /opt/IBMldapc/_uninstC
2. ⌡µúwⁿOG
./uninstall
3. ∩búwLñnyÑC÷@UTwC
4. buw∩v°íñ÷@UU@BC
5. ∩znúw\αC÷@UU@BC
6. bT°íñApGTwnúw∩\αA÷@UU@BC
@tíúw
bzútmΩTßAYiúw IBM Tivoli Directory ServerC
:
1. pGzO InstallShield GUI w IBM Tivoli Directory ServerA 95
y InstallShield GUI úwzñúwC
96 IBM Tivoli Directory Server: wPtmΓU
2. ú IBM Tivoli Directory Server úúz IBM Tivoli Directory Server
!⌠≤ΩwC
AIX @tYnúw IBM Tivoli Directory Server °AßAΘJUCⁿOG
installp -u ldap
ouú IBM Tivoli Directory Server CªúúΣL≤Ap DB2C
Linux @tbzú IBM Tivoli Directory Server ºeATw°AwεAMßoXUCⁿOC
: pGww IBM Tivoli Directory Server °AAz²ú°AAMßA
úß]w C
rpm -ev ldap-server-5.2-1
rpm -ev ldap-webadmin-5.2-1
rpm -ev ldap-client-5.2-1
rpm -ev ldap-msg-xxx-5.2-1.i386.rpm]Σñ xxx °yÑwC
rpm -ev ldap-html-xxx-5.2-1.i386.rpm]Σñ xxx °yÑwC
Solaris @tziH admintool íqⁿOµ pkgrmAúw IBM Tivoli
Directory ServerC
AdminTool ú@: Yn admintool íú IBM Tivoli Directory
ServerA⌡µUC@G
1. H root ¡≈nJC
2. bⁿOúñΘJUCⁿOG
admintool&
Yπ°íC
3. ÷@Us² —> nΘCXunΘv°íC
4. qπMµñA∩nRúM≤C
IBM Tivoli Directory ClientIBM Tivoli Directory íσ≤IBM Tivoli Directory TºIBM Tivoli Directory ServerIBM Tivoli Directory Webadmin
5. ÷@UsΦ —> RúCoπuAdminToolGiv°íC
6. ÷@URúC
: búßM°AM≤AtúzUCdGM≤ñtbM≤wñANW\iv⌡µ ScriptCzn≥úoM
≤HΘJ y ≥CpGznú°AM≤Az]UCúGzn
Noú setuid M]setgid HΘJ yA≥@C
7. M≤úªºßAKπunΘv°íCϕú@¿ßAΘJ q H!
ⁿOúUC
14 útmΩwPúw IBM Tivoli Directory Server 97
pGzw]w IBM Tivoli Directory ServerAh ! opt/IBMldaps M
opt/IBMldapc ²CpGzúw IBM Tivoli Directory ServerAúiαú
úo ²CpGoΓ²ñΣñ@sbΓúsbAhyßϕzN IBM
Tivoli Directory Server ½swbDw]²ñANoDC
YnTwúo ²AbⁿOµoXⁿOG
rm -fr /opt/IBMldaps /opt/IBMldapc
zbiHN IBM Tivoli Directory Server ½swbDw]²ñC
: Yz½swbw]²AhúoDC
ⁿOµú@: ndww IBM Tivoli Directory Server ≤AΘJ:
pkginfo | grep -i ibml
πⁿUCΘXG
IBMldapc IBM Tivoli Directory Client(sparc) 5.2.0.0IBMldaps IBM Tivoli Directory Server(sparc) 5.2.0.0IBMldixxx IBM Tivoli Directory íσ≤(sparc) 5.2.0.0IBMldmxxx IBM Tivoli Directory Tº(sparc) 5.2.0.0IBMldapw IBM Tivoli Directory Webadmin(sparc) 5.2.0.0
pkgrm úúQnM≤CpG
pkgrm IBMldaps IBMldapc IBMldapw
ziHⁿwM≤WA]iHⁿwªMµXCPw A
ú÷M≤C]zú Web zuπú½nC
HP-UXYnú IBM Tivoli Directory ServerA¿UCBJG
1. bⁿOúñAΘJ swremove
2. ∩ww IBM Tivoli Directory ServerC
3. ÷@U@ —> iµúC
4. ÷@U@ —> ú/úwC
5. ÷@UTwC
6. ϕú¿A÷@U¿C
7. ÷@U —> ⌠C
98 IBM Tivoli Directory Server: wPtmΓU
15 °
pGzbwtm IBM Tivoli Directory Server 5.2 oDAAHM
DiαMΦkC
InstallShield GUI w
pGwLk¿A@i²zΣΩTaΦKO ldapinst.logCpG !Fw
a²]install_directoryAhΘxK≤ install_directory ²ñCpA
b Windows tñAldapinst.log w]b c:\Program Files\IBM\LDAP\ ñCpGb
wóe ! install_directoryAhΘxiα±b²ñCYnMΣªAj
M ″ldapinst.log″CdoΘxAHAO÷≤wó⌠≤TºC
≤Y LDAP \αnsúA]iαOsúwóAy¿ IBM
Tivoli Directory Server wóCpApGw°A\αADB2 wóAK
Lkw°A\αC
bw WebSphere Application Server - Express OAInstallShield GUI
ΘxG
b Windows ¡xW
v Documents and Settings\userid\Local Settings\Temp\installApp.log
v Documents and Settings\userid\Local Settings\Temp\installAppErr.log
v Documents and Settings\userid\Local Settings\Temp\configApp.log
v Documents and Settings\userid\Local Settings\Temp\configAppErr.log
b UNIX ¡xW
v /tmp/installApp.log
v /tmp/installAppErr.log
v /tmp/configApp.log
v /tmp/configAppErr.log
bwúw Windows W DB2 AInstallShield GUI ΘxG
w
v Documents and Settings\userid\Local Settings\Temp\DB2setup.log
v Documents and Settings\userid\Local Settings\Temp\db2wi.log
v Documents and Settings\userid\Local Settings\Temp\db2inst.log
v Documents and Settings\userid\Local Settings\Temp\db2insterr.log
búw
v Documents and Settings\userid\Local Settings\Temp\DB2remove.log
v Documents and Settings\userid\Local Settings\Temp\db2uninst.log
v Documents and Settings\userid\Local Settings\Temp\db2uninsterr.log
v Documents and Settings\userid\Local Settings\Temp\db2uninsttrc.log
© Copyright IBM Corp. 1998, 2003 99
ów
wót@]Oíú¼CIBM Tivoli Directory Server τO
¼≈íApGΣú¼≈níNúTºA² InstallShield GUI ]
]iú¼LkoXTºCbwºeATwz iíC
¡xúíAAUNIX ¡x /var ²Cb@⌡µwA
N JVM ww²ñAHTwzw²ñ¼≈íC
qwóñ
qwóñ@BAKO⌡µ InstallShield Uninstall GUIAHMúwLñ
ú⌠≤n²CpGz⌡µ InstallShield Uninstall GUIAhUϕz
InstallShield GUI w IBM Tivoli Directory Server AInstallShield GUI iα
óC\UCUAHo@t ΩTCp InstallShield GUI
úw÷ΩTA\ 95y InstallShield GUI úwzC
pGwb UNIX ¡xWAh InstallShield GUI lM≤]p AIX installp B
Solaris .pkg RPM Aw IBM Tivoli Directory ServerC]Aϕz⌡µ
¡xⁿO]pb Linux @tW⌡µ rpm -qaAdww AN
o M≤CYziH¡xⁿO]p rpm -eúwAz]
InstallShield GUI úwAHKMú InstallShield n²C
Windows @tb Windows ¡xWG
1. InstallShield GUI úw IBM Tivoli Directory ServerCΩT\
96yWindows ¡xzC
2. ú IBM Tivoli Directory Server w²Cw]²
C:\Program Files\IBM\LDAPC
3. ≤⌠≤b ldapinst.log ñCXΣLDC
4. regedit ún²ñ LDAP G
HKEY_LOCAL_MACHINE\SOFTWARE\IBM\LDAP
5. úUC⌠G
LDAPHome=C:\Program Files\IBM\LDAP
LIBPATH=C:\Program Files\IBM\LDAP\JAVA
LOCPATH=C:\Program Files\IBM\LDAP\bin\locale
NLSPATH=C:\Program Files\IBM\LDAP\NLS\MSG\%L\%N
Path=C:\Program Files\IBM\LDAP\bin
TISDIR=C:\Program Files\IBM\LDAP
: InstallShield GUI ]]w LANG ⌠ (LANG=enus1252)FMAΣL
íiα⌠AH⌠úbú⌠MµñC
AIX @tb AIX @tWG
1. InstallShield GUI úw IBM Tivoli Directory ServerCΩT\
96yUNIX ¡xzC
2. bⁿOúñΘJUCⁿOG
lslpp -l |grep -i ldap
100 IBM Tivoli Directory Server: wPtmΓU
3. pGtñd⌠≤ IBM Tivoli Directory Server wM≤A installpúwApUG
installp -u packagename
4. ú /usr/ldap ²C
5. N ldapinst.log ñC⌠≤ΣLD≤C
: AIX @twú@W installp_isje.log BΘxCz\o
ΘxAHP InstallShield GUI oX installp ⁿOñOóC
Linux @tb Linux @tWG
1. InstallShield GUI úw IBM Tivoli Directory ServerCΩT\
96yUNIX ¡xzC
2. bⁿOúñΘJUCⁿOG
rpm -qa | grep -i ldap
pGtñd⌠≤ IBM Tivoli Directory Server wM≤A rpmⁿOiµúwCpG
rpm -ev packagenames
3. pG rpm ⁿOϕAH noscripts ∩⌡µⁿOG
rpm -ev --noscripts packagenames
4. ú /usr/ldap ²C
5. ≤ ldapinst.log ñCXΣL⌠≤DC
Solaris @tb Solaris @tWG
1. InstallShield GUI úw IBM Tivoli Directory ServerCΩT\
96yUNIX ¡xzC
2. bⁿOúñΘJUCⁿOG
pkginfo | grep -i ldap
3. pGtñd⌠≤ IBM Tivoli Directory Server wM≤A pkgrm[HúwG
pkgrm packagenames
: pGzbúo M≤oDAq /var/sadm/pkg/ ñú]tM≤
²
4. ú /opt/IBMldapc and /opt/IBMldaps ²AH]wdUΣL⌠≤²A
pyѲC
5. N ldapinst.log ñC⌠≤ΣLD[H≤C
tm
UCU]t÷tm°ΩTC
15 ° 101
DB2 nΘvL
pGbtmΩwAXUCTºG
Lk ldapdb2 ΩΩwzí
oϕzql DB2 nΘviαDCYnτoípAbⁿOúUAΘ
JUCrΩG
db2start
pGzvTAeñXUCTºG
SQL1063N DB2START BzwQ¿C
hAz@hTºAⁿXzvwgLN≤X.C
pGzql DB2 nΘvoDAHUiαo]G
v zOdnΘvC
1. YnNz DB2 úAqdnΘv únΘvAN DB2 *W
nΘvsw DB2 tWFún½sw DB2C
: zuvQMnΘvΩTvpUlⁿXz≥o únΘvC
2. bztWπvºßA⌡µUCⁿOvG
db2licm -a license_filename
v zwRúP DB2 úC
pGzw DB2 úOAPzRFúPDB2 úAhúw
úAAwzRsúCbⁿOúñΘJUCⁿOAHK z
DB2 vG
db2licm -a license_filename
: license_filename OnΘvWFp db2udbee.licC
DbtmuπñiαQI
btmuπñA°íñDAyÑúPiαQICpGo
DAiHzππ°íjpC
ñtmuπΩw@PúT¼A
pGztmuπtmBútmBJBXB≈BΩwA
Bz@Qñ]pA*qAhúTa!¼ACϕz½
sBz@Aeπ
@wb⌡µñC
TºCoO]Bz@¼AΘXO $LDAPHOME/tmp Ω¿ñA
ϕBz@QñúRúo C
Yn½sñBz@Az²ΓRúUCΓG
v $LDAPHOME/tmp/ldapcfg.dat
v $LDAPHOME/tmp/ldapcfg.stat
102 IBM Tivoli Directory Server: wPtmΓU
ϕtmΩMΩwo Java ó
pGzb United Linux 1.0BRed Hat Advanced Server 2.1 AIX DB2 v8.1
BOtmΩMΩwAbtm¿ºßiαo Java óCziHñ
óCΩMΩwwgQatm¿CpApGzoXⁿOG
ldapcfg -a <myuserID> -w <mypassword> -d <mydatabase> -l /home/<myuserID>
b¿tmºßAiαπUCTºG
IBM Directory Server tm¿CoDwº¼pGReportedExceptionCode = b, at ExceptionAddress = 74736574
ACCESS_VIOLATION occured outside Interpreter and JITed codeExecMode = EXECMODE_BYTECODEstackpointer=0xbffc7370
gJ Java ....wN Java gJ /var/ldap/javacore9151.1035571351.txtñε@
b AIX Wtmuπo
ϕzb AIX WtmuπiαoUCG
# ldapxcfg exec(): 0509-036 oUCAHLkⁿJldapxcfgG0509-022 LkⁿJ /usr/ldap/lib/libdbadmin.aC 0509-150 Σú /usr
pGoAdUCG
v zT DB2 ]DB2 8.1Aí 2A64
v z 64 wΘC\ 108yτ AIX wΘ 64 zC
v zO⌡µ 64 C\ 108yτ AIX O 64 z
v wαzΩw 64 C\ 37yq IBM Directory Server V4.1
5.1 for AIX wαzC
tmíb AIX Wε
bztmí]ldapcfgBldapxcfg M ldapucfgApGí!YεAd LIBPATHCpG JVM jre/bin/classic ²]IBM Tivoli Directory Server ú
úb %LDAPHOME%/java/bin/classic ²ºeA⌡µUCΣñ@G
v ú LIBPATH ñL÷ JVMC
v N %LDAPHOME%/java/bin/classic ²±b LIBPATH ΣL JVM ²ºeC
DB2 Aϕatm
: btmΩwºeATw]w⌠ DB2COMMC
pGbΩwtmíoóAqO]UC@]G
v ID T]wCΩT\ 81ybztmºeG ! DB2 Ω
wMΩwΩzC
v ID \ivúTCΩT\ 81ybztmºeG ! DB2
ΩwMΩwΩzC
v eΩwdAπz∩ΩwⁿwºW DB2 ΩAsb≤t
WC
v zⁿwmAS¼≈íC
do ODAMßb≤DºßAAiµtmC
15 ° 103
: pGztmuπtmA²tmóAhtmuπ⌡µY Mú@AKiDCpGzbMµñΣú⌠≤DAAtmC
Ωw αú
pWiαΩT]]Aw*÷ΩTA\ IBM Tivoli Directory
Server Version 5.2 Performance Tuning GuideC
≤tmºß°A
wq≤ IBM Tivoli Directory Server tmñue 18 rNqC°j
≤ 18 rWQIAHX DB2 ¡εC
pGznAhi@B¡εb 16 rCpGzsW°j≤ 18 r
A°AiαLkCpΣLΩTA\Cu²⌡vUu°A
zívC
µ÷Θxwí
pG⌡ñwqF0hAhb IBM Tivoli Directory Server AiαXU
CTºG
SQL0965C Ωwµ÷ΘxwíSQLSTATE=57011 Lk slapdA]Lktmßí
ziαnΘJUCrΩW[ DB2 µ÷ΘxjpG
db2 update db cfg for ldaptest using logprimary Xdb2 update db cfg for ldaptest using logsecond X
Σñ X nj≤ewqC
tmuπ
UCUA≤tmuπC
í≈ΣLⁿObus²v°íñLk
ziαLkbs²°íñΣLW SpaceBEnter ΦVΣ°d\αϕñ
eCYnMDA÷uAlt+UΣvπd\αϕAMßΦVΣ∩
≈C
⌠tmuπo NullPointer º ¼p
pGzbΘJLΩwWºß⌠tmuπAb⌡µ ldapxcfg ⁿOⁿO°íño NullPointer º¼pCº¼púvTtmBzC
ú
UCUúúΩTC
b Windows W slapd.cat o
b Windows tWAziα¼]tUCeTºG
slapd.cat o¼ DATABASE íwQaq C:/Program Files/IBM/LDAP/bin/libback-config.dll ⁿJC rdbm.cat o
104 IBM Tivoli Directory Server: wPtmΓU
pGoíAd NLSPATH ⌠CwíN NLSPATH ⌠]
wt⌠C²OApGt]wg]⌠ NLSPATH A
NLSPATH ⌠m½t]wC
Yn≤íAziHN NLSPATH ΩTqt⌠[⌠ñ
ΩTC
b Internet Explorer ñnJ Web zuπDx
b Windows WApGXUC¼pAhouWeb zvG
v Web zuπObw
v Web zuπObw Microsoft Internet Explorer W⌡µ
v Web zuπw WebSphere Application Server - Express O
v IP D≈Os Web zuπº URL @í≈
