Sun Microsystems Sun Java System Directory Server Enterprise Edition 6.0 Скачать руководство пользователя страница 86 | Manualshive

Страница: 86 / 148

background image

TABLE 6–2

Mapping of Security Configuration

Directory Proxy Server 5 Attribute

Directory Proxy Server 6.0 Property

ids-proxy-con-ssl-key

ssl-key-pin

ids-proxy-con-ssl-cert

ssl-certificate-directory

ssl-server-cert-alias

ids-proxy-con-send-cert-as-client

This attribute enables the proxy server to send its
certificate to the LDAP server to allow the LDAP
server to authenticate the proxy server as an SSL
client.

ssl-client-cert-alias

This property enables the proxy server to send a different
certificate to the LDAP server, depending on whether it is
acting as an SSL Server or an SSL Client.

ids-proxy-con-server-ssl-version

ids-proxy-con-client-ssl-version

No equivalent

ids-proxy-con-ssl-cert-required

This feature can be achieved by setting the following
server property:

$ dpconf set-server-prop

allow-cert-based-auth:require

ids-proxy-con-ssl-cafile

No equivalent

Managing Certificates

Directory Proxy Server 5, certificates were managed by using the

certreq

utility, or by using the

console. In Directory Proxy Server 6.0, certificates are managed by using the

dpadm

command,

or by using the DSCC.

Certificates must be installed on each individual data source in Directory Proxy Server 6.0.

For information about managing certificates in Directory Proxy Server 6.0, see Chapter 19,
“Directory Proxy Server Certificates,” in

Sun Java System Directory Server Enterprise Edition 6.0

Administration Guide

.

Access Control on the Proxy Configuration

In Directory Proxy Server 5, access control on the proxy configuration is managed by ACIs in
the configuration directory server. In Directory Proxy Server 6.0, access to the configuration file
is restricted to the person who created the proxy instance, or to the proxy manager if the
configuration is accessed through Directory Proxy Server. Editing the configuration file directly
is not supported.

Mapping the Global Configuration

Sun Java System Directory Server Enterprise Edition 6.0 Migration Guide • March 2007

86

Sun Confidential: Registered

«
...
84
85
86
87
88
...
»

Содержание Sun Java System Directory Server Enterprise Edition 6.0

Страница 1: ...Sun Java System Directory Server Enterprise Edition 6 0 Migration Guide Sun Microsystems Inc 4150 Network Circle Santa Clara CA 95054 U S A Part No 819 0994 March 2007 Sun Confidential Registered...

Страница 2: ...ncorpor e dans le produit qui est d crit dans ce document En particulier et ce sans limitation ces droits de propri t intellectuelle peuvent inclure un ou plusieurs brevets am ricains ou des applicati...

Страница 3: ...tomatic Migration Tool 29 Prerequisites for Running dsmig 30 Using dsmig to Migrate the Schema 30 Using dsmig to Migrate Security Data 31 Using dsmig to Migrate Configuration Data 31 Plug in Configura...

Страница 4: ...elated to Tombstone Purging 53 New Replication Recommendations 53 Migration Scenarios 54 Migrating a Replicated Topology to an Identical Topology 54 Migrating a Replicated Topology to a New Topology 6...

Страница 5: ...rID 82 Server Instance Subdirectories 82 6 Migrating Directory Proxy Server 83 Mapping the Global Configuration 83 Mapping the Global Security Configuration 85 Mapping the Connection Pool Configuratio...

Страница 6: ...to version 6 0 118 Uninstalling Identity Synchronization for Windows 120 To Uninstall Identity Synchronization for Windows Version 1 1 120 Installing or Upgrading the Dependent Products 122 Installing...

Страница 7: ...Index 145 Contents 7 Sun Confidential Registered...

Страница 8: ...8 Sun Confidential Registered...

Страница 9: ...ting version 5 Topology With Consumers and Hubs Migrated 61 FIGURE 4 10 Isolating the Master From the Topology 62 FIGURE 4 11 Migrating the version 5 Master 62 FIGURE 4 12 Placing the 6 0 Master Into...

