Escolar Documentos
Profissional Documentos
Cultura Documentos
Introduction
Abstract:
This STE will cover the ISMP installation and
configuration of the IBM Tivoli Directory Server
version 6.1 release.
Objectives:
4. Understand the available support resources
5. How to install ITDS version 6.1 via ISMP
6. How to configure an ITDS version 6.1 Server
7. Awareness of the new tools available with this release
8. Basic Installation and Configuration debugging
Agenda
1. Before We Begin
Important Links
STE Links
Passport Advantage Packages
ITDS version 6.1 Product Overview
2. ISMP Installation and Server Configuration
Install ITDS v6.1 and prerequisite software
User Creation
Directory Server instance creation using the Instance Administration tool
Database Creation and configuration using ldapxinst
Set the Admin Dn and Password using ldapxinst
Configure a suffix using the idsxcfg utility
Load sample data using the idsxcfg utility
Starting the ITDS server
Web Administration Tool (new enhancements)
Agenda
Before We Begin
Section 1
Important Links
STE Links
ITDS version 6.1 Packages
ITDS 6.1 Product Overview
Important Links
Important Links
Google Newsgroup:
http://groups.google.com/group/ibm.software.ldap/topics?lnk=gschg
Support Site:
http://www-306.ibm.com/software/sysmgmt/products/support/IBMDir
Tivoli Product Lifecycle Site:
http://www-306.ibm.com/software/sysmgmt/products/support/lifecyc
Tivoli Software Global User Group Community:
http://www.tivoli-ug.org/
STE Links
Previous STE’s
Introduction to ITDS 6.0 Installation and Configuration:
http://www-1.ibm.com/support/docview.wss?uid=swg27009575
Ask the Experts Session:
http://www-1.ibm.com/support/docview.wss?uid=swg27009620
Introduction to Replication on 6.0:
http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg27009688
Introduction to SSL on ITDS 6.0:
http://www-1.ibm.com/support/docview.wss?uid=swg27009739
ITDS version 6.1 Overview:
http://www-1.ibm.com/support/docview.wss?uid=swg27010155
STE Links
Upcoming STE’s
http://www-306.ibm.com/software/sysmgmt/products/support/supp_tech_exch.html
There are 8
downloadable parts in
the IBM Tivoli Directory
Server 6.1 eAssembly for
AIX.
The table provides
details about each part.
Download all 4 .tar files
or all 4 .iso files.
All the parts are
contained in the following
eAssembly:
CR5JYML: IBM Tivoli
Directory Server 6.1 for
AIX (.tar and .iso files)
Section 2
Install ITDS v6.1 and prerequisite software
User Creation
Directory Server instance creation using the Instance Administration tool
Database Creation and configuration using ldapxinst
Set the Admin Dn and Password using ldapxinst
Configure a suffix using the idsxcfg utility
Load sample data using the idsxcfg utility
Starting the ITDS server
Web Administration Tool
ISMP Installation
Before you begin any installation of ITDS you must review the
requirements for your environment. Additionally you should
review the Installation and Configuration guide.
System Requirements:
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm
Things to be aware of …
on AIX®, Linux®, Solaris, and HP-UX systems soft links for TDS V6.1
libraries and commands are not set during installation in /usr/bin (or in
/usr/lib). If you want to set soft links to Tivoli Directory Server libraries and
commands, use the idslink command after completing the installation. See
the IBM Tivoli Directory Server Version 6.1 Command Reference for
information about the command.
On AIX, be sure that you have at least 300 MB of free space in the /tmp
directory or the directory you want to use as a temporary directory. If you
use a temporary directory and you are installing any of the co-requisite
products (IBM Tivoli Directory Integrator, Embedded WebSphere Application
Server, or DB2) be sure that you have 150 MB in the /tmp directory.
On AIX, if you install IBM Tivoli Directory Integrator, the InstallShield GUI
installation program incorrectly assumes the Deployment Engine necessary
for IBM Tivoli Directory Integrator will be installed into the /opt directory,
when it will actually be installed into the /usr directory. If /opt is in a different
partition than /usr, the space calculation might not be correct. Be sure that
the /usr directory has at least 200 MB of free space
There are two installation paths in the InstallShield GUI: Typical and
Custom.
Use the Typical installation path if you want to accept default settings,
install all the IBM Tivoli Directory Server components that are not
already installed, and create a default directory server instance.
Use the Custom installation path if you want to select components for
installation and create a directory server instance using the Instance
Administration Tool. When you use this tool you can customize the
directory server instance.
Installation path:
On AIX, Solaris and HP-UX systems: /opt/IBM/ldap/V6.1
On Linux systems: /opt/ibm/ldap/V6.1
Installation path is customizable on Windows only
default installation directory: C:\Program Files\IBM\LDAP\V6.1
ISMP Installation
Select the for the installation wizard and click “OK”.