pGzqúWo ípAϕnJuWeb z GUIvDx localhost N
IP D≈WC
pA Internet Explorer Web s²bµñΘJG
http://localhost:9080/IDSWebApp/IDSjsp/Login.jsp
ΘJ Web zuπΩl
pGzb Web zuπñΘJDσΩlA⌡µHU@G
b WebSphere Application Server - Express O
sΦUC²ñ server.xml G
WAS_home/appsrv/config/cells/DefaultNode/nodes/DefaultNode/servers/server1
NΘσrsWq¿ñApG
<processDefinition xmi:type="processexec:JavaProcessDef"xmi:id="JavaProcessDef_1"executableName="$JAVA_HOME/bin/java"executableTarget="com.ibm.ws.runtime.WsServer"executableTargetKind="JAVA_CLASS"workingDirectory="$USER_INSTALL_ROOT">
<execution xmi:id="ProcessExecution_1" processPriority="20" runAsUser=""runAsGroup=""/>
<monitoringPolicy xmi:id="MonitoringPolicy_1" pingInterval="60"maximumStartupAttempts="3" pingTimeout="300" autoRestart="true"nodeRestartState="STOPPED" />
<ioRedirect xmi:id="OutputRedirect_1"stdoutFilename="$SERVER_LOG_ROOT/native_stdout.log"stderrFilename="$SERVER_LOG_ROOT/native_stderr.log"/>
<jvmEntries xmi:id="JavaVirtualMachine_1" classpath="" bootClasspath=""verboseModeClass="false" verboseModeGarbageCollection="false"verboseModeJNI="false" initialHeapSize="0"maximumHeapSize="256" runHProf="false" hprofArguments=""debugMode="false" debugArgs="-Djava.compiler=NONE -Xdebug -Xnoagent-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=7777"genericJvmArguments="">
<systemProperties xmi:id="Property_10"name="client.encoding.override" value="UTF-8" required="false"/>
</jvmEntries>
b WebSphere Application Serverb WebSphere zDx≡F
15 ° 105
v ∩°AC
v ∩í°AC
v ∩zn°AFpGserver1C
v ÷@UBzwqC
v ÷@U Java Virtual MachineC
v ÷@UqeC
v ÷@UAϕ÷s !seC
v bWµñAΘJclient.encoding.overrideC
v bµñAΘJ UTF-8C
v ÷@UMC
v ε½s WebSphere Application ServerC
Oⁿ DB2 Θx
úFizL Web zuπs bmslapd.log ºADB2 ]Oⁿ≤
db2cli.log ñCoΓ≤ Windows ¡xW IBM Tivoli Directory Server w
² var l²ñC
: var l²iα]tΣL DB2 C
°AOⁿ≤ \var\ibmslapd.log ñC
DB2 Oⁿ≤ \var\db2cli.log ñC
°Aúí
pGΘxúΩTú¼HMDAziHb@SϕúíU⌡µ
°AAHúϕΩTCzqⁿOúñ⌡µ°Ai⌡µ ibmslapdAúΘXCykpUG
ldtrc onibmslapd -h bitmask
oⁿw bitmask Mwnú úΘXC
ldtrc íεuLDAP l≈αvCpAUC ldtrc jMG
ldapsearch -l 60 -h ddejesus -D "o=IBM_US, c=US" -wsecret -b "ou=Austin, o=IBM_US, c=US" "cn=Cindy Corn"
iα!PUCⁿ°AΘXG
bSocket 540 ñq 9.53.95.251 ¼suC 86366975 704 usec SQLAllocStmt() => 086367557 73 usec SQLBindParameter() => 086367974 33 usec SQLBindParameter() => 086435508 52 usec SQLFetch => 086436039 49 usec SQLGetData => 086436835 454 usec SQLFreeStmt => 086458726 629 usec SQLAllocStmt() => 086459708 561 usec SQLPrepare(SELECT distinct
DB2ADMIN.LDAP_ENTRY.EID FROM DB2ADMIN.LDAP_ENTRY,DB2ADMIN.LDAP_DESC WHERE(DB2ADMIN.LDAP_ENTRY.EID=DB2ADMIN.LDAP_DESC.DEIDAND DB2ADMIN.LDAP_DESC.AEID=?) AND DB2ADMIN.LDAP_ENTRY.EIDIN (SELECT EID FROM DB2ADMIN.CN WHERE CN_T= ?)) => 0
106 IBM Tivoli Directory Server: wPtmΓU
°Aúít@ΦkOb°AlCYn⌡µ@A
b°AtmñN ibm-slapdStartupTraceEnabled ⌠]w TRUEC]wh
MeΘXtm∩C
UCdπ ibm-slapdStartupTraceEnabled ∩]w TrueG
dn: cn=Configurationcn: Configurationibm-slapdACLAccess: trueibm-slapdAdminDN: cn=rootibm-slapdAdminGroupEnabled: trueibm-slapdAdminPW:
>14T/+cmSHfFQ8nKkYschiuw421kXnH6F0VP6NjfwlkBq3w1E65QBWCVczbcrtE++R7AEnKYFiBQFGBNJ0qYVny6ZmcXsFvhsniFKEpYFwLvLmxYFEpFuZkoPnjuttmTMMMogn/MKty288T8mc8JWMB1L+3gWWiW26y<
ibm-slapdDerefAliases: alwaysibm-slapdErrorLog: /var/ibmslapd.logibm-slapdMaxPendingChangesDisplayed: 200ibm-slapdPort: 389#ibm-slapdPwEncryption must be one of none/imask/crypt/shaibm-slapdPwEncryption: imaskibm-slapdServerId: 3a98a5d7-35c2-4c2b-a789-7255204efd4aibm-slapdSizeLimit: 500ibm-slapdStartupTraceEnabled: trueibm-slapdSupportedWebAdmVersion: 2.0#ibm-slapdSysLogLevel must be one of l/m/h (l=terse, h=verbose)ibm-slapdSysLogLevel: mibm-slapdTimeLimit: 900ibm-slapdTraceMessageLevel: 0xFFFFibm-slapdTraceMessageLog: /var/ibmslapd.trace.logibm-slapdVersion: 5.2objectclass: topobjectclass: ibm-slapdConfigEntryobjectclass: ibm-slapdTop
z⌡µ ldtrc on ⁿOß"α°AC
°AiHiµAlC
YnuLDAP l≈αvA ldtrc on qw IBM Tivoli Directory Server
⌠≤≈WAoXUCⁿOG
ldaptrace -h <hostname> -d <adminDN> -w <adminpassword> -l on
ΣLⁿO]AG
v Ynl IBM Tivoli Directory ServerG
ldaptrace -h <hostname> -d <adminDN> -w <adminpassword> -l on -t start
v Ynεl IBM Tivoli Directory ServerG
ldaptrace -h <hostname> -d <adminDN> -w <adminpassword> -l on -t stop
v Yn÷¼uLDAP l≈αvG
ldaptrace -h <hostname> -d <adminDN> -w <adminpassword> -l off
v YnπuLDAP l≈αv¼AG
ldaptrace -h <hostname> -d <adminDN> -w <adminpassword> -l info
v Ynπ ldaptrace ⁿOkΩTG
ldaptrace -?
15 ° 107
\ϕ 3 HoúíC
ϕ 3. ú
Qi Qi í
0x0001 1 LDAP_DEBUG_TRACE qíiJ⌠
0x0002 2 LDAP_DEBUG_PACKETS ]í
0x0004 4 LDAP_DEBUG_ARGS nDñΩ
0x0008 8 LDAP_DEBUG_CONNS suí
0x0010 16 LDAP_DEBUG_BER ΩsXMX
0x0020 32 LDAP_DEBUG_FILTER jMLo°≤
0x0040 64 LDAP_DEBUG_MESSAGE TltíM≤
0x0080 128 LDAP_DEBUG_ACL sεMµí
0x0100 256 LDAP_DEBUG_STATS @pΩ
0x0200 512 LDAP_DEBUG_THREAD ⌡µⁿpΩ
0x0400 1024 LDAP_DEBUG_REPL gpΩ
0x0800 2048 LDAP_DEBUG_PARSE íσR
0x1000 4096 LDAP_DEBUG_PERFORMANCE ÷píßíα
pΩ
0x1000 8192 LDAP_DEBUG_RDBM ÷píßíí
(RDBM)
0x4000 16384 LDAP_DEBUG_REFERRAL í
0x8000 32768 LDAP_DEBUG_ERROR ¼p
0xffff 65535 ALL
0x7fffffff 2147483647 LDAP_DEBUG_ANY íúh
pAⁿw bitmask 65535 πúΘXAúπΩTC
¿ºßAbⁿOúñAoXUCⁿOG
ldtrc off
zs IBM Añ≤UúΘXMMDC
τ AIX wΘ 64
AIX W°An 64 wΘCYnτz AIX wΘ 64 A⌡µUC
ⁿOG
bootinfo -y
pGⁿO! 32AϕzwΘO 32 C
ApGzΘJ lsattr -El proc0 ⁿOAⁿOΘX!°ABz¼C
pGzUC⌠≤@AYϕ 64 wΘGRS64 IBIIBIIIBIVBPOWER3B
POWER3 II POWER4C
τ AIX O 64
YnτzwF 64 (/usr/lib/boot/unix_64)ABb⌡µñA⌡µUCⁿ
OG
bootinfo -K
108 IBM Tivoli Directory Server: wPtmΓU
ApGzΘJ lsattr -El proc0 ⁿOAⁿOΘX!°ABz¼C
pGzUC⌠≤@AYϕ 64 wΘGRS64 IBIIBIIIBIVBPOWER3B
POWER3 II POWER4C
: pGwΘO 32 Ahzu 32 CzLk 64 CpG
wΘO 64 AhziH 32 64 CpΩTA
http://www.ibm.com/support/docview.wss?uid=isg1hintsTips0214#4C
⌡µ db2start AIX 5.1 o
ϕz⌡µ db2start AiαoUCG
0509-130 /usr/lib/threads/libc.a(aio.o) RóA]G0509-136 q /unix X kaio_rdwr]r 0C 0509-136 q
pGoob AIX 5.1 WAhϕzw÷¼FDPB I/OC
YnDPB I/OA⌡µUC@G
1. ⌡µ smitty chgaioANnbt½stm¼Aqwwq]¿iC
2. ÷ Enter ΣC
3. ⌡µUCΣñ@@G
v ½stC
v ⌡µ smitty aio NσtmwwqDPB I/OAA÷ Enter ΣC
db2start ⁿOYiB@C
b AIX W WebSphere Application Server - Express Oo
b AIX W WebSphere Application Server - Express O (startServer.sh server1)
iαLkB@A] 9090 ≡wgbñC\ installpath/logs/server1 ²AH
oΩΘxC÷MΣLΘx]iα]t\hΩTAq SystemErr.log M
SystemOut.log OC
YnN WebSphere Application Server - Express O≡q 9090 ≤ AIX ≈
W≡]pA9091CsΦ installpath/config/cells/DefaultNode/virtualhosts.xml
≤ 9090 9091Cb
installpath/config/cells/DefaultNode/nodes/DefaultNode/servers/server1/server.xml
ñiµP≤C
:
1. o⌠Γs DefaultNode l²C
2. installpath Ow WebSphere Application Server - Express O²C
α
bαíAiα !UCΘxG
b UNIX ¡xWG
b⌡αíoAOⁿ≤ /tmp/migrate.errors ñC
÷≤⌡αTºAOⁿ≤ /tmp/migrate52.log ñC
15 ° 109
b Windows ¡xWG
αBzUCΘxG
b⌡αíoAOⁿ≤w² \tmp\migrate.errors ñC
b⌡αí¼TºAOⁿ≤w² \tmp\migrate52.log
ñC
⌡µ migrate52.bat ΘXObw² \tmp\migrate52StdOut.log ñC
⌡µ migrate52.bat Obw² \tmp\migrate52StdErr.log ñC
ΣLΘxG
v Documents and settings\userid\local settings\temp\ldapaddcfg.log
v Documents and settings\userid\local settings\temp\ldapaddmaster.log
v Documents and settings\userid\local settings\temp\ldaprmdbcfg.log
v Documents and settings\userid\local settings\temp\ldaprmchlog.log
v Documents and settings\userid\local settings\temp\ldapaddibmldapver.log
v Documents and settings\userid\local settings\temp\ldapaddpeer.log
v Documents and settings\userid\local settings\temp\ldapaddreplica.log
Web s²D
pGz Web s²oDAUCΩTiαUC
Microsoft Internet ExplorerpGz Microsoft Internet Explorer oDA∩]wiµUC≤G
v ÷@Uuπ —> Internet ∩AA∩@δCMßA÷@U]wCbdxse
OsUA÷@UCd\eC
v pGzs²oLkwGAiαOOΘxso
Cbu@δvΩ¿ñA÷@URúMMúO²AHMúO
ΘCbniHo ∩C
v z]iH÷≈M½s°AY íDC
110 IBM Tivoli Directory Server: wPtmΓU
² A. ΩwtmW
btmPjqJzΩwΩºeA²MwG
znb²ñxsΩ¼
Mw≤⌡AHKαΣbz²ñnOsΩ¼Cb²
°AAwJ@ ¼wqM½≤OwqCblsW
²ºeAziH²sWw∩zΩqs¼M½≤Ow
qC
: ziHb²wJΩßsW⌡A²⌡≤iαn°ⁿ½sⁿJzΩC
znrX
MwrXuqr (UTF-8)v !zΩwCziH∩
rXAHK² IBM Tivoli Directory Server íMAα≈p
PΣwϕaytsδAojMGC UTF-8 ixs⌠≤
UTF-8 rΩ²ñCyUa IBM Tivoli Directory Server ß]
UTF-8 Σ⌠≤yÑúαsMjM²CúLAb\hípUAp
GOYSwyÑrAßbπq²XºGαON
¡Cp÷ΩTA\ 127² H, yUTF-8 ΣzC
: pGznyÑAΩwO UTF-8 ΩwC
znp≤tmz²Ω
IBM Directory OHÑhí≡¼cxsC²ñWAHΣb²≡
c∩mCz∩²wqí≈Φ CΦ i²
ße÷P≡¼c*ΣtnMΣΩTCpGzxs@
ñHΩAKie÷N c∩M²cCpGznxs
ííB≈tmΩßΩAKi@BWA"αPp≤
tmz²C
zΩw≥nD
÷p≤O@ΩíA\ IBM Tivoli Directory Server 5.2 zΓU
ñuw Socket hvΩTC
znp≤tmsv
÷s\ivíA\ IBM Tivoli Directory Server 5.2 zΓ
UñsεMµΩTC
© Copyright IBM Corp. 1998, 2003 111
112 IBM Tivoli Directory Server: wPtmΓU
² B. b UNIX ¡xWΣLyÑ⌠Σ
bY UNIX tWA°zyÑ⌠]wwAiαúy°ATºAú
OPyÑ⌠÷yÑCpApGzyÑ⌠]¿ de_DEAhπwσTºC
úLApGzyÑ⌠]¿ de_CHAhπσTºC
pGo¼pAziH !íAHKb AIXBLinux HP-UX WA∩T
ºyÑC
pAb AIX Linux WAYn∩τhyÑ⌠∩wyTº]Y de_CHA≤ⁿ
OúñΘJUCⁿOAHK !G
cd /usr/lib/nls/msgln -sf de_DE/diradm.cat de_CH/diradm.catln -sf de_DE/ldapc.cat de_Ch/ldapc.catln -sf de_DE/ldapcp.cat de_Ch/ldapcp.catln -sf de_DE/ldapprod.cat de_Ch/ldapprod.catln -sf de_DE/ldaputil.cat de_Ch/ldaputil.catln -sf de_DE/ldcf.cat de_Ch/ldcf.catln -sf de_DE/rdbm.cat de_Ch/rdbm.catln -sf de_DE/slapd.cat de_Ch/slapd.catln -sf de_DE/webutil.cat de_Ch/webutil.cat
b HP-UX WAYn∩ÑΦ⌠yyÑ⌠ΦZ2σα½A≤ⁿOúñΘJU
CⁿOAHK !G