Страница 10: ...10 Sun Confidential Registered...

Страница 11: ...ributes 87 TABLE 6 4 Mapping Between Version 5 Group Attributes and Version 6 Connection Handler Properties 88 TABLE 6 5 Mapping Between Version 5 Network Group Attributes and 6 0 Properties 89 TABLE...

Страница 12: ...Resource Limits Properties 98 TABLE 6 15 Mapping of ids proxy sch LDAPServer Attributes to Data Source Properties 99 TABLE 6 16 Mapping of Version 5 Search Size Limit Attributes to 6 0 Properties 101...

Страница 13: ...Examples EXAMPLE 7 1 Sample Export Configuration File 109 13 Sun Confidential Registered...

Страница 14: ...14 Sun Confidential Registered...

Страница 15: ...more information see the Sun Java System Directory Server Enterprise Edition 6 0 Evaluation Guide and the Sun Java System Directory Server Enterprise Edition 6 0 Release Notes HowThis Book Is Organize...

Страница 16: ...mplement on a single system Sun Java System Directory Server Enterprise Edition 6 0 Deployment Planning Guide Explains how to plan and design highly available highly scalable directory services based...

Страница 17: ...rfaces that are available through Directory Server Enterprise Edition Individual sections of this document can be installed as online manual pages Sun Java System Identity Synchronization for Windows...

Страница 18: ...Microsoft support documentation online Information about configuring LDAP over SSL on Microsoft systems is available in the Microsoft support documentation online Redistributable Files Directory Serv...

Страница 19: ...ctory Server and local dps for Directory Proxy Server No default path exists Instance paths must nevertheless always be found on a local file system The following directories are recommended var on So...

Страница 20: ...tall path dps6 bin dpadm install path dps6 bin dpadm dpconf 1M install path dps6 bin dpconf install path dps6 bin dpconf dsadm 1M install path ds6 bin dsadm install path ds6 bin dsadm dsccmon 1M insta...

Страница 21: ...Control Center which is not available in the zip distribution Windows install path share webconsole bin smcwebserver wcadmin Solaris Linux HP UX usr sbin wcadmin This command pertains only to Directo...

Страница 22: ...shell and Korn shell superuser on UNIX and Linux systems Microsoft Windows command line C Symbol Conventions The following table explains symbols that might be used in this book TABLE P 6 SymbolConve...

Страница 23: ...in this document Sun does not endorse and is not responsible or liable for any content advertising products or other materials that are available on or through such sites or resources Sun will not be...

Страница 24: ...k Send Comments In the online form provide the full document title and part number The part number is a 7 digit or 9 digit number that can be found on the book s title page or in the document s URL Fo...

Страница 25: ...tion on page 27 Outline of Migration Steps on page 27 Deciding on Automatic or Manual Migration on page 28 BeforeYou Migrate This chapter provides an overview of the upgrade and data migration process...

Страница 26: ...house binaries and databases for both the old and new servers and also enough extra space to hold LDIF files containing the entries in all existing suffixes You can estimate the local disk space requi...

Страница 27: ...tible with the previous version of these packages When you migrate to the new version of Directory Server using the Java Enterprise System distribution the old Directory Server version will no longer...

Страница 28: ...6 0 Any Any Manual Manual Manual Manual Manual 5 2 6 0 Different Any dsmig dsmig dsmig Manual Manual 5 2 6 0 Same Different dsmig dsmig dsmig Manual Manual 5 2 6 0 Same Same dsmig dsmig dsmig dsmig Ma...

Страница 29: ...smig to Migrate Security Data on page 31 Using dsmig to Migrate Configuration Data on page 31 Using dsmig to Migrate User Data on page 35 Tasks to be Performed After Automatic Migration on page 35 Abo...

Страница 30: ...the original Server Root You can run cp r to achieve this provided none of the files have been relocated outside the Server Root You can create and start the new instance manually but is not mandatory...

Страница 31: ...file from the old instance to the new instance Copies the certificate mapping file from the old instance to the new instance If the old instance uses an external security token copies the security mod...

