HP OSMS Blueprint: Directory Services on HP ProLiant Servers with SLES10
Table of Contents
Introduction............................................................................................................................................5
Executive Summary...........................................................................................................................5
Intended Audience............................................................................................................................5
Scope and Purpose............................................................................................................................5
HP Services........................................................................................................................................5
Typographic Conventions......................................................................................................................6
HP Encourages Your Comments............................................................................................................6
Overview of HP Directory Services OSMS.............................................................................................6
Stack Components.............................................................................................................................6
Hardware Environment....................................................................................................................7
Installing and Configuring Symas CDS and Apache Modules..............................................................8
Pre-Installation..................................................................................................................................8
Installing CDS....................................................................................................................................8
Configuring the CDS Server..............................................................................................................9
Configuring the CDS Client............................................................................................................11
Managing the Symas CDS Server.........................................................................................................11
Using CDS Server Script Options ...................................................................................................11
Debugging the CDS Server..............................................................................................................12
Performing Common CDS Server Operations................................................................................12
Performing Backups and Recovery with Berkeley DB.........................................................................15
Performing a Hot Backup and Reloading the Berkeley DB............................................................15
Recovering the Berkeley DB ...........................................................................................................16
Obtaining Statistics for the Berkeley DB ........................................................................................17
Configuring the Master-Slave Replication............................................................................................17
Setting Up the Replication...............................................................................................................18
Monitoring the Replication Status...................................................................................................18
Using the slapd Debugging Level..............................................................................................18
Using the contextCSN Method for Comparison........................................................................19
Scaling CDS Using a Load Balancer................................................................................................19
Integrating the Apache HTTP Server with the mod_authnz_ldap and mod_ldap Modules..............19
Verifying the Installations...............................................................................................................19
Testing LDAP Authentication with the Apache HTTP Server........................................................20
Testing the Secure SSL-Enabled LDAP Connections......................................................................21
Setting up Security for the CDS Server ................................................................................................22
File System Security.........................................................................................................................22
Network Security.............................................................................................................................22
Using Simple Authenticating and Security Layer.....................................................................22
Configuring SASL with DIGEST-MD5.................................................................................23
Mapping SASL Users to Distinguish Names........................................................................23
Using TLS ..................................................................................................................................25
Configuring TLS for Network Encryption ...........................................................................25
Using the EXTERNAL Authentication Mechanism with TLS .............................................26
Directory Security ...........................................................................................................................28
Monitoring OpenLDAP with the HP OpenView Operations CDS Gallery SPIs.................................31
Software Prerequisites and Reference Guides.................................................................................32
Using the SPIs ............................................................................................................................33
Table of Contents 3