cd /usr/lib/nls/msgln -sf es_ES.iso88591/diradm.cat es_MX.iso88591/diradm.catln -sf es_ES.iso88591/ldapc.cat es_MX.iso88591/ldapc.catln -sf es_ES.iso88591/ldapcp.cat es_MX.iso88591/ldapcp.catln -sf es_ES.iso88591/ldapprod.cat es_MX.iso88591/ldapprod.catln -sf es_ES.iso88591/ldaputil.cat es_MX.iso88591/ldaputil.catln -sf es_ES.iso88591/ldcf.cat es_MX.iso88591/ldcf.catln -sf es_ES.iso88591/rdbm.cat es_MX.iso88591/rdbm.catln -sf es_ES.iso88591/slapd.cat es_MX.iso88591/slapd.catln -sf es_ES.iso88591/webutil.cat es_MX.iso88591/webutil.cat
© Copyright IBM Corp. 1998, 2003 113
114 IBM Tivoli Directory Server: wPtmΓU
² C. αg°A
pGzwtg°AAbαºe²ñΩTC
pGzOq IBM Directory Server 5.1 αAg@ún⌠≤αC
ϕzN IBM Tivoli Directory Server 5.2 °Awb IBM Directory Server
4.1 °AWA°A≤s ibmslapd.conf ñ cn=Master Server CU
O ibm-slapdPendingMigration Q[J cn=Master Server ñAHⁿXz
b°A≈⌡µgαCbí≈¡xWAibmslapd.conf b⌡µα Script
≤sCo α Script bwºßB°A≈ºe⌡µC
UCdπ ibmslapd.conf ñ cn=Master Server FΘrOαLñ[
JΩTC]pGO WindowsAαbwLñ⌡µC
dn: cn=Master Server, cn=configurationobjectclass: topobjectclass: ibm-slapdReplicationobjectclass: ibm-slapdConfigEntryobjectclass: ibm-slapdPendingMigrationibm-slapdMigrationInfo: 4.1 REPLICAcn: Master Serveribm-slapdMasterDN: cn=masteribm-slapdMasterPW: masterpass2ibm-slapdMasterReferral: ldap://mymaster.mycompany.com
ibm-slapdMigrationInfo ⁿXnα°A¼CHUCXoG
4.1 REPLICA¬°A
4.1 MASTER¬gD°A
4.1 PEER¬gPh°A
pGz°Atmút cn=MasterServer AúKsWUCG
dn: cn=Master Server, cn=configurationobjectclass: topobjectclass: ibm-slapdReplicationobjectclass: ibm-slapdConfigEntryobjectclass: ibm-slapdPendingMigrationibm-slapdMigrationInfo: 4.1 MASTER
gαO@µ@Auob°AABOb
ibm-slapdPendingMigration UOtm cn=Master Server ßCziH
4.1 ΩwAΓN ibm-slapdPendingMigration OsW cn=Master
Server AHOαg÷ΩTCgtmM¿gí
úQUCΦíαG
© Copyright IBM Corp. 1998, 2003 115
v pGoO¬g°AAhC@tm°Ar !
ibm-rep l ica t ionContex tB ibm-rep l icaGroup M ibm-rep l icaSubent ryA²
CN=SCHEMABCN=LOCALHOST M CN=PWDPOLICY ÑrúC
v pGoOPh°AD°AAhuϕ cn=localhost l≡U replicaObject
sbA" ! i b m - r e p l i c a t i o n C o n t e x tB i b m - r e p l i c a G r o u p M
ibm-replicaSubentryC
v pGOPh°AMD°AAhN cn=localhost l≡U replicaObject
α¿ ibm-replicationAgreement M ibm-replicationCredentials ²C
v pGOπ replicaObject D°AMPh°AAN CHANGE M
PROGRESS ϕµñe⌡µgΩM¼AA૨Φwq IBM Tivoli
Directory Server 5.1 REPLCHANGEBREPLSTATUS M REPLCSTAT ϕµC
v Q¿g@ºßAKN ibm-slapdPendingMigration UOqibmslapd.conf cn=Master Server ñúAB]Nw@o CHANGE
M PROGRESS ϕµqΩwñRúC
⌡µí≈¡x⌠≤α Script ºßAIBM Tivoli Directory Server 5.2 ≈
BzD°APh°AgMΩα@CúLAn
@kOs@²Ω≈AHK]LkwúóPΩyóC
: ਧßApGzN²egMΦ"αºíXJA ldapdiff uπDCp ldapdiff ÷ΩTA\ IBM
Tivoli Directory Server 5.2 zΓUC
116 IBM Tivoli Directory Server: wPtmΓU
² D. wBtmúw WebSphere Application Server -Express O
zní°A"α Web zuπCIBM Tivoli Directory Server 5.2 ú
WebSphere Application Server - Express O V5.0.2 í°AC
pGz InstallShield GUI w Web zuπAKi∩ WebSphere Application
Server - Express OiµwCbñAtm]¿C
pGzwΦkAiHΓwPtm WebSphere Application Server -
Express OCpGzww WebSphere Application Server - Express O V 5.0.2A
b Web zuπºeAHΓiµtmC
Γwtm WebSphere Application Server - Express O
w WebSphere Application Server - Express O
YnΓw WebSphere Application Server - Express OA⌡µUCG
1. bzUⁿúY]IBM Tivoli Directory Server zip tar ºßA(
½²zi²C
2. bⁿOúñΘJUCⁿOG
v b Windows ¡xWG
install.bat -installRoot installpath\appsrv -hostName localhost
v b UNIX ¡xWG
install.sh -installRoot installpath/appsrv -hostName localhost
Σñ
v installpath Oú²C
v appsrv Ozw WebSphere Application Server - Express Ol²C
D appsrv ²ApnAziH≤l²C
bw Web zuπºeAUCⁿON Web zuπs WebSphere
Application Server - Express O²G
mkdir installpath/appsrv/installableApps/cp installpath/idstools/IDSWebApp.war installpath/appsrv/installableApps/
w Web zuπ WebSphere Application Server - Express O
UCⁿOw Web zuπ WebSphere Application Server - Express OG
v b Windows tWG
"installpath\appsrv\bin\wsadmin.bat" -conntype NONE -c "$AdminAppinstall installpath\appsrv\installableApps\IDSWebApp.war-configroot \"installpath\appsrv/config\"-node DefaultNode -usedefaultbindings -nodeployejb -appname IDSWebApp.war-contextroot \"IDSWebApp\""
: NⁿOΘJbP@µC
© Copyright IBM Corp. 1998, 2003 117
v b UNIX tWG
installpath/appsrv/bin/wsadmin.sh -conntype NONE -c "\$AdminAppinstall installpath/appsrv/installableApps/IDSWebApp.war-configroot \"installpath/appsrv/config\"-node DefaultNode -usedefaultbindings -nodeployejb -appname IDSWebApp.war-contextroot \"IDSWebApp\""
:
1. pGzzL InstallShield GUI w Web zuπM WebSphere Application Server
- Express OAho ⁿO⌡µC
2. pGzQnbDσ⌠ñ Web zuπA\ 105yΘJ
Web zuπΩlzC
q WebSphere Application Server - Express Oúw Web zuπ
Ynq WebSphere Application Server - Express OHΓúw Web zu
πG
1. Twí°AwgC÷ⁿ\ 93yí°A
HK Web zuπzC
2. bⁿOúñΘJUCⁿOúw Web zuπG
v b Windows ¡xWG
WASPath\bin\wsadmin.bat -conntype NONE -c "$AdminApp uninstall IDSWebApp.war"
v b UNIX ¡xWG
WASPath/bin/wsadmin.sh -conntype NONE -c "\$AdminApp uninstall IDSWebApp.war"
Σñ WASPath Ozw WebSphere Application Server - Express O⌠C
WebSphere Application Server - Express Ow]≡
WebSphere Application Server - Express O2w]≡]wG
v Http Θ]≡ 1G 9080
v Http Θ]≡ 2G 9443
v Bootstrap/rmi ≡G2809
v Soap s≡G8880
pGPo w]≡ñ@h≡ΣLío≡AziHσr
sΦíNw]≡≤≡C
Http Θ≡ 1bUCñMΣ]t≡ 9080 σrµAHzQn≡N 9080G
$WASHOME\config\cells\DefaultNode\nodes\DefaultNode\servers\
server1\server.xml
$WASHOME\config\cells\DefaultNode\virtualhosts.xml
Σñ WASHOME O WebSphere Application Server - Express Ow
²C
Http Θ≡ 2bUCñMΣ]t≡ 9443 σrµAHzQn≡N 9443G
118 IBM Tivoli Directory Server: wPtmΓU
$WASHOME\config\cells\DefaultNode\nodes\DefaultNode\servers\
server1\server.xml
$WASHOME\config\cells\DefaultNode\virtualhosts.xml
Σñ WASHOME O WebSphere Application Server - Express Ow
²C
Bootstrap/rmi ≡
bUCñMΣ]t≡ 2809 σrµAHzQn≡N 2809G
$WASHOME\config\cells\DefaultNode\nodes\DefaultNode\serverindex.html
Σñ WASHOME O WebSphere Application Server - Express Ow
²C
Soap s≡
bUCñMΣ]t≡ 8880 σrµAHzQn≡N 8880G
$WASHOME\config\cells\DefaultNode\nodes\DefaultNode\serverindex.html
Σñ WASHOME O WebSphere Application Server - Express Ow
²C
b WebSphere Application Server - Express O V5.0.2 HTTPSWebSphere Application Server - Express O V5.0.2 H HTTPS w]≡
9443CYn HTTPSAz≤nJ URL pUG
https://<hostname>:9443/IDSWebApp/IDSjsp/Login.jsp
YúO HTTPS suA≥ URLG
http://<hostname>:9080/IDSWebApp/IDSjsp/Login.jsp
ApGzn≤í°A SSL AziH !s≈PH⌠xsΩ
w WebSphere Application Server - Express OCw]A≈MH⌠
xsΩwO*B±b <WASHOME>/etc ²Co W*O
DummyServerKeyFile.jks M DummyServerTrustFile.jksC
bz !s jks ºßAziH∩
<WASHOME>/config/cells/DefaultNode/security.xml ñUC]HΘrjπ
A≤ WAS ≈MH⌠xsΩwAHsWBKXMµ
íG
<repertoire xmi:id="SSLConfig_1" alias="DefaultSSLSettings"><setting xmi:id="DefaultSSLSettings"
keyFileName="$USER_INSTALL_ROOT/etc/DummyServerKeyFile.jks"keyFilePassword="WebAS" keyFileFormat="JKS"trustFileName="$USER_INSTALL_ROOT/etc/DummyServerTrustFile.jks"trustFilePassword="WebAS" trustFileFormat="JKS"clientAuthentication="false" securityLevel="HIGH"enableCryptoHardwareSupport="false"><cryptoHardware xmi:id="CryptoHardwareToken_1" tokenType=""
libraryFile="" password=""/><properties xmi:id="Property_4" name="com.ibm.ssl.protocol" value="SSLv3"/>
² D. wBtmúw WebSphere Application Server - Express O 119
<properties xmi:id="Property_5" name="com.ibm.ssl.contextProvider"value="IBMJSSE"/>
</setting></repertoire>
120 IBM Tivoli Directory Server: wPtmΓU
² E. N Web zuπw WebSphere
IBM Tivoli Directory Server 5.2 ú WebSphere Application Server - Express O
5.0.2 @ Web zuπí°ACMAz]iH WebSphere 5.0
≤s@ Web zuπí°ACpGz WebSphereAz
N Web zuπw WebSphereCUCⁿñG
1. úwΩTw WebSphereC
2. InstallShield GUI @twíw Web zuπC]t Web
zuπW IDSWebApp.warAObwíⁿwºw²
idstools l²C
3. WebSphere úΩTN Web zuπíw WebSphereCpA
pGzuzDxv°íAbuwsív°íñA]w⌠
installdirectory/idstools/IDSWebApp.warA]w⌠wq /IDSWebAppC
installdirectory Ow Web zuπⁿw²C
4. Web zuπ]pAzLuzDxvC
5 . b W e b s²ñAΘJUCG
http://localhost:9080/IDSWebApp/IDSjsp/Login.jsp
eπuIBM Tivoli Directory Server Web zvnJ°íC
: ubzObww Web zuπqúW⌡µs²A"B@C
pG Web zuπOwbúPqúWAw Web zuπºqú
D≈W IP N localhostC
: pGzQnbDσ⌠ñ Web zuπA\ 105yΘJ
Web zuπΩlzC
© Copyright IBM Corp. 1998, 2003 121
122 IBM Tivoli Directory Server: wPtmΓU
² F. wPtm DSML
ϕzw Web zuπA²AOyÑ (DSML) Kww¿ installpath/idstools
]Y Windows th installpath\idstools²ñW DSML.zip .zip Cϕ
zúY DSML.zip Aíσ≤íp≤wBtm DSMLCo
]AG
DSMLReadme.txtiíM≤ñAip≤wtm DSMLC
dsml.pdfiíp≤ DSMLC PDF µíC
dsml.htmi HTML µííp≤ DSMLC
© Copyright IBM Corp. 1998, 2003 123
124 IBM Tivoli Directory Server: wPtmΓU
² G. ⁿJdΩw
UCⁿJdΩwC
1. btmuπñA÷@U¬@MµñzrC
2. buzrv°í SuffixDN µñAΘJ o=ibm,c=usCoOnOsd
Ωr DNC≤dΩOr o=ibm,c=us @í≈A]oOzsWr DNC
3. ÷@UsWC
4. ÷@UTwC
: bz÷UsWArYsWµr DN MµñFúLAbz÷UTweAΩWsWrC
5. btmuπñA÷@U¬@MµñJ LDIF ΩC
6. bkuJ LDIF Ωv°í⌠M LDIF WµñAΘJUCΣñ@G
v b Windows tWAΘJ install_dir\examples\sample.ldif
v b UNIX tWAΘJ install_dir/examples/sample.ldif
A÷@Us²AHMΣCinstall_dir O IBM Tivoli Directory Server w
²C
7. ÷@UJC
8. ÷@UJC
: tAz]iHG
v ldapcfg ⁿOsWrGldapcfg -s "o=ibm,c=us"
v l d i f 2 d b íJΩCpG l d i f 2 d b - i
install_dir\examples\sample.ldif
9. Bz¿ºßAⁿOúUAΘJ ibmslapd H°AC
°AπTºCpG°AQAeWKπUCTºG
IBM Tivoli Directory 5.2 °AwC
zwτdΩwwTⁿJABwwQ¿C
pGzww Web zuπA÷ 93y Web zuπzñⁿ
ªCp Web zuπ°A÷ΩTA\ IBM Tivoli Directory
Server 5.2 zΓUC
© Copyright IBM Corp. 1998, 2003 125
126 IBM Tivoli Directory Server: wPtmΓU
² H. UTF-8 Σ
IBM Tivoli Directory Server Q UTF-8]UCS α½µírAsxΣhΩytr
CpP LDAP 3 qH≤wⁿw@Ab LDAP ßP°Aºí
erΩú UTF-8C]A²°Aitm¿xs⌠≤i UTF-8 ϕ
ΩayÑrC≤ixsjM r¼÷¡εAhM≤zp≤ !