Страница 32: ...abled or disabled state for the following system plug ins 7 bit Check DSML Frontend Pass Through Authentication Referential Integrity Retro Change Log UID Uniqueness When you migrate the configuration...

Страница 33: ...can import the replication configuration data from this file after migration if required Configuration Data for o netscapeRoot Configuration data for the o NetscapeRoot suffix is not migrated by defau...

Страница 34: ...ome directory nsslapd db logbuf size nsslapd db logdirectory nsslapd db replication batch val nsslapd db transaction logging nsslapd directory nsslapd disk full threshold nsslapd disk low threshold ns...

Страница 35: ...see dsmig 1M Note During data migration Directory Server checks whether nested group definitions exceed 30 levels Deep nesting can signify a circular group definition where a nested group contains a...

Страница 36: ...36 Sun Confidential Registered...

Страница 37: ...igration Migrating an instance manually involves migrating each part of the server in the same order as performed by the automatic migration tool dsmig In this section old instance refers to the versi...

Страница 38: ...tom schema in any other files copy these files to the new instance 3 Any fractional replication information must be redefined in the new instance Migrating Configuration Data Manually Directory Server...

Страница 39: ...nfreediskspace nsslapd accesslog logrotationtime nsslapd accesslog logrotattiontimeunit nsslapd accesslog maxlogsize nsslapd accesslog maxlogsperdir nsslapd attribute name exceptions nsslapd auditlog...

Страница 40: ...onfiguration Attributes All attributes under cn encryption cn config must be migrated If you are using certificate authentication or the secure port the key file path and certificate database file pat...

Страница 41: ...TABLE 3 1 Change Log Attribute Name Changes Old Attribute Name Directory Server 6 0 Attribute Name nsslapd changelogmaxage dschangelogmaxage nsslapd changelogmaxentries dschangelogmaxentries In additi...

Страница 42: ...se when you migrate the nsDS5ReplicaCredentials attribute For more information see Manual Reset of Replication Credentials on page 53 There is no ds5PartialReplConfiguration attribute in Directory Ser...

Страница 43: ...bility on page 75 The following table provides a mapping of the new password policy attributes whose values must be migrated from the legacy attributes TABLE 3 3 Mapping Between 5 and 6 0 Password Pol...

Страница 44: ...are stored under cn config cn ldbm database cn plugins cn config The following attributes must be migrated nsslapd lookthroughlimit nsslapd allidsthreshold nsslapd cache autosize nsslapd cache autosi...

Страница 45: ...database instance name cn ldbm database cn plugins cn config All attribute encryption configuration attributes must be migrated Chained Suffix Attributes All chained suffix configuration attributes mu...

Страница 46: ...7 Bit Check Plug In The configuration of this plug in is stored under cn 7 bit check cn plugins cn config The following attributes must be migrated nsslapd pluginarg nsslapd pluginenabled Class of Se...

Страница 47: ...ntial Integrity Plug In The configuration of this plug in is stored under cn Referential Integrity Postoperation cn plugins cn config The following attributes must be migrated nsslapd pluginarg nsslap...

Страница 48: ...ers the certificate database to be copied is serverRoot alias slapd serverID cert7 db 4 Copy the password file from the existing instance to the new instance cp serverRoot alias slapd serverID pin txt...

Страница 49: ...c example dc com s ou departments dc example dc com In this example a specifies the resulting LDIF file r indicates that replication information should be exported and s specifies the suffixes to be i...

Страница 50: ...le them and add them to the Directory Server 6 0 instance manually For a detailed list of plug in API changes see Chapter 2 Changes to the Plug In API Since Directory Server 5 2 in Sun Java System Dir...

Страница 51: ...erview of Migrating Replicated Servers Directory Server 6 0 supports an unlimited number of masters in a multi master topology This and other changes might mean that you redesign your topology rather...

Страница 52: ...ver all replication agreements that point to that server must be updated manually to point to the new server For example if you migrate a consumer server from red example com 1389 to blue example com...

Страница 53: ...mmand dsconf set server prop h host p port def repl manager pwd file filename In addition dsmig does not migrate non default replication manager entries If a version 5 replica uses an entry other than...

