|
|
Step 4 of the CSRC installation process is to install an LDAP version 3 compliant directory server. This appendix discusses the Netscape Directory Server (NDS). It provides background information you need to know to install the NDS and it provides installation information specific to CSRC.
It also provides information about LDAP replication and adding users to NDS.
Step 4 of the CSRC installation process is to install an LDAP version 3 compliant directory server. You can choose to install the Netscape Directory Server (NDS) version 4.0.
To install the directory server, you will need the Netscape Directory Server (NDS) installation kit for Windows NT available from Netscape.
Table D-1 lists the disk space requirements for Netscape Directory Server (NDS). The disk requirement for NDS increases as the directory database increases.
| Component | Solaris |
|---|---|
Netscape Directory Server | 108.1 MB |
Cisco has tested and verified that Netscape Directory Server (NDS) versions 4.0 and 4.1 operate properly with CSRC. Cisco does not provide the NDS software package. You must purchase a copy of NDS from Netscape.
You must install NDS, LDAP data, and Perl on the same host. The LDAP data package provides CSRC LDAP schema and sample data. The CSRC software and NDS must be able to access Perl.
As you answer the NDS installer's questions, be sure to indicate the following information on the "CSRC Installation Worksheet" (Table 2-1):
If you choose to do so, NDS allows you to save the installation parameters in an ASCII file in the NDSROOT\setup\install.inf file. This file contains the passwords you entered during the NDS installation, viewable in plain text. If security is a concern, you can delete the install.inf file after you have properly installed and configured CSRC, and determined that it is operating properly with the other require software components.
To install NDS, do the following:
Step 1 Execute the setup installation program provided on the NDS distribution media and select Typical Install.
Step 2 Answer the questions for which the NDS installer prompts you. The default answer is appropriate in most cases.
For more information about installing NDS, see the Netscape Directory Server documentation.
This section provides information about backing up the LDAP database, LDAP replication, and adding users to the Netscape Directory Server.
You might want to back up the LDAP database using the tools LDAP provides.
To backup the LDAP database, do the following:
Step 1 Navigate to the slapd-servername directory.
Step 2 Enter the following command to stop the servers:
./stop-slapd
Step 3 Enter the following command to create a database backup in the directory you indicate in dirname:
./db2bak dirname
For more information about the replication features and how to implement them, see the Netscape Directory Server Administrator's Guide.
You can use the default admin account for accessing CSRC information when you are using the CSRC applications. However, using this account has security implications if other applications also use the directory server.
You might want to create a separate account for accessing CSRC information. To do this, you must add a user to NDS using the Directory Service Console application.
To add a user to NDS, do the following:
Step 1 Start the Netscape Server Console by clicking Start>Netscape Server Family>Netscape Console 4.0.
Step 2 Enter the appropriate administrator username and password.
Step 3 Double-click the hostname entry with the name of your current host computer.
Step 4 Double-click the Server Group folder.
Step 5 Double-click the Directory Server entry. The Directory Service Console window appears.
Step 6 From the Directory Service Console window, select the Directory tab.
Step 7 On the left side of the window, select a node with objectclass=organization. This is the icon with four people on it. This selection represents the organization to which the new user will belong.
Step 8 On the left side of the window, click the People object.
Step 9 In the top menu, select Object, New, and User.
Step 10 Enter the requested information on the form.
Step 11 Click OK.
Step 12 To give the new user access to the directory service, switch to the Netscape Console.
Step 13 On the Console tab, select the Directory Server entry on the left.
Step 14 Right-click and select the Set Access Permission option.
Step 15 Click Add User.
Step 16 To display the new user you just created, enter the wildcard * in the For field and click Search.
Step 17 In the list of users that appears, select the new user you created and click OK.
The login ID used for authentication is similar to the following:
uid=<username>,ou=People,o=<organization>
Posted: Fri Oct 15 13:12:57 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.