ΩwwCΩwriⁿw UTF-8A]iH]w¿°Atr
]°yÑ⌠ByÑMrX⌠wC
pGzⁿw UTF-8AhiN⌠≤ UTF-8 rΩxsb²ñCb@Ua⌡µ
LDAP ß]⌠≤ UTF-8 ΣyÑúαsMjM²CúLAb\hí
pUAßiαLkHSwyÑ/rπ²ñGC UTF-8 Ω
w]αWqBA]bxsΩqΩwΩAúniµΩα
½C
: pGznyÑAΩwO UTF-8 ΩwC
b≤]U∩ UTF-8 HµíH
UTF-8 ΩwTwsCoO UTF-8 rGiCzúα∩
UTF-8 Ωw⌡µ*yÑsC
pGz LDAP íϕ½°Lo°≤jMG]p ″name
>= SMITH″A⌠≤ⁿwGεjMAαΣϕaytúGAh UTF-8 iαúAXΣ²ΩwrCbíUALDAP °At
ßtPrMyÑ⌠⌡µCpA⌡µuΦZ2σvyÑ
⌠ LDAP °AAHyÑ⌠ !ΩwAr]pP
ΦZ2σºßw!jMGCtm¡εz²
sAuα@@δrPsC
°Aí
nΓ !@t UTF-8 LDIF úµCFAtiΣ
LDIF µírXRCbXRUAiNu⌠⌠⌠ⁿúX≈c (IANA)vrW
]sPXⁿwb LDIF YñCtiΣ@ ¡ IANA r
C
d
ziH∩ charset A²°AíNⁿwr૨ UTF-8A
pUCdG
version: 1charset: ISO-8859-1
dn: cn=Juan Griego, o=University of New Mexico, c=UScn: Juan Griegosn: Griegodescription:: V2hhdCBhIGNhcmVmdWwgcmVhZGVyIHlvd
© Copyright IBM Corp. 1998, 2003 127
title: Associate Deantitle: [title in Spanish]jpegPhoto:< file:///usr/local/photos/jgriego.jpg
bñA≥bWPµ@ßAq ISO-8859-1 rα½
UTF-8C≥bWMΓß]p description:: V2hhdCBhIGNhcm...A
base64 sXεABGi UTF-8 rΩC¬ñ]pGWzdñA
URL ⁿw jpegPhoto A]Gi UTF-8Cbo ΦAú⌡
µqⁿwrα½ UTF-8 @C
bñALDIF S charset AtwΣe UTF-8 µíG
# IBM IBM Directorysample LDIF file## The suffix "o=IBM, c=US" should be defined before attempting to load# this data.
version: 1
dn: o=IBM, c=USobjectclass: topobjectclass: organizationo: IBM
dn: ou=Austin, o=IBM, c=USou: Austinobjectclass: organizationalUnitseealso: cn=Mary Smith, ou=Austin, o=IBM, c=US
pP IBM Tivoli Directory Server @AiHú]t version: 1 YΩ
TC
# IBM IBM Directorysample LDIF file## The suffix "o=IBM, c=US" should be defined before attempting to load# this data.
dn: o=IBM, c=USobjectclass: topobjectclass: organizationo: IBM
dn: ou=Austin, o=IBM, c=USou: Austinobjectclass: organizationalUnitseealso: cn=Linda Carlesberg, ou=Austin, o=IBM, c=US
128 IBM Tivoli Directory Server: wPtmΓU
Σ IANA r
pUϕAIBM Tivoli Directory Server i¡xΣu⌠⌠⌠ⁿúX≈c
(IANA)vrWCo OiHb LDIF ñⁿwrWAOQ C ß
O²NºΘJΩrC
ϕ 4. ¡xΣ IANA r
r yÑ⌠ DB2 rX
W LinuxBS/390®
LinuxBHP-UX
NT AIX Solaris UNIX NT
ISO-8859-1 X X X X 819 1252
ISO-8859-2 X X X X 912 1250
ISO-8859-5 X X X X 915 1251
ISO-8859-6 X X X n/a 1089 1256
ISO-8859-7 X X X n/a 813 1253
ISO-8859-8 X X X n/a 916 1255
ISO-8859-9 X X X n/a 920 1254
IBM437 n/a X n/a n/a 437 437
IBM850 n/a X X n/a 850 850
IBM852 n/a X n/a n/a 852 852
IBM857 n/a X n/a n/a 857 857
IBM862 n/a X n/a n/a 862 862
IBM864 n/a X n/a n/a 864 864
IBM866 n/a X n/a n/a 866 866
IBM869 n/a X n/a n/a 869 869
TIS-620 n/a X X n/a 874 874
EUC-JP X n/a X X 954 n/a
EUC-KR n/a n/a X X 970 n/a
EUC-CN n/a n/a X X 1383 n/a
EUC-TW n/a n/a X X 964 n/a
Shift-JIS X X X X 932 943
KSC n/a X n/a n/a n/a 949
GBK n/a X X n/a 1386 1386
Big5 n/a X X X 950 950
² H. UTF-8 Σ 129
130 IBM Tivoli Directory Server: wPtmΓU
² I. ]w GSKit HΣ CMS ≈Ωw
Yn]w GSKit HΣuµ ít (CMS)v≈ΩwAb iKeyman GUI
ºeA²¿UCG
1. Twzwgw GSKit 7aC
2. w IBM JRE JDK 1.4.1 PÑ JRE JDKC
3. ]w JAVA_HOME HⁿV Java 1.4.1 wb²CpG
v b Windows WA]w JAVA_HOME=c:\Program Files\IBM\Java14C
v b AIX WAX JAVA_HOME=/usr/ldap/javaC
4. b AIX WAbⁿOúUΘJUCⁿO !q /usr/ldap/jre /usr/ldap/java G
ln -s /usr/ldap/java /usr/ldap/jre
5. ú Windows W JAVA_HOME\jre\lib\ext ²ñ ibmjsse.jar, gskikm.jar]pGs
bM ibmjcaprovider.jar Cb AIX WA²O JAVA_HOME/lib/ext
(/usr/ldap/java/lib/ext)C
6. Tw JAVA_HOME\jre\]AIX W /usr/ldap/java/²UC JAR G
v lib/ext/ibmjceprovider.jar
v lib/ext/ibmpkcs.jar
v lib/ibmjcefw.jar
v lib/ext/ibmjcefips.jar]Σ FIPS ∩
v lib/security/local_policy.jar
v lib/security/US_export_policy.jar
v lib/ibmpkcs11.jar
b Solaris WAJDK 1.4 nDn hC]í≈Ωaif¡εA
J2SDK 1.4.1 nΘG hwg i[Kj¡εCSolaris w
nL⌠≤[Kj¡ε hC
÷ hΩTA\UC⌠G
http://java.sun.com/products/jce/index-14.html
YnUⁿAUC⌠G
http://java.sun.com/j2se/1.4/download.html#docs
: GSKit b GSKit_installation_path\classes\jre\lib\ext UwgúFπ jar
M ibmpkcs11.jar ΦKzCUúiµMwOnNo JSSE JAR
búñXfCUCO GSKit G
v úH⌠≤∩úiµt JSSE JAR C
v pGz Java w JSSE JAR ± GSKit nsAhún
⌡µ⌠≤@C
v pGz Java w JSSE JAR ± GSKit nAz
GSKit JAR N JSSE JAR CGSKit iKeyman iHft
© Copyright IBM Corp. 1998, 2003 131
JSSE JAR B@CúLAí≈ iKeyman \αiαóA]bz
JDK wñtwC
7. GSKit UCín² IBMCMS P IBM JCE AúG
≤s JAVA_HOME/jre/lib/security/java.security AHKb Sun úßΦsW IBM
CMS P IBM JCE úCpG
security.provider.1=sun.security.provider.Sunsecurity.provider.2=com.ibm.spi.IBMCMSProvidersecurity.provider.3=com.ibm.crypto.provider.IBMJCE
ziHb GSKit_Installation_path\classes\gsk_java.security ñΣd java.security
C
Yn FIPSA≤s JAVA_HOME/jre/lib/security/java.security Ab Sun ú
ºßsW IBMCMSBIBMJCE M IBMJCEFIPS úCTw IBMJCEFIPS
ún²¬≤ IBMJCE u²CpG
security.provider.1=sun.security.provider.Sunsecurity.provider.2=com.ibm.spi.IBMCMSProvidersecurity.provider.3=com.ibm.crypto.fips.provider.IBMJCEFIPSsecurity.provider.4=com.ibm.crypto.provider.IBMJCE
8. BJi∩CpGzO JSSE A JSSE s[KwΘA≤
J A V A _ H O M E \ j r e \ l i b \ e x t ²ñw i b m p k c s 1 1 . j a r Aϕ
GSKit_Installation_path/classes/native/native-support.zip ñⁿ]w[KwΘ DLLC
: z]iHb 2002 ' 8 δ 5 Θºßoµ JSSE M≤ñΣ ibmpkcs11.jar C
Ynn² @IBMPKCS11 AúAUCd≤s
JAVA_HOME/jre/lib/security/java.security G
security.provider.1=sun.security.provider.Sunsecurity.provider.2= com.ibm.crypto.provider.IBMJCEsecurity.provider.3=com.ibm.crypto.pkcs11.provider.IBMPKCS11
132 IBM Tivoli Directory Server: wPtmΓU
² J. ϕ /home O NFS ⁿAtmΩw≤ /home Hm
b UNIX tWApGz NFS ⁿAΓtmC@"α !Ω
wb /home HmCbípU⌡µΓtm]iK ldapcfg ⁿOgJ/home DC
:
1. UCBJ]zn]wΩO ldapdb2BDB2 ΩO ldapdb2BΩwWO
ldapdb2 ΩwC
2. jP zbsΦ⌠≤tºeA²xs@≈C
1. ∩Ωwz !W dbsysadm s G
groupadd [-g <gid>] dbsysadm
: í≈ Linux oµW groupadd ⁿOn -g <gid> ykⁿws ID
X (gid)CΘJ
cat /etc/group
MΣis ID XCpGSⁿw -g ∩ARed Hat ⁿwU@
i gidC
2. sW root M ldap dbsysadm s G
usermod -G dbsysadm rootusermod -G dbsysadm ldap
3. !bß (ldapdb2) DB2 ΩG
useradd -g dbsysadm -m ldapdb2
4. ]wbß (ldapdb2) KXG
passwd ldapdb2
ϕXúAΘJsKXCOUzKXHKΘßC
5. !ΩwΩG
<LDAPHOME>/db2/instance/db2icrt -u ldapdb2 ldapdb2
Σñ <LDAPHOME> OG
v AIXBLinux @t- /usr/ldap
v Solaris @t - /opt/IBMldaps
v HP-UX @t- /usr/IBMldap
6. nJΩw IDG
su - ldapdb2
7. ΩwzíG
db2start
8. bΩºU !ΩwG
db2 create db ldapdb2 on <location> using codeset UTF-8 territory US
© Copyright IBM Corp. 1998, 2003 133
: pGzñ using codeset UTF-8 territory USAhHrX !Ω
wCMArXvTαCΩwntW' 80Mb
iíC !ΩwºeA df -k TwíDC
9. htmG
db2empfa ldapdb2
: oOα[j\αAl⌡µºßYLkC
10. ≤sí≈ DB2 πG
db2 update db cfg for <databasename> using <parm> <newvalue>DB2 \pAPPLHEAPSZ 2048PCKCACHESZ 360SORTHEAP 256
pG
db2 update db cfg for ldapdb2 using APPLHEAPSZ 1280
11. Ωwwtm¿FziH≤stmΩwCb
<LDAPHOME>etc/ibmslapd.conf UCq¿G
dn: cn=Directory,cn=RDBM Backends,cn=IBM SecureWay,cn=Schemas,cn=Configurationobjectclass: topobjectclass: ibm-slapdRdbmBackendcn: Directoryibm-slapdPlugin: database /bin/libback-rdbm.dll rdbm_backend_initibm-slapdDbConnections: 15ibm-slapdSuffix: cn=localhostibm-slapdReadOnly: FALSE
sWUCσrµG
ibm-slapdDbInstance: ldapdb2ibm-slapdDbAlias: ldapdb2bibm-slapdDbUserId: ldapdb2ibm-slapdDbUserPw: <KX>ibm-slapdDbLocation: <wqm>
úq¿pUG
dn: cn=Directory,cn=RDBM Backends,cn=IBM SecureWay,cn=Schemas,cn=Configurationobjectclass: topobjectclass: ibm-slapdRdbmBackendcn: Directoryibm-slapdPlugin: database /bin/libback-rdbm.dll rdbm_backend_initibm-slapdDbInstance: ldapdb2ibm-slapdDbAlias: ldapdb2bibm-slapdDbUserId: ldapdb2ibm-slapdDbUserPw: <KX>ibm-slapdDbLocation: <wqm>ibm-slapdDbConnections: 15ibm-slapdSuffix: cn=localhostibm-slapdReadOnly: FALSE
12. pGz 133 8 BJñí UTF-8 Ωxsw]bq¿G dn:
cn=Front End, cn=ConfigurationAzUCσrµ G
#ibm-slapdSetEnv: DB2CP=1208
Ωwwi Directory °AC@ßO°íA]°A
!vϕµíMw*C
134 IBM Tivoli Directory Server: wPtmΓU
² K. IBM Tivoli Directory Server tm⌡
²íu²ΩT≡v(Directory Information Tree, DIT) Htm ibmslapd.conf
Cbí≈ñA²tm]wOHMµíxsbtmñCq 3.2
lA²]whOH LDIF µíxsbtmñC
b 5.1 ñAtmWwq slapd32.conf ∩¿ ibmslapd.confCtm⌡
e#iC¼ib v3.config.at ñΣA½≤Ohm≤ v3.config.oc
ñCiH ldapmodify ⁿO∩Cp ldapmodify ⁿO÷ΩTA\ IBM Tivoli Directory Server 5.2 zΓUC
²ΩT≡
cn=Configuration
v cn=Admin
v cn=AdminGroup
v cn=Event Notification
v cn=Front End
v cn=Kerberos