Страница 54: ...p your existing topology Migrating a replicated topology to an identical topology involves migrating the consumers then the hubs then the masters The following sections demonstrate a sample migration...

Страница 55: ...x Master A 5 x Master B 5 x Hub A 5 x Hub B 5 x Consumer A 5 x Consumer B FIGURE 4 1 Existing version 5 Topology 5 x Master A 5 x Master B 5 x Hub A 5 x Hub B 5 x Consumer A 5 x Consumer B FIGURE 4 2...

Страница 56: ...the consumer if necessary and rerouting client applications to the new consumer 5 x Master A 5 x Master B 5 x Hub A 5 x Hub B 5 x Consumer A 5 x Consumer B 6 0 Consumer A FIGURE 4 3 Migrating the vers...

Страница 57: ...that hub 7 Enable the replication agreements from that hub to the consumers 8 If you have migrated the data check that replication is in sync 9 If you have not migrated the data reinitialize the hub...

Страница 58: ...Hub B 6 0 Consumer A 6 0 Consumer B FIGURE 4 5 Existing version 5 Topology With Migrated Consumers 5 x Master A 5 x Master B 5 x Hub A 5 x Hub B 6 0 Consumer A 6 0 Consumer B FIGURE 4 6 Isolating the...

Страница 59: ...lication agreements to the new hub and initializing the hub if necessary 5 x Master A 5 x Master B 5 x Hub A 5 x Hub B 6 0 Consumer A 6 0 Hub A 6 0 Consumer B FIGURE 4 7 Migrating the version 5 Hub Mi...

Страница 60: ...o this by enabling read only mode on the master 3 Check that replication is synchronized between the master and all its consumers Migration of the change log is not supported if you are migrating manu...

Страница 61: ...igrated master The following sequence of diagrams illustrate the migration of a master as described above The first diagram shows the version 5 topology before the migration of the masters The first s...

Страница 62: ...Hub B FIGURE 4 10 Isolating the Master From the Topology 5 x Master A 5 x Master B 6 0 Consumer A 6 0 Consumer B 6 0 Hub A 6 0 Master A 6 0 Hub B FIGURE 4 11 Migrating the version 5 Master Migration...

Страница 63: ...ervers determine whether your deployment might not be better served by changing the architecture of the topology This section describes how to migrate a basic version 5 topology to a new all master to...

Страница 64: ...entical Topology on page 54 The resulting topology is illustrated in the following figure 5 x Master A 5 x Master B 5 x Hub A 5 x Hub B 5 x Consumer A 5 x Consumer B FIGURE 4 13 Existing version 5 Top...

Страница 65: ...ting Replicas in Sun Java System Directory Server Enterprise Edition 6 0 Administration Guide The following diagram illustrates the topology when the hubs have been promoted 6 0 Consumer A 6 0 Consume...

Страница 66: ...in Sun Java System Directory Server Enterprise Edition 6 0 Administration Guide The following diagram illustrates the topology when the consumers have been promoted 6 0 Consumer A 6 0 Consumer B 6 0...

Страница 67: ...u want to keep your existing topology follow the examples in Migrating a Replicated Topology to an Identical Topology on page 54 for each data center To migrate to a new topology follow the examples i...

Страница 68: ...68 Sun Confidential Registered...

Страница 69: ...ges to the Installed Product Layout on page 78 Changes in the Administration Framework Directory Server 6 0 does not include an administration server as in previous versions Servers are now registered...

Страница 70: ...Level ACIs In Directory Server 5 2 the following ACI was provided at the suffix level aci targetattr nsroledn aci nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout passwordPolicySubentry passwo...

Страница 71: ...attributes passwordPolicySubentry and password policy state attributes allow write userdn ldap self Tip Do not allow users write access to everything and then deny write access to specific attributes...

Страница 72: ...ion between multiple replicas ldif2db dsadm import Import database contents from LDIF locally offline ldif2db task dsconf import Import database contents from LDIF remotely online ldif2ldap ldapmodify...