Default Instance
Since the “dbsysadm” group was already created for us as part of the
default instance creation we do not need to create a new db2
administrative group.
We can proceed to the user creation option from the idsxinst utility.
idsxinst
New capability to
create the OS user
for you.
If you already
have an existing
user, you may
select it from the
drop down list.
Or you can have
the idsxinst utility
create the user for
you.
To make
cryptographic
synchronization
easier you can
now specify the
encryption seed
and salt value as
part of the
instance creation.
idsxinst – Confirmation
idsxinst - finished
idsilist command
The idsilist
command will
display the
instance
information from
command line.
idsxcfg
To launch the
idsxcfg utility,
from command
line issue
# idsxcfg –I
<instance name>
The instance
name specified
will be displayed
on the Overview
panel
• Click “Add…”
Click “OK” and return to the manage console servers panel. Notice the
“idsinst” is now listed. Click the “Add…” button and add the second
instance (ldapdb2) to the list using the same steps.
Section 3
Problem Determination Approach
Available Resources
Log Files
Failed ISMP installation
Failures with instance creation
Failures with database creation
Failures with server startup
Failures with Web Admin
IBM Tivoli Directory Server contains several tools in addition to the operating
system tools to help you determine the source of problems you encounter
(continued):
Error logs
– Error logs record error messages that occur during directory server
processing. IBM Tivoli Directory Server detects and saves these errors in a
text file. See Logging utilities for more information.
Audit logs
– Audit logs record suspicious patterns of activity in order to detect security
violations. If security is violated, the audit log can be used to determine how
and when the problem occurred. IBM Tivoli Directory Server detects and saves
these errors in a text file. See Logging utilities for more information.
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ib
4. The “Search Support” feature of the ITDS Support site:
http://www-306.ibm.com/software/sysmgmt/products/support/IBMDirectoryServer.h
6. The “Messages Guide”:
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.IBMDS.doc/m
Log Location
Proxy Install Logs /var/idsldap/V6.1/proxy.log
/var/idsldap/V6.1/proxyErr.log
Log Location
ITDS Critical Server /<ITDS instance home>/idsslapd-<instance
Logs name>/logs
Most Important Files:
audit.log
db2cli.log
ibmslapd.log
DB2 Critical Logs /<DB2 Instance home>/sqllib/db2dump
Most Important Files:
db2diag.log
instname.nfy
Log Location
ITDS WebAdmin Logs: /opt/IBM/ldap/V6.1/appsrv/profiles/TDSWebAdminProfile/IDSLogs
If installation does not complete, the first place you can look
for information is the ldapinst.log file. If the installation
destination directory (install_directory) was created, this log
is in the following location:
On AIXsystems, the ldapinst.log file is in /var/idsldap/V6.1.
If install_directory was not created before the installation
failed, the log might be in a temporary directory. To find it,
search for "ldapinst.log". Review this log for any messages
about why the installation failed.
<WAS_profile_path>/config/cells/DefaultNode/virtualhosts.xml
<WAS_profile_path>/config/cells/DefaultNode/nodes/DefaultNode/ser
vers/server1/server.xml
<WAS_profile_path> is the path where the ITDS WebAdmin application profile is
configured in eWAS.
e.g.: /opt/IBM/ldap/V6.1/appsrv/profiles/TDSWebAdminProfile
Note:
This path does have two subdirectories named DefaultNode.
Make one change in each file for a total of two updates.
Section 4
Installing using operating system utilities
System access for installation, instance creation and configuration
DB2 hints
Instance creation and configuration command line utilities
DB2 hints
DB2 V8 FP10 or higher is supported
DB2 V9 can coexist on a system where V8 is installed
Multiple installs of DB2 V9 is allowed on a single system in different install locations.
When installing using TDS V6.1 ISMP – DB2 V9 gets installed into /opt/IBM/tdsdb2V9.1/
folder
/opt/IBM/ldap/V6.1/etc/ldapdb.properties file contents is used to create and configure
db2 instance and database for given ids instance and a copy of ldapdb.properties gets
stored in <instance_home>/idsslapd-<instanceName>/etc/ folder
DB2 instance user can be different compared to ids instance user, but for simplicity
prefer the same instance user name
If custom database location is used make sure the db2 instance user owns the
database location folder. Database instance user’s primary group should group-own
the database location folder. If different db2 and ids instance user are used then make
sure ids instance user is member of database instance user’s primary group
Install GSKit before installing DB2
Refer DB2 infocenter: http://publib.boulder.ibm.com/infocenter/db2luw/v9/index.jsp
Questions?
Press * 1 on your phone to ask a question
Or type your question into the chat window of the
web conferencing tool
For general questions about the STE program or to
request specific topics feel free to email:
Rick Smith at Ricks3@us.ibm.com