|
|
This appendix discusses the Netscape Directory Server (NDS) installation. It provides background information you need to know to install the NDS and it provides installation information specific to CSRC. It also provides information about LDAP replication and adding users to NDS.
Table A-1 lists the disk space requirements for Netscape Directory Server (NDS). The disk requirement for NDS increases as the directory database increases.
| Component | Disk Space Required |
|---|---|
Netscape Directory Server | 112 MB |
Cisco has tested and verified that Netscape Directory Server (NDS) version 4.11 operates properly with CSRC. Cisco does not provide the NDS software package. You must purchase a copy of NDS from Netscape.
To install the directory server, you will need the Netscape Directory Server (NDS) installation kit for Windows NT available from Netscape.
Step 2 of the CSRC installation process is to install an LDAP version 3 compliant directory server. The following sections discuss the installation requirements and procedure for installing the Netscape Directory Server (NDS).
The LDAP Data package provides CSRC LDAP schema and sample data. You must install NDS and the LDAP Data package on the same host.
As you answer the NDS installer's questions, be sure to indicate the following information on the "CSRC Installation Worksheet" (see Figure 2-1):
If you choose to do so, NDS allows you to save the installation parameters in an ASCII file in the NDSROOT\setup\install.inf file. This file contains the passwords you entered during the NDS installation, viewable in plain text. If security is a concern, you can delete the install.inf file after you have properly installed and configured CSRC, and determined that it is operating properly with the other require software components.
To install NDS, do the following:
Step 1 Execute the setup installation program provided on the NDS distribution media and select Typical Install.
Step 2 Answer the questions for which the NDS installer prompts you. The default answer is appropriate in most cases.
For more information about installing NDS, see the Netscape Directory Server documentation.
You might want to back up the LDAP database using the tools LDAP provides.
To backup the LDAP database, do the following from a DOS command line:
Step 1 Navigate to the slapd-servername directory.
Step 2 Enter the following command to stop the servers:
stop-slapd.bat
Step 3 Enter the following command to create a database backup in the directory you indicate in dirname:
db2bak dirname
Step 4 Enter the following command to restart the directory server:
start-slapd.bat
For more information about the replication features and how to implement them, see the Netscape Directory Server Administrator's Guide.
You can use the default admin account for accessing CSRC information when you are using the CSRC applications. However, using this account has security implications if other applications also use the directory server.
You might want to create a separate account for accessing CSRC information. To do this, you must add a user to NDS using the Directory Service Console application.
To add a user to NDS, do the following:
Step 1 Start the Netscape Server Console by clicking Start on the taskbar and selecting Netscape Server Family and Netscape Console version.
Step 2 Enter the appropriate administrator username and password.
Step 3 Double-click the hostname entry with the name of your current host computer.
Step 4 Double-click the Server Group folder.
Step 5 Double-click the Directory Server entry. The Directory Service Console window appears.
Step 6 From the Directory Service Console window, select the Directory tab.
Step 7 On the left side of the window, select a node with objectclass=organization. This is the icon with four people on it. This selection represents the organization to which the new user will belong.
Step 8 On the left side of the window, click the People object.
Step 9 In the top menu, select the Object, New, and User option.
Step 10 Enter the requested information on the form.
Step 11 Click OK.
Step 12 To give the new user access to the directory service, switch to the Netscape Console.
Step 13 On the Console tab, select the Directory Server entry on the left.
Step 14 Right-click and select the Set Access Permission option.
Step 15 Click Add User.
Step 16 To display the new user you just created, enter the wildcard * in the For field and click Search.
Step 17 In the list of users that appears, select the new user you created and click OK.
The login ID used for authentication is similar to the following:
uid=<username>,ou=People,o=<organization>
Posted: Mon Jan 17 08:08:37 PST 2000
Copyright 1989 - 2000©Cisco Systems Inc.