Страница 73: ...r directoryserver inactivate ns inactivate Inactivate an entry or group of entries directoryserver unconfigure Uninstallation procedure Uninstall Directory Server Deprecated Commands Some version 5 co...

Страница 74: ...Safe password modification specified by the pwdSafeModify attribute This attribute specifies whether the existing password must be sent when changing a password If the attribute is not present the exi...

Страница 75: ...ation If t is set to LDAP_PWP_WARNING_RESP_NONE the error contains one of the following values pwp_resp_no_error 1 pwp_resp_expired_error 0 pwp_resp_locked_error 1 pwp_resp_need_change_error 2 pwp_res...

Страница 76: ...rsion 5 attributes can be replicated using fractional replication DS6 migration mode As part of your migration you can set the compatibility state to DS6 migration mode In this mode all servers in the...

Страница 77: ...mode You should leave your topology in DS5 compatible mode until you have been through an entire password expiration cycle 90 days for example depending on the value of passwordMaxAge In this way the...

Страница 78: ...cn ldbm database cn plugins cn config cn owner cn index cn userRoot cn ldbm database cn plugins cn config cn parentid cn index cn userRoot cn ldbm database cn plugins cn config cn pipstatus cn index...

Страница 79: ...lib sparcvSolaris Version On platforms other than Solaris Sparc the ns slapd daemon is located in install path ds6 bin lib Libraries and Plug Ins Previously Under ServerRoot lib Product libraries and...

Страница 80: ...gt sagt For information about enabling monitoring Java ES MF monitoring see Enabling Java ES MF Monitoring in Sun Java System Directory Server Enterprise Edition 6 0 Administration Guide Utilities Pre...

Страница 81: ...ServerRoot shared bin modutil Deprecated Manage PKCS 11 modules ServerRoot shared bin uconv Deprecated Convert from ISO to UTF 8 ServerRoot shared bin repldisc install path ds6 bin repldisc Discover...

Страница 82: ...ubdirectories Version 5 Directory Version 6 Directory Remarks ServerRoot slapd ServerID bak instance path bak Directory instance database backup ServerRoot slapd ServerID confbak Deprecated Administra...

Страница 83: ...guration on page 97 Mapping the Events Configuration on page 103 Mapping the Actions Configuration on page 104 Configuring Directory Proxy Server 6 0 as a Simple Connection Based Router on page 104 Ma...

Страница 84: ...of the ids proxy sch GlobalConfiguration object class to the corresponding properties in Directory Proxy Server 6 0 TABLE 6 1 Mapping of Version 5 Global Configuration Attributes to 6 0 Properties Di...

Страница 85: ...ing and Deleting a Directory Proxy Server Instance in Sun Java System Directory Server Enterprise Edition 6 0 Administration Guide ids proxy con include logproperty No equivalent For information on co...

Страница 86: ...Directory Proxy Server 5 certificates were managed by using the certreq utility or by using the console In Directory Proxy Server 6 0 certificates are managed by using the dpadm command or by using t...

Страница 87: ...onfig o netscaperoot The following table provides a mapping between Directory Proxy Server 5 connection configuration attributes and the corresponding Directory Proxy Server 6 0 properties TABLE 6 3 M...

Страница 88: ...a list of all the connection handler properties run the following command dpconf help properties grep connection handler In Iplanet Directory Access Router 5 0 IDAR these configuration attributes are...

Страница 89: ...nding Directory Proxy Server 6 0 properties and describes how to set these properties by using the command line TABLE 6 5 Mapping Between Version 5 Network Group Attributes and 6 0 Properties Director...

Страница 90: ...essful binds can be classified into connection handlers according to the authentication criteria Directory Proxy Server 6 0 can be configured to reject all requests from a specific connection handler...

Страница 91: ...r 5 0 IDAR these configuration attributes are stored under ids proxy con Name group name ou groups ou pd2 ou iDAR o services In Directory Proxy Server 5 2 these configuration attributes are stored und...

Страница 92: ...ies of a request filtering policy and a resource limits policy For information on configuring a request filtering policy see Creating and Configuring Request Filtering Policies and Search Data Hiding...