v cn=Master Server
v cn=Referral
v cn=Schema
– cn=IBM Directory
- cn=Config Backends
v cn=ConfigDB
- cn=RDBM Backends
v cn=Directory
v cn=ChangeLog
- cn=LDCF Backends
v cn=SchemaDB
v cn=SSL
– cn=CRL
v cn=Transaction
v cn=Digest
v cn=admin audit
v cn=Audit
v cn=Connection Management
cn=Configuration
DN cn=Configuration
© Copyright IBM Corp. 1998, 2003 135
í oOtm DIT ñhCªs±°AsΩA÷MΩWª]]t
°CoñC@X ibmslapd.conf @q]s
q¿C
1]n
½≤O
ibm-slapdTop
n
v cn
v ibm-slapdAdminDN
v ibm-slapdAdminPW
v ibm-slapdErrorLog
v ibm-slapdPort
v ibm-slapdPwEncryption
v ibm-slapdSizeLimit
v ibm-slapdSysLogLevel
v ibm-slapdTimeLimit
v ibm-slapdDerefAliases
v objectClass
∩
v ibm-slapdConcurrentRW]YN@o
v ibm-slapdMaxPendingChangesDisplayed
v ibm-slapdServerId
v ibm-slapdSupportedWebAdmVersion
v ibm-slapdVersion
v ibm-slapdAdminGroupEnabled
v ibm-slapdStartupTraceEnabled
v ibm-slapdTraceMessageLog
v ibm-slapdTraceMessageLevel
cn=Admin
DN cn=Admin, cn=Configuration
í IBM znístm]w
1]n
½≤O
ibm-slapdAdmin
n
v cn
v ibm-slapdErrorLog
v ibm-slapdPort
136 IBM Tivoli Directory Server: wPtmΓU
∩
v ibm-slapdSecurePort
cn=AdminGroup
DN cn=<id>, cn=AdminGroup, cn=Configuration
í ≤uzs vCOb cn=AdminGroup, cn=Configuration l≡
UC
0]∩uϕznzs ¿"nC
½≤O
ibm-slapdAdminGroupMember
n
v ibm-slapdAdminDN
v ibm-slapdAdminPW
∩
v ibm-slapdKrbAdminDN
v ibm-slapdDigestAdminUser
cn=Event Notification
DN cn=Event Notification, cn=Configuration
í IBM Tivoli Directory Server 5.1 s≤q]w
0 1]∩FubzQ≤q"n
½≤O
ibm-slapdEventNotification
n
v cn
v ibm-slapdEnableEventNotification
v objectClass
∩
v ibm-slapdMaxEventsPerConnection
v ibm-slapdMaxEventsTotal
cn=Front End
DN cn=Front End, cn=Configuration
í °AbMs⌠]wC
0 1]i∩
½≤O
ibm-slapdFrontEnd
n
v cn
² K. IBM Tivoli Directory Server tm⌡ 137
v objectClass
∩
v ibm-slapdACLCache
v ibm-slapdACLCacheSize
v ibm-slapdDB2CP
v ibm-slapdEntryCacheSize
v ibm-slapdFilterCacheBypassLimit
v ibm-slapdFilterCacheSize
v ibm-slapdPlugin
v ibm-slapdSetenv
v ibm-slapdIdleTimeOut
cn=Kerberos
DN cn=Kerberos, cn=Configuration
í IBM Tivoli Directory Server 5.2 s Kerberos O]wC
0 1]i∩
½≤O
ibm-slapdKerberos
n
v cn
v ibm-slapdKrbEnable
v ibm-slapdKrbRealm
v ibm-slapdKrbKeyTab
v ibm-slapdKrbIdentityMap
v ibm-slapdKrbAdminDN
v objectClass
∩
v L
cn=Master Server
DN cn=Master Server, cn=Configuration
í btmAos±D°AsM URLC
0 1]i∩
½≤O
ibm-slapdReplication
n
v cn
v ibm-slapdMasterPW]pGS Kerberos OΦíAhⁿwC
v objectClass
138 IBM Tivoli Directory Server: wPtmΓU
∩
v ibm-slapdMasterDN
v ibm-slapdMasterPW]pG Kerberos OΦíAh∩C
v ibm-slapdMasterReferral
cn=Referral
DN cn=Referral, cn=Configuration
í ot ibmslapd.conf º@q]sq¿ñαCp
GS⌠≤α]w]SAho∩C
0 1]i∩
½≤O
ibm-slapdReferral
n
v cn
v ibm-slapdReferral
v objectClass
∩
v L
cn=Schemas
DN cn=Schemas, cn=Configuration
í o⌡xsCoDTnA]½≤O
ibm-slapdSchema i*⌡CJªOF DIT i¬C
eue\@⌡Gcn=IBM DirectoryC
1]n
½≤O
Container
n
v cn
v objectClass
∩
v L
cn=IBM Directory
DN cn=IBM Directory, cn=Schemas, cn=Configuration
í ot ibmslapd.conf º@q]sq¿ñ⌡tmΩ
Cª]⌡ºßíxsCúΣh⌡A²Y
ΣAhC⌡@ ibm-slapdSchema CNAh⌡Q°
úeC]A@ßíuαs@⌡C
1]n
² K. IBM Tivoli Directory Server tm⌡ 139
½≤O
ibm-slapdSchema
n
v cn
v ibm-slapdSchemaCheck
v ibm-slapdIncludeSchema
v objectClass
∩
v ibm-slapdSchemaAdditions
cn=Config Backends
DN cn=Config Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
í Config ßíxsC
1]n
½≤O
Container
n
v cn
v objectClass
∩
L
cn=ConfigDB
DN cn=ConfigDB, cn=Config Backends, cn=IBM Directory, cn=Schemas,
cn=Configuration
í IBM Tivoli Directory Server °Atmtmßí
0 - n]i∩
½≤O
ibm-slapdConfigBackend
n
v cn
v ibm-slapdSuffix
v ibm-slapdPlugin
v objectClass
∩
v ibm-slapdReadOnly
cn=RDBM Backends
DN cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
í o RDBM ßíxsC≤Nl°
140 IBM Tivoli Directory Server: wPtmΓU
DB2 ßíA]ΩWN ibmslapd.conf ñ database rdbm @
µCoDTnA]½≤O ibm-slapdRdbmBackend i*
RDBM ßíCJªOFWi DIT i¬C
0 1]i∩
½≤O
Container
n
v cn
v objectClass
∩
v L
cn=Directory
DN cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas,
cn=Configuration
í o]tw] RDBM ΩwßíΩwtm]wC
÷MiH !h⌠NWßíA²Ou°Azv]
″cn=Directory″ ODn²ßíA ″cn=Change Log″ O∩≤ΘxßíCurH ″cn=Directory″ π"izLu°Azvtm]≤ΘxrúAΣO≤Θxzq]wC
0 - n]i∩
½≤O
ibm-slapdRdbmBackend
n
v cn
v ibm-slapdDbInstance
v ibm-slapdDbName
v ibm-slapdDbUserID
v ibm-slapdDbUserPW
v objectClass
∩
v ibm-slapdBulkloadErrors
v ibm-slapdChangeLogMaxEntries
v ibm-slapdChangeLogMaxAge
v ibm-slapdCLIErrors
v ibm-slapdDBAlias
v ibm-slapdDB2CP
v ibm-slapdDbConnections
v ibm-slapdDbLocation
v ibm-slapdPagedResAllowNonAdmin
² K. IBM Tivoli Directory Server tm⌡ 141
v ibm-slapdPagedResLmt
v ibm-slapdPlugin
v ibm-slapdReadOnly
v ibm-slapdReplDbConns
v ibm-slapdSortKeyLimit
v ibm-slapdSortSrchAllowNonAdmin
v ibm-slapdSuffix
v ibm-slapdUseProcessIdPw
v ibm-slapdCachedAttribute
v ibm-slapdCachedAttributeSize
v ibm-slapdLanguageTagsEnabled
: pGz ibm-slapdUseProcessIdPwAz∩⌡ANibm-slapdDbUserPW ]∩C
cn=Change Log
DN cn=Change Log, cn=RDBM Backends, cn=IBM Directory, cn=Schemas,
cn=Configuration
í o]t≤ΘxßíΩwtm]wC
0 - n]i∩
½≤O
ibm-slapdRdbmBackend
n
v cn
v ibm-slapdDbInstance
v ibm-slapdDbName
v ibm-slapdDbUserID
v ibm-slapdDbUserPW
v objectClass
∩
v ibm-slapdBulkloadErrors
v ibm-slapdChangeLogMaxEntries
v ibm-slapdCLIErrors
v ibm-slapdDBAlias
v ibm-slapdDB2CP
v ibm-slapdDbConnections
v ibm-slapdDbLocation
v ibm-slapdPagedResAllowNonAdmin
v ibm-slapdPagedResLmt
v ibm-slapdPlugin
142 IBM Tivoli Directory Server: wPtmΓU
v ibm-slapdReadOnly
v ibm-slapdReplDbConns
v ibm-slapdSortKeyLimit
v ibm-slapdSortSrchAllowNonAdmin
v ibm-slapdSuffix
v ibm-slapdUseProcessIdPw
v ibm-slapdCachedAttribute
v ibm-slapdCachedAttributeSize
v ibm-slapdLanguageTagsEnabled
: pGz ibm-slapdUseProcessIdPwAz∩⌡ANibm-slapdDbUserPW ]∩C
cn=LDCF Backends
DN cn=LDCF Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
í o LDCF ßíxsC≤Nl°
LDCF ßíA]ΩWN ibmslapd.conf ñ database ldcf @
µCoDTnA]½≤O ibm-slapdLdcfBackend i* LDCF
ßíCJªOFWi DIT i¬C
1]n
½≤O
Container
n
v cn
v objectClass
∩
v ibm-slapdPlugin
cn=SchemaDB
DN cn=SchemaDB, cn=LDCF Backends, cn=IBM Directory, cn=Schemas,
cn=Configuration
í ot ibmslapd.conf º ldcf database qñΩwtmΩC
1]n
½≤O
ibm-slapdLdcfBackend
n
v cn
v objectClass
∩
v ibm-slapdPlugin
v ibm-slapdSuffix
² K. IBM Tivoli Directory Server tm⌡ 143
cn=SSL
DN cn=SSL, cn=Configuration
í IBM Tivoli Directory Server 5.2 s SSL su]wC
0 1]i∩
½≤O
ibm-slapdSSL
n
v cn
v ibm-slapdSecurity
v ibm-slapdSecurePort
v ibm-slapdSslAuth
v objectClass
∩
v ibm-slapdSslCertificate
v ibm-slapdSslCipherSpec
: ibm-slapdSslCipherSpecs úA (deprecated)C∩
ibm-slapdSslCipherSpecCpGz ibm-slapdSslCipherSpecsA°Aα½ΣC
v ibm-slapdSslKeyDatabase
v ibm-slapdSslKeyDatabasePW
v ibm-slapdSslKeyRingFilePW
v ibm-slapdSslFIPsModeEnabled
cn=CRL
DN cn=CRL, cn=SSL, cn=Configuration
í ot ibmslapd.conf º@q]sq¿ñ°MµΩ
Cub cn=SSL ñ ″ibm-slapdSslAuth = serverclientauth″ABwoXßHiµ CRL τA"nªC
0 1]i∩
½≤O
ibm-slapdCRL
n
v cn
v ibm-slapdLdapCrlHost
v ibm-slapdLdapCrlPort
v objectClass
∩
v ibm-slapdLdapCrlUser
v ibm-slapdLdapCrlPassword
144 IBM Tivoli Directory Server: wPtmΓU
cn=Transaction
DN cn = Transaction, cn = Configuration
í ⁿwπΘºΣ]wCUCíúºΣG
Windows 2000 Windows NT @tG
extendedop /bin/libtranext.dll tranExtOpInit 1.3.18.0.2.12.51.3.18.0.2.12.6
AIXG
extendedop /lib/libtranext.a tranExtOpInit 1.3.18.0.2.12.51.3.18.0.2.12.6
Solaris @tG
extendedop /lib/libtranext.so tranExtOpInit 1.3.18.0.2.12.51.3.18.0.2.12.6
pG ibm-slapdTransactionEnable = TRUEAh°A]slapdb≈ⁿJoíCíúTsW ibmslapd.conf ñC
0 1]∩FubzQµ÷"n
½≤O
ibm-slapdTransaction
n
v cn
v ibm-slapdMaxNumOfTransactions
v ibm-slapdMaxOpPerTransaction
v ibm-slapdMaxTimeLimitOfTransactions
v ibm-slapdTransactionEnable
v objectClass
∩
v L
cn=Digest
DN cn = Digest, cn = Configuration
í DIGEST-MD5 SASL s≈εstmC
0 1]i∩
½≤O
ibm-slapdDigest
n
v cn
v objectClass
∩
v ibm-slapdDigestRealm
v ibm-slapdDigestAttr
² K. IBM Tivoli Directory Server tm⌡ 145
v ibm-slapdDigestAdminUser
cn=admin audit