Страница 93: ...Name group name ou groups ou pd2 ou iDAR o services In Directory Proxy Server 5 2 these configuration attributes are stored under ou groups cn user defined name ou dar config o NetscapeRoot The follow...

Страница 94: ...ping Attributes Restricting Search Responses In Directory Proxy Server 5 these attributes describe restrictions that are applied to search results being returned by the server before they are forwarde...

Страница 95: ...limits policy Mapping the Referral Configuration Attributes In Directory Proxy Server 5 these attributes determine what Directory Proxy Server should do with referrals In Directory Proxy Server 6 0 th...

Страница 96: ...In Iplanet Directory Access Router 5 0 IDAR these configuration attributes are stored under ids proxy con Name group name ou groups ou pd2 ou iDAR o services In Directory Proxy Server 5 2 these confi...

Страница 97: ...erver renames the server attribute name to the client attribute name To configure this property use the following command dpconf set ldap data source prop data source name attr name mappings client at...

Страница 98: ...rectory Service Control Center or by using the command line For more information see Creating and Configuring LDAP Data Sources in Sun Java System Directory Server Enterprise Edition 6 0 Administratio...

Страница 99: ...e tcp no delay ids proxy con link security policy ssl policy ids proxy con x509cert subject No equivalent Directory Proxy Server 6 0 does not check the subject of the certificate provided by the backe...

Страница 100: ...0 supports proportional load balancing but also supports additional load balancing algorithms To configure proportional load balancing set the property of the data source pool as follows dpconf set ld...

Страница 101: ...irectory Server Enterprise Edition 6 0 Administration Guide In Iplanet Directory Access Router 5 0 IDAR these configuration attributes are stored under ids proxy con Name group name ou groups ou pd2 o...

Страница 102: ...stored under ids proxy con Config Name user defined name ou system ou dar config o netscaperoot It is not really possible to map the log configuration between Directory Proxy Server 5 and Directory P...

Страница 103: ...a client successfully established an SSL session In Directory Proxy Server 6 0 events are implemented as properties of a connection handler Use the dpconf command to set these properties For example r...

Страница 104: ...ied into another connection handler For example if a client connects anonymously the connection is allocated to the connection handler configured for anonymous connections If the client later provides...

Страница 105: ...ge Queue For installation and upgrade information about Message Queue read the installation instructions for Java Enterprise System software at http docs sun com coll 1286 2 http docs sun com coll 128...

Страница 106: ...u can use to plan your migration process Document your version 1 1 deployment and configuration Be sure to note any customizations you have made to the configuration Schedule migration Because the mig...

Страница 107: ...essage Queue before you proceed with the migration For more information see Checking for Undelivered Messages on page 114 forcepwchg A Windows NT tool that enables you to identify users who changed pa...

Страница 108: ...figuration to an XML file execute export11cnf from the migration directory as follows In a terminal window type the following java jar export11cnf jar h hostname p port D bind DN w bind password s roo...

Страница 109: ...le Export Configuration File In the following sample exported configuration file ad host example com refers to the Active Directory domain controller ds host example com refers to the host running Dir...

Страница 110: ...DOUBLE QUOTES IN THE ABOVE FIELD SynchronizationHost SyncScopeDefinitionSet index 0 location cn users dc example dc com filter creationExpression cn cn cn users dc example dc com sulid SUL1 ActiveDir...

Страница 111: ...0 113556 1 4 906 AttributeDescription parent attr SunAttribute name pwdaccountlockedtime syntax 1 3 6 1 4 1 1466 115 121 1 24 AttributeMap AttributeDescription parent attr SignificantAttribute name lo...

Страница 112: ...ibute name cn syntax 1 3 6 1 4 1 1466 115 121 1 15 AttributeDescription parent attr CreationAttribute name cn syntax 1 3 6 1 4 1 1466 115 121 1 15 AttributeMap AttributeDescription parent attr SunAttr...

Страница 113: ...te name cn syntax 1 3 6 1 4 1 1466 115 121 1 15 AttributeDescription parent attr SignificantAttribute name cn syntax 1 3 6 1 4 1 1466 115 121 1 15 AttributeDescription parent attr SignificantAttribute...

Страница 114: ...se problems as long as the Message Queue remains the same However you will lose any messages on the Message Queue during the migration process when you install Message Queue 3 6 You must verify that t...

Страница 115: ...un Java System Directory Server Enterprise Edition 6 0 Installation Guide For more information about using checktopics see Checking for Undelivered Messages on page 114 After running checktopics check...

Страница 116: ...lity also prints the account names one name per line that it is trying to migrate If an error occurs during the migration process look into the next entry to the last printed entry MigratingYour Syste...

Страница 117: ...Message Queue is in Quiescent State Upgrade to Directory Server 6 0 on Host 1 with Admin Server Intact Back Up Connector State persist etc Directories Start Synchronization and Wait Yes No Password Ch...

Страница 118: ...iguration settings to an XML file From the migration directory execute export11cnf as described in Using the export11cnf Utility on page 108 java jar export11cnf jar D cn directory manager w s dc exam...

Страница 119: ...ChangeDetector Service b Save the NT Change Detector Service counters i Open the Registry Editor by executing regedt32 exe ii Select the HKEY_LOCAL_MACHINE window iii Navigate to the SOFTWARE Sun Mic...

Страница 120: ...ocess For a list of required patches see see Software Dependency Requirements in Sun Java System Directory Server Enterprise Edition 6 0 Release Notes To Uninstall Identity Synchronization forWindowsV...

Страница 121: ...ructions provided in Manually Uninstalling 1 1 Core and Instances from Solaris on page 125 OnWindowsonly AfteruninstallingCore restartyourmachine Note If the uninstall fails you might have to manually...

Страница 122: ...irectory Server configuration and data to version 6 0 For more information on migrating configuration data and user data see Using dsmig to Migrate Configuration Data on page 31 and Using dsmig to Mig...

Страница 123: ...tion 6 0 Installation Guide If you did not select the Configure Identity Synchronization forWindows 6 0 Directory Server Plugin option while installing Directory Server connector configure it now For...

Страница 124: ...sist JAVA_HOME bin jar xf TEMP connector state jar Alternatively use any archive program for Windows such as WinZip Start the service and the synchronization a Start the Identity Synchronization forWi...

Страница 125: ...Windows NT on page 135 Note The instructions provided in this section are for uninstalling Identity Synchronization for Windows version 1 1 and 1 1 SP1 only Do not use the manual uninstallation proced...

Страница 126: ...mand c Use one of the following methods to uninstall the broker packages and directories Use the Message Queue broker uninstall script to uninstall the broker This script is located in the Identity Sy...

Страница 127: ...ynchronization package for Core Components SUNWidsct Sun ONE Directory Server Identity Synchronization package for Connectors SUNWidsoc Sun ONE Directory Server Identity Synchronization package for Ob...

Страница 128: ...all contents in between both tags Ellipses are used in the following list to represent any additional text or tags that are included as part of these tags See the example on Manually Uninstalling 1 1...

Страница 129: ...n location type the following command rm rf serverRoot isw hostname b To remove the bootstrap files type the following command rm rf etc init d isw Clean up the configuration directory as follows a Ru...

Страница 130: ...ySynchronization dn The resulting entry should be similar to the following ou IdentitySynchronization ou Services dc my dc domain b Use the Directory Server Console to remove the Identity Synchronizat...

Страница 131: ...type the following command net stop Sun ONE Identity Synchronization for Windows If the preceding methods do not work use the following steps to stop the Java processes manually a Open the Services wi...

Страница 132: ...n plugins cn config h Stop Directory Server You can stop the server using one of the following methods In the Services window right click on Sun ONE Directory Server 5 2 in the right pane and select S...

Страница 133: ...Broker Backup copy and rename the current productregistry file located in C WINNT system32 Edit the C WINNT system32 productregistry file to remove the following tags Note For best results use an XML...

Страница 134: ...t serverRoot isw hostname For example C Program Files Sun mps isw example Clean up the configuration directory as follows a From a Command Prompt window run the ldapsearch command against the configur...