DN cn = admin audit, cn = Configuration
í °AfAtmC
0 1]i∩
½≤O
ibm-auditConfig
n
v cn
∩
v ibm-audit
v ibm-auditAdd
v ibm-auditBind
v ibm-auditDelete
v ibm-auditExtOpEvent
v ibm-auditFailedOpOnly
v ibm-auditLog
v ibm-auditModify
v ibm-auditModifyDN
v ibm-auditSearch
v ibm-auditUnbind
v ibm-auditVersion
v ibm-auditExtOp
cn=Audit
DN cn = admin audit, cn = Configuration
í znífAítmC
0 1]i∩
½≤O
ibm-auditConfig
n
v cn
∩
v ibm-audit
v ibm-auditAdd
v ibm-auditBind
v ibm-auditDelete
v ibm-auditExtOpEvent
146 IBM Tivoli Directory Server: wPtmΓU
v ibm-auditFailedOpOnly
v ibm-auditLog
v ibm-auditModify
v ibm-auditModifyDN
v ibm-auditSearch
v ibm-auditUnbind
v ibm-auditVersion
v ibm-auditExtOp
cn=Connection Management
DN cn=Connection Management, cn=Front End, cn=Configuration
í ssu]w
0 1]i∩
½≤O
ibm-slapdConnectionManagement
n
v cn
v objectClass
∩
v ibm-slapdEThreadEnable
v ibm-slapdAllowAnon
v ibm-slapdAnonReapingThreshold
v ibm-slapdBoundReapingThreshold
v ibm-slapdAllReapingThreshold
v ibm-slapdIdleTimeOut
v ibm-slapdWriteTimeout
v ibm-slapdESizeThreshold
v ibm-slapdETimeThreshold
v ibm-slapdEThreadActivate
v cn
v ibm-slapdACLCache
v ibm-slapdACLCacheSize
v ibm-slapdAdminDN
v ibm-slapdAdminGroupEnabled
v ibm-slapdAdminPW
v ibm-slapdAllowAnon
v ibm-slapdAllReapingThreshold
² K. IBM Tivoli Directory Server tm⌡ 147
v ibm-slapdAnonReapingThreshold
v ibm-slapdBoundReapingThreshold
v ibm-slapdBulkloadErrors
v ibm-slapdCachedAttribute
v ibm-slapdCachedAttributeSize
v ibm-slapdChangeLogMaxAge
v ibm-slapdChangeLogMaxEntries
v ibm-slapdCLIErrors
v ibm-slapdConcurrentRW
v ibm-slapdDB2CP
v ibm-slapdDBAlias
v ibm-slapdDbConnections
v ibm-slapdDbInstance
v ibm-slapdDbLocation
v ibm-slapdDbName
v ibm-slapdDbUserID
v ibm-slapdDbUserPW
v ibm-slapdDerefAliases
v ibm-slapdDigestAdminUser
v ibm-slapdDigestAttr
v ibm-slapdDigestRealm
v ibm-slapdEnableEventNotification
v ibm-slapdEntryCacheSize
v ibm-slapdErrorLog
v ibm-slapdESizeThreshold
v ibm-slapdEThreadActivate
v ibm-slapdEThreadEnable
v ibm-slapdETimeThreshold
v ibm-slapdFilterCacheBypassLimit
v ibm-slapdFilterCacheSize
v ibm-slapdIdleTimeOut
v ibm-slapdIncludeSchema
v ibm-slapdSslKeyRingFilePW
v ibm-slapdKrbAdminDN
v ibm-slapdKrbEnable
v ibm-slapdKrbIdentityMap
v ibm-slapdKrbKeyTab
v ibm-slapdKrbRealm
v ibm-slapdLanguageTagsEnabled
v ibm-slapdLdapCrlHost
148 IBM Tivoli Directory Server: wPtmΓU
v ibm-slapdLdapCrlPassword
v ibm-slapdLdapCrlPort
v ibm-slapdLdapCrlUser
v ibm-slapdMasterDN
v ibm-slapdMasterPW
v ibm-slapdMasterReferral
v ibm-slapdMaxEventsPerConnection
v ibm-slapdMaxEventsTotal
v ibm-slapdMaxNumOfTransactions
v ibm-slapdMaxOpPerTransaction
v ibm-slapdMaxPendingChangesDisplayed
v ibm-slapdMaxTimeLimitOfTransactions
v ibm-slapdPagedResAllowNonAdmin
v ibm-slapdPagedResLmt
v ibm-slapdPageSizeLmt
v ibm-slapdPlugin
v ibm-slapdPort
v ibm-slapdPwEncryption
v ibm-slapdReadOnly
v ibm-slapdReferral
v ibm-slapdReplDbConns
v ibm-slapdReplicaSubtree
v ibm-slapdSchemaAdditions
v ibm-slapdSchemaCheck
v ibm-slapdSecurePort
v ibm-slapdSecurity
v ibm-slapdServerId
v ibm-slapdSetenv
v ibm-slapdSizeLimit
v ibm-slapdSortKeyLimit
v ibm-slapdSortSrchAllowNonAdmin
v ibm-slapdSslAuth
v ibm-slapdSslCertificate
v ibm-slapdSslCipherSpec
v ibm-slapdSslFIPsModeEnabled
v ibm-slapdSslKeyDatabase
v ibm-slapdSslKeyDatabasePW
v ibm-slapdSslKeyRingFile
v ibm-slapdStartupTraceEnabled
v ibm-slapdSuffix
² K. IBM Tivoli Directory Server tm⌡ 149
v ibm-slapdSupportedWebAdmVersion
v ibm-slapdSysLogLevel
v ibm-slapdTimeLimit
v ibm-slapdTraceMessageLevel
v ibm-slapdTraceMessageLog
v ibm-slapdTransactionEnable
v ibm-slapdUseProcessIdPw
v ibm-slapdVersion
v ibm-slapdWriteTimeout
v objectClass
cn
í oO X.500 qWAΣ]t½≤WC
yk ²rΩ
j°
256
h
ibm-slapdACLCache
í ε°AOn ACL ΩTC
v Y] TRUEAh°A ACL ΩTC
v Y] FALSEAh°Aú ACL ΩTC
w] TRUE
yk Boolean
j°
5
µ
ibm-slapdACLCacheSize
í ACL ñαOdW¡C
w] 25000
yk π
j°
11
µ
ibm-slapdAdminDN
í IBM Tivoli Directory Server °Azs DNC
w] cn=root
150 IBM Tivoli Directory Server: wPtmΓU
yk DN
j°
ú]¡
µ
ibm-slapdAdminGroupEnabled
í ⁿweOuzs vCpG]w TRUEA°AN&\zs ñ
nJC
w] FALSE
yk Boolean
j°
128
µ
ibm-slapdAdminPW
í IBM Tivoli Directory Server °AzsKXC
w] secret
yk Gi
j°
128
µ
ibm-slapdAllowAnon
í ⁿwO&\WsC
w] True
yk Boolean
j°
128
µ
ibm-slapdAllReapingThreshold
í ⁿwbsuzºeAb°AñsuC
w] 1200
yk jpg²rΩC
j°
1024
µ
² K. IBM Tivoli Directory Server tm⌡ 151
ibm-slapdAnonReapingThreshold
í ⁿwbWsusuzºeAb°AñsuC
w] 0
yk jpg²rΩC
j°
1024
µ
ibm-slapdBoundReapingThreshold
í ⁿwbWMssusuzºeAb°AñsuC
w] 1100
yk jpg²rΩC
j°
1024
µ
ibm-slapdBulkloadErrors
í nNjqⁿJ (bulkload) Tºg ibmslapd D≈W⌠mCb
Windows WAe\ uABe ueYS≈NAhQw
Owb²]p / t m p / b u l k l o a d . e r r o r s = D : \ P r o g r a m
Files\IBM\ldap\tmp\bulkload.errors) UC
w] /var/bulkload.log
yk jpg²rΩ
j°
1024
µ
ibm-slapdCachedAttribute
í ]tbñnºWAC@WC
w] L
yk ²rΩ
j°
256
h
ibm-slapdCachedAttributeSize
í iOΘq]H µC 0 ϕú
C
w] 0
152 IBM Tivoli Directory Server: wPtmΓU
yk π
j°
11
µ
ibm-slapdChangeLogMaxAge
í ⁿwb÷pßíñAiⁿ≤Θx°Od¡]Hp
µCC@≤ΘxßíúΣv
ibm-slapdChangeLogMaxAge CpGwqWXd≥]tAh
w] 0Cd≥iHO 0]L¡ε 2,147,483,647 ºíC
w] 0
yk atπ
j°
11
µ
ibm-slapdChangeLogMaxEntries
í ≤Θxíⁿw RDBM Ωwñhie\h'≤Θx
CC@≤ΘxúΣv changeLogMaxEntries C
p = 0]ú]¡j = 2,147,483,647]32 Batπ
w] 0
yk π
j°
11
µ
ibm-slapdCLIErrors
í nN CLI Tºg ibmslapd D≈W⌠mCb Windows WA
e\ uABe ueYS≈NAh]bw²
U]p /tmp/cli.errors = D:\Program Files\IBM\ldap\tmp\cli.errorsC
w] /var/db2cli.log
yk jpg²rΩ
j°
1024
µ
ibm-slapdConcurrentRW
í N]¿ TRUEAi²jMP≤sPiµCΣe\uú ¬ (dirty
reads)vAτYAGiMΩwTw¼Aú@PC
i: wYN@oC
² K. IBM Tivoli Directory Server tm⌡ 153
w] FALSE
yk Boolean
j°
5
µ
ibm-slapdDB2CP
í ⁿw²ΩwrXCY UTF-8 ΩwAhrX 1208C
yk jpg²rΩ
j°
11
µ
ibm-slapdDBAlias
í Y DB2 ΩwOWC
yk jpg²rΩ
j°
8
µ
ibm-slapdDbConnections
í ⁿw°AM≤ DB2 ß DB2 suCb 5 & 50]t 50
ºíC
: ODBCCONS ⌠m½εⁿOC
Y ibm-slapdDbConnections] ODBCCONSp≤ 5 j≤ 50A°AN*
O 5 50CtNg !@Bsu]YwqgA
≤Θx ! 2 Bsu]pG≤ΘxwC
w] 15
yk π
j°
50
µ
ibm-slapdDbInstance
í ⁿwßí DB2 ΩwΩC
w] ldapdb2
yk jpg²rΩ
j°
8
µ
154 IBM Tivoli Directory Server: wPtmΓU
: i b m - s l a p d R d b m B a c k e n d ½≤AúP
ibm-slapdDbInstanceBibm-slapdDbUserIDBibm-slapdDbUserPW M DB2 r
C
ibm-slapdDbLocation
í ßΩwbt⌠Cb UNIX WAoqO DB2 Ω
l²]p /home/ldapdb2Cb Windows WA≈]p D:C
yk jpg²rΩ
j°
1024
µ
ibm-slapdDbName
í ⁿwßí DB2 ΩwWC
w] ldapdb2
yk jpg²rΩ
j°
8
µ
ibm-slapdDbUserID
í ⁿwsßí DB2 ΩwWC
w] ldapdb2
yk jpg²rΩ
j°
8
µ
: i b m - s l a p d R d b m B a c k e n d ½≤AúP
ibm-slapdDbInstanceBibm-slapdDbUserIDBibm-slapdDbUserPW M DB2 r
C
ibm-slapdDbUserPW
í ⁿwsßí DB2 ΩwKXCKXi σ
r imask [KC
w] ldapdb2
yk Gi
j°
128
µ
² K. IBM Tivoli Directory Server tm⌡ 155
: i b m - s l a p d R d b m B a c k e n d ½≤AúP
ibm-slapdDbInstanceBibm-slapdDbUserIDBibm-slapdDbUserPW M DB2 r
C
ibm-slapdDerefAliases
í jMnDjOWhAúbßnDñiαⁿw⌠≤
derefAliasesC&\úBMΣBjMM@wC
w] @w
yk ²rΩ
j°
6
µ
ibm-slapdDigestAdminUser
í ⁿw LDAP zzs ¿ Digest MD5 WCϕuMD5
KníOvOzC
w] L
yk ²rΩ
j°
512
µ
ibm-slapdDigestAttr
í m½w] DIGEST-MD5 WCW≤ DIGEST-MD5
SASL sWd\CpGⁿwA°A uidC
w] pGⁿwA°A uidC
yk ²rΩC
j°
64
µ
ibm-slapdDigestRealm
í m½w] DIGEST-MD5 ΓCiH²Dn@WM
KXrΩA]iαúP°AúPWMKXCº
WAªOiα]tbßbßXWCrΩ']t⌡µ
OD≈WAiαⁿXπsvXCpA
[email protected]ⁿwA°A
°AπD≈WC
w] °AπD≈WC
yk ²rΩC
156 IBM Tivoli Directory Server: wPtmΓU
j°
1024
µ
ibm-slapdEnableEventNotification
í ⁿwOnu≤qvCª]¿ TRUE FALSEC
Y]¿ FALSEAh°Aßn²&G
LDAP_UNWILLING_TO_PERFORM ≤qºnDC
w] TRUE
yk Boolean
j°
5
µ
ibm-slapdEntryCacheSize
í ñαOdW¡C
w] 25000
yk π
j°
11
µ
ibm-slapdErrorLog
í ⁿwTºng IBM Tivoli Directory Server °A≈W⌠
mCY Windows 2000 Windows NT @tAe\ uAB
e ueYS≈NAhQwOwb²UAτ
YA/tmp/slapd.errors = c:\Program Files\IBM\ldap\var\ibmslapd.logC
w] /var/ibmslapd.log
yk jpg²rΩ
j°
1024
µ
ibm-slapdESizeThreshold
í ⁿwbu≥µ⌡µⁿvºeAu@εCñu@C
w] 50
yk π
j°
1024
µ
² K. IBM Tivoli Directory Server tm⌡ 157
ibm-slapdEThreadActivate
í ⁿX ¼pNu≥µ⌡µⁿvC]¿UCΣñ@G
S jp
T í
SOT jpí
SAT jpMí
w] SAT
yk rΩ
j°
1024
µ
ibm-slapdEThreadEnable
í ⁿXu≥µ⌡µⁿvO@ñC
w] True
yk Boolean
j°
1024
µ
ibm-slapdETimeThreshold
í ⁿXbu≥µ⌡µⁿvºeAqu@εCñúíjí]H*
µC
w] 5
yk π
j°
1024
µ
ibm-slapdFilterCacheBypassLimit
í jMLo°≤ñⁿwZWXANú[jMLo°≤ñC
≤XLo°≤ ID Mµm≤ñA]wU≤¡εOΘ
C 0 ϕS¡εC
w] 100
yk π
j°
11
µ
158 IBM Tivoli Directory Server: wPtmΓU
ibm-slapdFilterCacheSize
í ⁿwjMLo°≤ñαOdW¡C
w] 25000
yk π
j°
11
µ
ibm-slapdIdleTimeOut
í ϕ LDAP suñSíAh LDAP suhih[íC
LDAP suómíAOⁿesuíΦεwgí]Hϕ
pCYsuLAj≤ºómíALDAP Server MúM
⌠ LDAP suAºΣLiJnDºC
w] 300
yk π
° 11
p µ@
k ²@
∩
O
sO
Y
n
ibm-slapdIncludeSchema
í ⁿw IBM Tivoli Directory Server °A≈ñt⌡wq⌠Cb
Windows 2000BWindows NT Windows XP @tñAe\ uA
BpGe ueS≈N]p D:AhQwOwb²UF
τY /etc/V3.system.at = D:\Program Files\IBM\ldap\etc\V3.system.atC
w]
/etc/V3.system.at
/etc/V3.system.oc
/etc/V3.config.at
/etc/V3.config.oc
/etc/V3.ibm.at
/etc/V3.ibm.oc
/etc/V3.user.at
/etc/V3.user.oc
/etc/V3.ldapsyntaxes
/etc/V3.matchingrules
² K. IBM Tivoli Directory Server tm⌡ 159
yk jpg²rΩ
j°
1024
h
ibm-slapdSslKeyRingFilePW
í ⁿwP LDAP °A SSL ≈Ωw÷pKXApPb
ibm-slapdSslKeyDatabase WⁿwCpG LDAP °A≈Ωw
÷pKX⌠AhiHñ ibm-slapdSslKeyRingFilePW A]¿
ibm-slapdSslKeyRingFilePW = noneC
: KX⌠mbP≈ΩwP²ñABΣWP≈ΩwPA²OW .sth D .kdbC
w] LC
yk ²rΩ
j°
128
µ
ibm-slapdKrbAdminDN
í ⁿw LDAP z Kerberos ID]pAibm-kn=admin1@realm1CΣ
≈OGϕznJu°AzvA Kerberos O[HO
CúF adminDN P adminPW AiHⁿwo]Oo
N adminDN P adminPWC
w] wq⌠≤w]C
yk jpg²rΩ
j°
128
µ
ibm-slapdKrbEnable
í ⁿw°AOΣ Kerberos OCªO TRUE FALSEC
w] TRUE
yk Boolean
j°
5
µ
ibm-slapdKrbIdentityMap
í ⁿwOn Kerberos ¡≈∩MCª]¿ TRUE FALSECY]¿
TRUEAhH Kerberos ID OßA°AbñjM
160 IBM Tivoli Directory Server: wPtmΓU
X Kerberos AN$ DN sWsusCoi²
Kerberos O#iH LDAP DN ACLC
w] FALSE
yk Boolean
j°
5
µ
ibm-slapdKrbKeyTab
í ⁿw LDAP °A Kerberos keytab Co]t LDAP server pK≈
A≈PΣ Kerberos bß÷pCoⁿO@]pP°A SSL ≈
ΩwC
b Windows 2000BWindows NT Windows XP @tñAe\
uABpG≈N (D:) eS⌠≤⌠AhQwOwb²
]τYG/tmp/slapd.errors = D:\Program Files\IBM\ldap\tmp\slapd.errorsC
w] wq⌠≤w]C
yk jpg²rΩ
j°
1024
µ
ibm-slapdKrbRealm
í ⁿw LDAP Server Kerberos ΓCΣoG root DSE ñ
ldapservicename CNALDAP °Aih KDC]Γºb
ßΩTxswA²O Kerberos º°A LDAP ServerAuαOµ
@Γ¿C
w] wq⌠≤w]C
yk ú*jpg²rΩ
j°
256
µ
ibm-slapdLanguageTagsEnabled
í °AOe\yÑCq ibmslapd.conf ¬O FALSEA²
OiH] TRUEC
w] FALSE
yk Boolean
j°
5
µ
² K. IBM Tivoli Directory Server tm⌡ 161
ibm-slapdLdapCrlHost
í ⁿw LDAP Server]Σ]t≤τß x.509v3 u°Mµ
(CRL)vDqúWCϕ ibm-slapdSslAuth=serverclientauthABwoXß
Hiµ CRL τAnoC
w] wq⌠≤w]C
yk ú*jpg²rΩ
j°
256
µ
ibm-slapdLdapCrlPassword
í ⁿw°A SSL s LDAP Server]Σ]t≤τß x.509v3
u°Mµ (CRL)vKXCϕ ibm-slapdSslAuth=serverclientauthA
BwoXßHiµ CRL τAiαnoC
: Y CRL LDAP Server &\gOs CRL]τYAWs
Ahún ibm-slapdLdapCrlPasswordC
w] wq⌠≤w]C
yk Gi
j°
128
µ
ibm-slapdLdapCrlPort
í ⁿws LDAP Server]Σ]t≤τß x.509v3 u
°Mµ (CRL)v≡Cϕ ibm-slapdSslAuth=serverclientauthABwoXß
Hiµ CRL τAnoC]pG IP ≡LtAh 16
πAd≥O 1 - 65535
w] wq⌠≤w]C
yk π
j°
11
µ
ibm-slapdLdapCrlUser
í ⁿw°A SSL s LDAP Server]Σ]t≤τß x.509v3
u°Mµ (CRL)v bindDNCϕ
ibm-slapdSslAuth=serverclientauthABwoXßHiµ CRL τA
iαnoC
: Y CRL LDAP Server &\gOs CRL]τYAWs
Ahún ibm-slapdLdapCrlUserC
162 IBM Tivoli Directory Server: wPtmΓU
w] wq⌠≤w]C
yk DN
j°
1000
µ
ibm-slapdMasterDN
í ⁿwD°As DNCoX replicaObject ñ∩D°Awq
replicaBindDNCϕ Kerberos Og°AAibm-slapdMasterDN
ⁿw Kerberos ID DN ϕΦí]p ibm-kn=freddy@realm1Cϕ
Kerberos Añ MasterServerPWC
w] wq⌠≤w]C
yk DN
j°
1000
µ
ibm-slapdMasterPW
í ⁿwD°AsKXCoX replicaObject ñ∩D°A
wq r e p l i c a B i n d D NCϕ K e r b e r o s Og°AA
ibm-slapdMasterDN ⁿw Kerberos ID DN ϕΦí]p
ibm-kn=freddy@realm1Cϕ Kerberos Añ MasterServerPWC
w] wq⌠≤w]C
yk Gi
j°
128
µ
ibm-slapdMasterReferral
í ⁿwD°A URLCpG
ldap://master.us.ibm.com
Yw] SSLG
ldaps://master.us.ibm.com:636
pGw]LD≡G
ldap://master.us.ibm.com:1389
w] L
yk ú*jpg²rΩ
j°
256
µ
² K. IBM Tivoli Directory Server tm⌡ 163
ibm-slapdMaxEventsPerConnection
í ⁿwCsuin²j≤qC
p = 0]ú]¡j = 2,147,483,647
w] 100
yk π
j°
11
µ
ibm-slapdMaxEventsTotal
í ⁿwsuin²j≤qC
p = 0]ú]¡j = 2,147,483,647
w] 0
yk π
j°
11
µ
ibm-slapdMaxNumOfTransactions
í ⁿwCí°AjºC
p = 0]ú]¡j = 2,147,483,647
w] 20
yk π
j°
11
µ
ibm-slapdMaxOpPerTransaction
í ⁿwCºj@C
p = 0]ú]¡j = 2,147,483,647
w] 5
yk π
j°
11
µ
164 IBM Tivoli Directory Server: wPtmΓU
ibm-slapdMaxPendingChangesDisplayed
í απ m≤W¡C
w] 200
yk π
j°
11
µ
ibm-slapdMaxTimeLimitOfTransactions
í ⁿw mºjO]HϕµC
p = 0]ú]¡j = 2,147,483,647
w] 300
yk π
j°
11
µ
ibm-slapdPagedResAllowNonAdmin
í ú°AOe\DzsjMnD*GnDCpGq
ibmslapd.conf ñ¬O FALSEAh°AuBzπzv¡º
úXßnDCpGßnDojM@*GA]Σ
úπzv¡AB°Aq ibmslapd.conf ñ¬O FALSEAh°
Ae!X insufficientAccessRights ßFBú⌡µjM*C
w] FALSE
yk Boolean
° 5
p µ@
k directoryOperation
∩
O
sO
Y
½≤O
ibm-slapdRdbmBackend
n
ibm-slapdPagedResLmt
í P@ñ⌡µ*GjMnDjCd≥ = 0.... pGßnD
² K. IBM Tivoli Directory Server tm⌡ 165
iµ*G@ABejq¿*GAh°Ae!
X busy]úLñßFú⌡µjM*C
w] 3
yk π
° 11
p µ@
k directoryOperation
∩
O
sO
Y
n
½≤O
ibm-slapdRdbmBackend
ibm-slapdPageSizeLmt
í pGⁿwF*GεAhjM@b@ñhα!h']ú
ßjMGWⁿwjp≤Cd≥ = 0.... pGß@
jpAhpßAH¬ ibmslapd.conf ñC
w] 50
yk π
° 11
p µ@
k directoryOperation
∩
O
sO
Y
n
½≤O
ibm-slapdRdbmBackend
ibm-slapdPlugin
í íOAⁿJíwAΣiXR°A\αCibm-slapdPlugin
Hⁿw°Anp≤ⁿJPl]wíwCΣykpUG
keyword filename init_function [args...]
]íwRWDAykH¡xúP \tºC÷ IBM Tivoli
Directory Server íMµA\ Server Plug-ins ReferenceC
166 IBM Tivoli Directory Server: wPtmΓU
jí≈íO∩A² RDBM ßíún RDBM ß
ííC
w] database /bin/libback-rdbm.dll rdbm_backend_init
yk jpg²rΩ
j°
2000
h
ibm-slapdPort
í ⁿw≤D SSL su TCP/IP ≡CΣúiM ibm-slapdSecurePort PC
]IP ≡úatAB¿b 1 - 65535 d≥í 16 πC
w] 389
yk π
j°
5
µ
ibm-slapdPWEncryption
í ⁿwKXxs≤²ºesX≈εCⁿw noneBimaskBcrypt
sha]z÷Σr sha "αo SHA-1 sXCΣ] noneA
p SASL cram-md5 s"α¿\C
w] L
yk ú*jpg²rΩ
j°
5
µ
ibm-slapdReadOnly
í oqM Directory ßíCΣⁿwOigJß
íCªⁿw TRUE FALSECYⁿwAhΣw] FALSECY]
TRUEA°A! LDAP_UNWILLING_TO_PERFORM (0x35)AH!
ßúº≤ readOnly ΩwñΩ⌠≤nDC
w] FALSE
yk Boolean
j°
5
µ
ibm-slapdReferral
í ⁿwϕrPnDúA! LDAP URLCΣ≤WV]τ
YArúb°ARWσC
² K. IBM Tivoli Directory Server tm⌡ 167
w] wq⌠≤w]C
yk jpg²rΩ
j°
32700
h
ibm-slapdReplDbConns
í g@αΩwsuW¡C
w] 4
yk π
j°
11
µ
ibm-slapdReplicaSubtree
í iOgl≡ DN
yk DN
j°
1000
µ
ibm-slapdSchemaAdditions
í ibm-slapdSchemaAdditions TaO@s±s⌡C
w]Ao] /etc/V3.modifiedschemaCpGwqoAh°
Aαe@ñß@ ibm-slapdIncludeSchema C
b 3.2 eAslapd.conf ñß@ includeSchema AO°Ab¼
ßsWnDAH±m°AsWº⌠≤s⌡Cq
ß@ includeSchema V3.modifiedschema A w∩w
C
: modified oWy¿A]ªxssC∩⌡
≤bΣñiµC
w] /etc/V3.modifiedschema
yk jpg²rΩ
j°
1024
µ
ibm-slapdSchemaCheck
í ⁿwsW /∩ /Rú@⌡d≈εCNªⁿw V2BV3
V3_lenientC
168 IBM Tivoli Directory Server: wPtmΓU
v V2 - Od v2 M v2.1 dC ≤αC
v V3 - ⌡µ v3 dC
v V3_lenient - úO/½≤OúnCbsWAun≥F
½≤OC
w] V3_lenient
yk ú*jpg²rΩ
j°
10
µ
ibm-slapdSecurePort
í ⁿw≤ SSL su TCP/IP ≡CΣΣúiM ibm-slapdPort PC]IP ≡ú
atAB¿b 1 - 65535 d≥í 16 πC
w] 636
yk π
j°
5
µ
ibm-slapdSecurity
í SSL suCOLBSSL SSLOnlyC
v none - °AubD ssl ≡WÑC
v SSL - °Ab ssl D ssl ≡WúÑC
v SSLOnly - °Aub ssl ≡WÑC
w] L
yk ú*jpg²rΩ
j°
7
µ
ibm-slapdServerId
í ⁿXg°AC
yk IA5 rΩAjpg
j°
240
µ
ibm-slapdSetenv
í °Ab∩ ibm-slapdSetenv ⌡µ putenv() H∩°A⌡µ⌠CShell ]p %PATH% $LANGQiC
² K. IBM Tivoli Directory Server tm⌡ 169
w] wq⌠≤w]C
yk jpg²rΩ
j°
2000
h
ibm-slapdSizeLimit
í nqjM!jAúpßjMnDWⁿw⌠≤jp¡ε]d
≥ = 0...CpGßw@¡εAhpßAH¬
ibmslapd.conf CpGßS¡εABsz DNAh¡
εQ°ú]¡CpGß¡εABsz DNAhH
ibmslapd.conf ñ¡εC0 = ú]¡C
w] 500
yk π
j°
12
µ
ibm-slapdSortKeyLimit
í bµ@jMnDñαⁿw°≤]ΣW¡Cd≥ = 0.... pG
ߺjMnDñΣWLαe\W¡ABjM
εO] FALSEAhb@4ΦFW¡ßA°AN¬
ibmslapd.conf ñAñ⌠≤JΣF⌡µjMPC
pGߺjMnDñΣWLαe\W¡ABjM
εO] TRUEAh°Ae@!X adminLimitExceededßFú⌡µjMPC
w] 3
yk cis
° 11
p µ@
k directoryOperation
∩
O
sO
Y
½≤O
ibm-slapdRdbmBackend
n
ibm-slapdSortSrchAllowNonAdmin
í úO°Ae\DzsjMnDCpGq ibmslapd.conf ñ
170 IBM Tivoli Directory Server: wPtmΓU
¬O FALSEAh°AuBzπzv¡ºúXß
nDCpGßnDjM@iµA]ΣSzv¡AB
ibmslapd.conf ñO] FALSEAh°Ae!X
insufficientAccessRights ßFBú⌡µjMC
w] FALSE
yk Boolean
° 5
p µ@
k directoryOperation
∩
O
sO
Y
½≤O
ibm-slapdRdbmBackend
n
ibm-slapdSslAuth
í ⁿw SSL suO¼A serverauth serverclientauthC
v serverauth - Σbßiµ°AOCoOw]C
v serverclientauth - Σ°AßOC
w] serverauth
yk ú*jpg²rΩ
j°
16
µ
ibm-slapdSslCertificate
í ⁿwO≈Ωwñ°AuHvCϕ gsk4ikm í !°ApK≈MAⁿwoCYwq
ibm-slapdSslCertificateAh LDAP Server wq≤≈Ωww]p
K≈iµ SSL suC
w] wq⌠≤w]C
yk jpg²rΩ
j°
128
µ
² K. IBM Tivoli Directory Server tm⌡ 171
ibm-slapdSslCipherSpeciⁿwßbs°A SSL [KΦkC]¿UC@G
ϕ 5. SSL [KΦk
[Kh
TripleDES-168 68 ≈ SHA-1 MAC T½ DES [K
DES-56 56 ≈ SHA-1 MAC DES [K
RC4-128-SHA 28 ≈ SHA-1 MAC RC4 [K
RC4-128-MD5 128 ≈ MD5 MAC RC4 [K
RC2-40-MD5 40 ≈ MD5 MAC RC4 [K
RC4-40-MD5 40 ≈ MD5 MAC RC4 [K
AES AES [K
yk IA5 rΩ
j°
30
ibm-slapdSslFIPsModeEnabled
í Y TRUEAⁿw°AN ICC GSKitFY FALSEAⁿw°A
N BSAFE C
w] ¡xúP
yk Boolean
j°
5
µ
ibm-slapdSslKeyDatabase
í ⁿw LDAP °A SSL ≈Ωw⌠Co≈Ωw≤
Bz LDAP ß SSL suAH≤ !w SSL su
LDAP ServerC
b Windows 2000B Windows NT Windows XP e\ uABpG
e ueS≈N]p D:AhQwOwb²UFτY
/etc/key.kdb = D:\Program Files\IBM\ldap\etc\key.kdbC
w] /etc/key.kdb
yk jpg²rΩ
j°
1024
µ
ibm-slapdSslKeyDatabasePW
í ⁿwP L D A P °A S S L ≈Ωw÷pKXAΣⁿw≤
172 IBM Tivoli Directory Server: wPtmΓU
ibm-slapdSslKeyDatabase WCpG LDAP server ≈Ωw÷p
KX⌠AhiHñ ibm-slapdSslKeyDatabasePW ]¿LC
: KX⌠mbP≈ΩwP²ñABΣWP≈ΩwPA²OW .sth D .kdbC
w] L
yk Gi
j°
128
µ
ibm-slapdSslKeyRingFile
í LDAP °A SSL ≈Ωw⌠Co≈Ωw≤Bz
LDAP ß SSL suAH≤ !w SSL su LDAP
ServerCb Windows WAe\ uABe ueYS≈ⁿwA
h]wb²]p /etc/key.kdb = c:\Program Files\
IBM\ldap\etc\key.kdbC
w] key.kdb
yk ²rΩFjpg
j°
1024
µ
ibm-slapdStartupTraceEnabled
í ⁿwOnb°A¼lΩTCO TRUE FALSEC
w] FALSE
yk Boolean
j°
5
µ
ibm-slapdSuffix
í ⁿwnxsbßíñRWσC
: ΣWP½≤OPC
w] wq⌠≤w]C
yk DN
j°
1000
h
² K. IBM Tivoli Directory Server tm⌡ 173
ibm-slapdSupportedWebAdmVersion
í OwqiΣ cn=configuration ñº°A Web zuπC
w]
yk ²rΩ
j°
µ
ibm-slapdSysLogLevel
í ⁿwb slapd.errors ñO²ú@pΩhCNªⁿw lBm
hC
v h - ¬]újí≈ΩT
v m - ñ]w]
v h - C]ú'ΩT
w] m
yk ú*jpg²rΩ
j°
1
µ
ibm-slapdTimeLimit
í ⁿwnbjMnDWßOjϕAúpßnDWⁿw⌠≤í¡
εCpGß@¡εAhpßAH¬
slapd32.conf ñCpGßS¡εABsz DNAh¡ε
Q°ú]¡CpGß¡εABsz DNAhH
slapd32.conf ñ¡εC0 = ú]¡C
w] 900
yk π
j°
µ
ibm-slapdTraceMessageLevel
í ]wúTºhCⁿO ibmslapd -h ? idihC
w] 0xFFFF] 65535
yk ²rΩ
j°
16
µ
174 IBM Tivoli Directory Server: wPtmΓU
ibm-slapdTraceMessageLog
í nN LDAP C API Mú¿Tºg ibmslapd DqúW⌠mC
b Windows WAe\ uABe ueYS≈NAhw
Owb²]pA/tmp/tracemsg.log = C:\Program Files\
IBM\ldap\tmp\tracemsg.logC
w] ¡xúP
yk ²rΩ
j°
1024
µ
ibm-slapdTransactionEnable
í pGwⁿJºíA²O ibm-slapdTransactionEnable ]¿ FALSEAh
°AH! LDAP_UNWILLING_TO_PERFORM StartTransaction n
DC
w] TRUE
yk Boolean
j°
5
µ
ibm-slapdUseProcessIdPw
í Y]¿ TRUEAh°Añ ibm-slapdDbUserID M ibm-slapdDbUserPW
AΣvBz∩ DB2 OC
w] FALSE
yk Boolean
j°
5
µ
ibm-slapdVersion
í IBM Slapd X
w]
yk ²rΩFjpg
j°
µ
ibm-slapdWriteTimeout
í ⁿw²gJO]HϕµCϕFí¡εANñsuC
w] 120
² K. IBM Tivoli Directory Server tm⌡ 175
yk π
j°
1024
µ
objectClass
í objectClass íNϕ½≤C
yk ²rΩ
j°
128
h
176 IBM Tivoli Directory Server: wPtmΓU
² L. N
ΩTOw∩ IBM bⁿΩúºúPAoXCbΣLΩañAIBM ú
úoúñúUúBAB\αCnDbzbaOi
o úPAAVϕa IBM ANϕdCbú IBM úBí
AAúϕtuα IBM úBíACunI6 IBM z]
úvA⌠≤\αϕúBíAúiHN IBM úBíACúLA
ΣLD IBM úBíAbB@WPτAΣd⌠≤C
bσ≤ñ]t IBM ºMQMQ7Cú&ezM
Qº⌠≤vCziHΦídvAτHG
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.
Ynd÷G (DBCS) ΩTS\v¡yApzΩa IBM z]ú
íAΦíHG
IBM World Trade Asia Corporation Licensing2-31 Roppongi 3-chome, Minato-kuTokyo 106, Japan
UCq¿YPΩºk °ΦAY°úAGIBM H y¼z úA
úú⌠≤qºO]]A²ú¡≤iΓXSwOC
abY Twµ÷WúⁿqO±≤nA]núúo
A≤zC
ñiαNWLΩWC]AIBM wqFNqß
eJsñCPAIBM oH∩i]Xñúú]
íC
bΩTñ∩D IBM ⌠⌠≤úK≤QAúH⌠≤Φí$ ⌠
ICb$ ⌠WΩúO IBM úΩ@í≈A$ ⌠zt
d⌠C
IBM oHªXA⌠≤ΦíAoG@ΩTA≡∩zt⌠≤q
C
íº≥vY µo÷ΩAHKUCΩTió IBMCΣUCΩT
ⁿOG (i) W! !íPΣLí]]Aíºí≤½ΩTΦíAH (ii)
¼wµ½ºΩTΦkAY⌠≤DóG
IBM CorporationDepartment MU5A4611301 Burnet RoadAustin, TX 78758U.S.A.
© Copyright IBM Corp. 1998, 2003 177
WzΩºoΣSϕn≤AbY ípUIOΦoC
IBM ≥≤Φº IBM ΩívX]⌠≤PÑX°Aúñz
víΣAv≈C
⌠≤B[\⌡µαΩúOb@wⁿε⌠ñMwXC]AΣL
@⌠oXGiαjtºC wwbotWLAúLo
úOb@δtWXPGCAA wiαwzLΦí⌠LC
²ΩGiαDpCvSw⌠AdAΩC
úºD IBM úΩTAY@úAΣXnΣL
DoCIBM Lo úA]LkTo D IBM ú⌡µαBe
⌠≤∩úΣLDiOLCpGz∩D IBM úα⌠≤A
wVúdC
ΩT]tΘ@ñºΩP°idCúπºíAo d
í]tHBqBPúºWCÑWΩcAZⁿΩ°
ºWaA:XC
pGz°OÑΩTnAPmΓiαúπC
UCMWⁿO IBM Corporation bⁿΩ]ΣLΩaG
AIX
DB2IBMiSeries
OS/400
pSeries
RS/6000
S/390
SecureWay
SP
Tivoli
WebSpherexSeries
z/OS
zSeries
IntelBIntel Inside]xBMMX™ M Pentium® O Intel Corporation bⁿΩ]
ΣLΩaC
Java MH Java ≥ªMxO Sun Microsystems, Inc. bⁿΩ]ΣL
Ωa UC
MicrosoftBMS-DOSBWindows Windows NT Microsoft q
UNIX O X/Open Company Limited bⁿΩ]ΣLΩaMv UC
ΣLqBúMAWiαOΣLqAOC
178 IBM Tivoli Directory Server: wPtmΓU
HñσrAσrAS
ϕºCC
efí, °A
bulkload 127
db2ldif 127
ldif2db 127
Θx, w 99
e¡f[j\α, ú 3
ß
tD 13
ú 95
²AOyÑ
w 123
tm 123
íσ≤ 123
ef²M°≤
ß 13
°A 17
b Windows WΩw
! 48
D 48
r, ú 84
r, sW
tmuπ 84
ldapcfg 90
r
IANA 129
rX, DB2 129
w
GSKit 27
SSL 27
w
Γ
AIX 55
HP-UX 71
Linux 61
Solaris 65
Windows NT 75
Θx 99
b Windows W InstallShield GUI
wºe 47
w (≥)
Ln 75
º[ 9
° 99
AdminTool 66
AIX í 55
HP-UX 72
installp 57
InstallShield GUI 47
UNIX 51
Windows 48
Linux 61
pkgadd 67
SMIT 56
Solaris 65
Solaris ⁿOµ 67
WebSphere Application Server - Express
O 117
eCf°A
tD 17
93
ú 95
Web zuπz¼ 25
°Aí
bulkload 127
db2ldif 127
ldif2db 127
°A, α 115
tD
ß 13
°A 17
AIX ß 13
AIX °A 18
HP-UX ß 17
HP-UX °A 24
iSeries Linux ß 15
iSeries Linux °A 21
pSeries Linux ß 15
pSeries Linux °A 21
Solaris ß 16
Solaris °A 22
Web zuπ 25
Windows ß 13
Windows °A 17
xSeries Linux ß 14
xSeries Linux °A 20
zSeries Linux ß 15
zSeries Linux °A 21
t, ]w
AIX 59
HP-UX 74
eQfM≤, Solaris 65
tm
HP-UX 71
tm 135
bwºß 79
W
Ωw 111
º[ 10, 79
° 101
⌠
HP-UX 74
ldapcfg 88
ldapxcfg 79
WebSphere Application Server - Express
O 117
tmuπ 79
tmΩw
tmuπ 82
ldapcfg 88
ú 104
eQ@fΩayÑr 127
Web zuπ 93
ú
ß 95
°A 95
IBM Tivoli Directory Server
AIX 97
HP-UX 98
InstallShield GUI 95
Linux 97
Solaris 97
UNIX ¡x 96
Windows 96
α
°A 115
q IBM Directory Server 4.1 5.1
AIX w 37
UNIX w 41
Windows w 36
q SecureWay Directory
AIX w 32
UNIX w 34
© Copyright IBM Corp. 1998, 2003 179
α (≥)
q SecureWay Directory (≥)
Windows InstallShield GUI w
30
º[ 9, 29
Ωw 38, 39
° 109
Web zuπ 42
]wt
AIX 59
HP-UX 74
eQGf≈Ωw
tmuπ 87
dbback 90
Ωw
tmuπ 87
runstats 91
Lnw
75
º[ 75
∩ 77
τ 76
eQTfJ LDIF Ω
tmuπ 85
ldif2db 90
X LDIF Ω
tmuπ 86
db2ldif 90
úw
ß 95
°A 95
WebSphere Application Server - Express
O 118
útm
Ωw 83, 95
Ωw
α 104
tmW 111
rX 111
sv 111
w≥nD 111
c 111
Ω¼ 111
Ωwtm
° 103
ΩwΩ 82, 88
Ωw
! 81
D 81
Ωw, tm
tmuπ 82
ldapcfg 88
Ωw, ≈
tmuπ 87
dbback 90
Ωw,
tmuπ 87
runstats 91
Ωw, útm
tmuπ 83
ldapucfg í 95
Ωw,
tmuπ 87
dbrestore 91
ⁿJdΩw 125
eQfΩW 82, 88
° 99
w 99
tm 101
ú 104
α 109
Web s² 110
z DN PKX, ]w
tmuπ 80
ldapcfg 88
⌡, ú 85
⌡, sW 84
⌡, ≤τ¼ 85
⌡, tm
tm 135
yÑ⌠ 129
eQ¡fdΩw, ⁿJ 125
eQCfí°A, 93
Ωw
tmuπ 87
dbrestore 91
eGQTf≤Θx,
tmuπ 83
ldapucfg 95
≤Θx,
tmuπ 83
ldapcfg 90
τ LDIF Ω 86
AAdminTool 66
AIX
ⁿOµ 57
SMIT 56
AIX ßtD 13
AIX °AtD 18
DDB2
rX 129
α 104
ú 3
DB2 zKXA≤
ldapcfg 90
DSML
w 123
tm 123
íσ≤ 123
GGSKit 27
w 63
AIX 59
HP-UX 73
Linux 62
Solaris 69
Windows 78
ú
AIX 60
HP-UX 74
Linux 63
Solaris 69
Windows 78
]wA≤ CMS ≈Ωw 131
ú 3
HHP-UX
wºe 71
]wt 74
]wtm 71
HP-UX ßtD 17
HP-UX °AtD 24
180 IBM Tivoli Directory Server: wPtmΓU
IIANA 129
IBM Tivoli Directory Server 5.2 ñs\
α 3
ibmslapd ⁿO 93
InstallShield GUI
wºe 47
º[ 47
iSeries Linux ßtD 15
iSeries Linux °A
tD 21
iso , IBM Tivoli Directory Server 9
Lldapcfg 88
ldapucfg 95
ldapxcfg 79
LDAP, ΣL 9
LDIF Ω, J
tmuπ 85
ldif2db 90
LDIF Ω, X
tmuπ 86
db2ldif 90
LDIF Ω, τ 86
MMicrosoft Internet Explorer 26
Mozilla 26
Ppkgadd 67
pSeries Linux ßtD 15
pSeries Linux °A
tD 21
RRS/6000 SP ⌠, IWw 55
SSMIT w 56
Solaris
D IBM LDAP 52, 66
ⁿOµ 67
AdminTool 66
Solaris ßtD 16
Solaris °A
tD 22
SSL 27
Ttar , IBM Tivoli Directory Server 9
UUTF-8 127
WWeb zuπ
tD 25
93
z°A¼ 25
Web s²
° 110
Microsoft Internet Explorer 26
Mozilla 26
WebSphere Application Server - Express
O
42
w 117
tm 117
93
ú 3
úw 117
Windows ßtD 13
Windows °A
tD 17
XxSeries Linux ßtD 14
xSeries Linux °A
tD 20
Zzip , IBM Tivoli Directory Server 9
zSeries Linux ßtD 15
zSeries Linux °A
tD 21
181
182 IBM Tivoli Directory Server: wPtmΓU
Printed in Denmark by IBM Danmark A/S
SC40-1893-00