Страница 135: ...ry should be similar to the following ou IdentitySynchronization ou Services dc my dc domain b Use the Directory Server Console to remove the configuration directory subtree that you found including a...

Страница 136: ...ws If the preceding methods do not work use the following steps to stop the Java processes manually a Open the Services window right click on Identity Synchronization forWindows and select Properties...

Страница 137: ...ry Export Registry File from the menu bar c When the Export Registry File dialog box is displayed specify a name for the file and select a location to save the backup registry In the Registry Editor s...

Страница 138: ...compid ending tag compid and all contents in between both tags Ellipses are used in the following list to represent any additional text and or tags that are included as part of these tags See the exa...

Страница 139: ...registry as described in Manually Uninstalling a 1 1 Instance from Windows NT on page 135 before proceeding to Manually Uninstalling a 1 1 Instance from Windows NT on page 135 Remove the Password Filt...

Страница 140: ...y master for synchronized users Directory Server one instance as the preferred master for synchronized users Core Message Queue Central Logger System Manager and Console Directory Server Plugin Active...

Страница 141: ...ugin Run checktopics to Verify Message Queue is in Quiescent State Upgrade to Directory Server 6 0 on Host 1 with Admin Server Intact Stop Identity Synchronization for Windows Service Back Up Connecto...

Страница 142: ...g configuration data and user data see Using dsmig to Migrate Configuration Data on page 31 and Using dsmig to Migrate User Data on page 35 respectively Directory Server at host2 contains the data and...

Страница 143: ...iescent State Upgrade to Directory Server 6 0 on Host 1 with Admin Server Intact Back Up Connector State persist etc Directories Upgrade to Directory Server 6 0 on Host 2 Install Identity Synchronizat...

Страница 144: ...ou people dc example dc com because the password was encoded by a previous installation of Identity Synchronization for Windows Directory Server Plugin The password of this user cannot be synchronize...

Страница 145: ...pics utility checktopics jar 118 clearing messages 115 default location 114 checktopics utility Continued description 114 prerequisites 114 syntax 115 using 114 clear text passwords inserting 108 109...

Страница 146: ...pwchg utility description 107 forcing password changes 116 location 116 forcepwchg utility Continued preparing for migration 118 requiring password changes 116 forcing password changes 116 H help remo...

Страница 147: ...ectory Server Plugin 106 PDC running forcepwchg utility 116 persist directory backing up 108 119 restoring 124 preparing for migration 117 prerequisites for checktopics utility 114 processes stopping...

Страница 148: ...rectory Server 120 uninstalling program 121 unpacking product binary files 118 updating schema 122 using checktopics utilities 114 utilities checktopics 107 114 export11cnf 107 forcepwchg 107 using ch...

Отзывы:

Нет отзывов

Похожие инструкции для Sun Java System Directory Server Enterprise Edition 6.0

Бренд: IBM Страницы: 908

Бренд: IEI Technology Страницы: 89

System x3250 M3 Type 4251

Бренд: IBM Страницы: 32

eServer BladeCenter HS40 Type 8839

Бренд: IBM Страницы: 120

Бренд: Black Box Страницы: 30

Netfinity 4500R

Бренд: IBM Страницы: 60

Бренд: HP Страницы: 38

ProLiant DL320 Generation 4

Бренд: HP Страницы: 70

ProLiant DL288 GENERATION 6

Бренд: HP Страницы: 45

ProLiant DL360e Gen8

Бренд: HP Страницы: 116

ProLiant DL20 Generation9

Бренд: HP Страницы: 48

Бренд: HP Страницы: 38

ProLiant DL2000

Бренд: HP Страницы: 46

ProLiant DL360 Generation 5

Бренд: HP Страницы: 43

ProLiant DL165 G7

Бренд: HP Страницы: 118

ProLiant DL360e Generation 8

Бренд: HP Страницы: 64

ProLiant DL360 Generation 4

Бренд: HP Страницы: 93

ProLiant DL180 Gen9

Бренд: HP Страницы: 130

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды