Account Management 2.
Manual Rev 99a 28 22 June 00 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc.
Manual Rev 99a 28 22 June 00 Novell Trademarks ConsoleOne is a trademark of Novell, Inc. eDirectory is a trademark of Novell, Inc. Internetwork Packet Exchange and IPX are trademarks of Novell, Inc. NDS is a registered trademark of Novell, Inc. in the United States and other countries. NDS Manager is a trademark of Novell, Inc. NetWare is a registered trademark of Novell, Inc. in the United States and other countries. Novell is a registered trademark of Novell, Inc.
Manual Rev 99a Account Management Quick Start 160-000276-001 November 15, 2000 Novell Confidential 28 22 June 00
QuickStart Rev 99a 18 April 00 27 TA B L E O F C O N T E N TS Account Management Overview . . . . . . . . . . . . . . . . . . . . . 7 NDS eDirectory . . . . . Supported Platforms. Account Management . Supported Platforms. More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
QuickStart Rev 99a 18 April 00 27 TA B L E O F C O N T E N TS Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Installing Account Management on Linux. . . . . . . . . . . . . . . . . . . . . . . . 31 Installing NDS eDirectory on Tru64 UNIX . . . . . . . . . . . . . . 35 System Requirements . . . . . . . . . . . . . Hardware Requirements . . . . . . . . . . . . Forcing the Backlink Process to Run . . . . . . Prerequisites . . . . . . . . . . . . . . . . . .
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Account Management Overview Account Management is a full-service, platform-independent directory that serves as the foundation for many directory-enabled services. Account Management is composed of the following products: ! NDS® eDirectoryTM ! Account Management NDS eDirectory NDS eDirectory is a highly scalable, high-performing, secure directory service. It can store and manage millions of directory objects.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT SUPPORTED PLATFORMS " Windows NT " Solaris " Linux More Information For more information on Account Management, refer to the following sources: ! Product information (http://www.novell.com/products/nds) ! Product support (http://support.novell.com) ! Online forums (news://forums.novell.com) ! Product catalog (http://www.novell.com/catalog) ! Product documentation (http://www.novell.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing or Upgrading NDS eDirectory on NetWare Use the following instructions to install or upgrade NDS® eDirectoryTM on a NetWare® server. NDS eDirectory for NetWare can co-exist with the following NDS versions: ! NetWare 4.11 or 4.2 with NDS 6.09 or later ! NetWare 5 Support Pack 5 or later with Pre-NDS 8 7.46 or later ! NetWare 5 Support Pack 5 or later with NDS 8.35 or later ! NetWare 5.1 Support Pack 1 ! Windows* NT* 4.
QuickStart Rev 99a 22 June 00 29 ACCOUNT MANAGEMENT Hardware Requirements Hardware requirements depend on the specific implementation of NDS. For example, a base installation of NDS eDirectory with the standard schema requires about 74 MB of disk space for every 50,000 users. However, if you add a new set of attributes or completely fill in every existing attribute, the object size grows. These additions affect the disk space, processor, and memory needed.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT Backlinks keep track of external references to objects on other servers. For each external reference on a server, the backlink process ensures that the real object exists in the correct location and verifies all backlink attributes on the master of the replica. The backlink process occurs two hours after the database is open and then every 780 minutes (13 hours). The interval is configurable from 2 minutes to 10,080 minutes (7 days).
QuickStart Rev 99a 22 June 00 29 ACCOUNT MANAGEMENT If one or both of the following conditions exist, you must run DSREPAIR.NLM before installing the first NDS eDirectory server in your tree: ! Anywhere in your tree, a NetWare 5 server is running NDS 8 or NDS 8 NetWare Update. ! Your first installation of NDS eDirectory is on a NetWare 5 server that does not hold a writable replica of the Tree partition. To update the NDS schema: 1 Copy the appropriate DSREPAIR.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT If you use an earlier version of DSREPAIR.NLM and select Rebuild Operational Schema, schema enhancements made by the Post NetWare 5 Schema Update will be lost. To resolve lost schema enhancements, run DSREPAIR.NLM according to the following table: If You Are Running DSREPAIR from Here Do This A server that holds a writable replica of the Tree partition Reapply the Post NetWare 5 Schema Update to your NDS tree.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT 4 Select Product Options > Install a Product Not Listed. 5 Press F3 (F4 if you're using RCONSOLE) > specify the path to the expanded support pack files, such as SYS:\NW5SP4. 6 Select options. Follow the online instructions to install the support pack. During installation, the support pack might prompt you concerning extending the schema.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT Follow the prompts concerning license agreements, the readme file, and tips. After the files are copied, the server automatically restarts and begins to install components for ConsoleOne and Novell Certificate Server. 6 Enter the administrator’s login name (for example, Admin.VMP).
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 16 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing or Upgrading NDS eDirectory on Windows NT/2000 Use the following instructions to install or upgrade NDS® eDirectoryTM on a Windows* NT* or Windows 2000 server. System Requirements " A Windows NT server 4.0 with Service Pack 4 or later (or Windows 2000 Server) and an assigned IP address. " A Pentium* 200 with a minimum of 64 MB RAM (128 MB recommended) and a monitor color palette set to a number higher than 16.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT Two factors increase performance: more cache memory and faster processors. For best results, cache as much of the DIB Set as the hardware allows. NDS scales well on a single processor. However, NDS 8.5 takes advantage of multiple processors. Adding processors improves performance in some areas, for example, logins and having multiple threads active on multiple processors. NDS itself is not processorintensive, but it is I/O-intensive.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT If no NDS tree exists, you can install NDS eDirectory 8.5. The installation program creates an NDS tree. If your NDS tree does not have a Novell Certificate Server, the NDS installation program does the following: ! Creates a Security container object for the entire NDS tree This object is created at the top of the NDS tree and must remain there.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT To upgrade an existing tree, run DSREPAIR on the server that contains the master replica of the Tree partition. The NDS eDirectory installation program checks the existing schema’s version. If the schema has not been upgraded, the installation program instructs you to run DSREPAIR, then discontinues. 1 Copy PATCHES\DSREPAIR\ NTNDS8\DSREPAIR. DLL from the product CD to the directory where you installed NDS, for example, G:\NOVELL\NDS.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT ! SLP Directory Agent This option installs SLP Directory Agent, which allows you to control the collection and dissemination of network service information through advanced features. Follow the online instructions in the Installation Wizard. Select the type of setup you want to install: Directory: Use NDS to manage, configure, and store Directory Agents, scopes, and services.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 22 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing NDS eDirectory on Solaris Use the following instructions to install NDS® eDirectoryTM on Solaris*. System Requirements " Solaris 2.6, Solaris 7, or Solaris 8 with the following required patches: Version Required Patch Solaris 2.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT Hardware Requirements Hardware requirements depend on the specific implementation of NDS. For example, a base installation of NDS eDirectory with the standard schema requires about 74 MB of disk space for every 50,000 users. However, if you add a new set of attributes or completely fill in every existing attribute, the object size grows. These additions affect the disk space, processor, and memory needed.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT After migrating to NDS, we recommend that you force the backlink to run by issuing a SET DSTRACE=*B command from the ndstrace command prompt. Running the backlink process is especially important on servers that do not contain a replica. Prerequisites NDS Server must be installed on all servers that you want to place a NDS replica on. " Meet the “System Requirements” on page 23.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT Installing Account Management on Solaris Use the nds-install utility to install NDS components on Solaris systems. This utility is located in the Setup directory on the CD for the Solaris platform. The utility adds the required packages based on what components you choose to install. After adding the required packages, the installed NDS component will be configured based on inputs provided in the ndscfg.inp file.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT 6 The installation program loads the NDS configuration input file (ndscfg.inp), which you can use to specify values for the following configuration parameters: ! Admin Name and Context Specifies the name (with the full context) of the user with administration rights to the Tree object. ! Tree Name Specifies a name for the NDS tree. ! Create NDS Tree Specify Yes to install NDS in a new tree.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 28 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing NDS eDirectory on Linux Use the following instructions to install NDS® eDirectoryTM on Linux*. System Requirements " Linux 2.2 and glibc 2.1.3. " A minimum of 64 MB RAM (128 MB recommended) " 56 MB of disk space to install NDS Server. Additional disk space requirements will depend on the number of objects you will have in NDS. " ConsoleOneTM requirements: ! ConsoleOne1.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT NDS scales well on a single processor. However, NDS 8.5 takes advantage of multiple processors. Adding processors improves performance in some areas, for example, logins and having multiple threads active on multiple processors. NDS itself is not processorintensive, but it is I/O-intensive.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT " Enable the Linux host you are installing the product on for multicast routing. Enter the following command to check whether the host is enabled for multicast routing: /bin/netstat -nr The following entry should be present in the routing table: 224.0.0.0 host_IP_address If the entry is not present, log in as root, and enter the following command to enable multicast routing: route add -net "240.0.0.0" netmask "224.0.0.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT To install NDS components on Linux systems: 1 Log in as root on the host. 2 Enter the following command: nds-install 3 When prompted, accept the license agreement. The installation program displays a list of NDS eDirectory components that you can install. 4 Specify the option for the component you want to install. Based on the component you choose to install, the installation program proceeds to add the RPMs in to the Linux system.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT ! IP Address To add NDS Server to an existing tree, specify the IP address of the server holding the master replica of the Tree object. This is useful if you are installing across a WAN. This is an optional parameter. ! DB Files Dir Specify the directory path to a location in which NDS database files are to be stored. This is an optional parameter. 7 Save the ndscfg.inp file > close the editor.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 34 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing NDS eDirectory on Tru64 UNIX Use the following instructions to install NDS® eDirectoryTM on Tru64 UNIX*. System Requirements " Compaq* Tru64 UNIX 4.0F (formerly DIGITAL UNIX) or Tru64 UNIX 5.0. " A minimum of 64 MB RAM (124 MB recommended) " 56 MB of disk space to install NDS Server. Additional disk space requirements will depend on the number of objects you will have in NDS. " ConsoleOneTM requirements: ! ConsoleOne 1.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT NDS scales well on a single processor. However, NDS 8.5 takes advantage of multiple processors. Adding processors improves performance in some areas, for example, logins and having multiple threads active on multiple processors. NDS itself is not processorintensive, but it is I/O-intensive.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT " Enable the Tru64 UNIX host you are installing the product on for multicast routing. Enter the following command to check whether the host is enabled for multicast routing: /usr/sbin/netstat -nr The following entry should be present in the routing table: 224/8 host_IP_address If the entry is not present, log in as root, and enter the following command to enable multicast routing: route add [-net] "224.0.0.0" -netmask "240.0.0.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT To install NDS components on Tru64 UNIX systems: 1 Log in as root on the host. 2 Enter the following command: nds-install 3 When prompted, accept the license agreement. The installation program displays a list of NDS eDirectory components that you can install. 4 Specify the option for the component you want to install. Based on the component you choose to install, the installation program proceeds to add the packages in to the Tru64 UNIX system.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT ! IP Address To add NDS Server to an existing tree, specify the IP address of the server holding the master replica of the Tree object. This is useful if you are installing across a WAN. This is an optional parameter. ! DB Files Dir Specifies the directory path to a location in which NDS database files are to be stored. This is an optional parameter. 7 Save the ndscfg.inp file > close the editor.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 40 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing Account Management on Windows NT Use the following instructions to install Account Management on Windows* NT*. System Requirements " Windows NT Server 4.0 with Service Pack 4 or later and an assigned IP address. " A Pentium* 200 computer with 64 MB of RAM and a monitor color palette set to a number higher than 16.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT 3 Select from the following components (you can install the components separately or together): ! Integrate Windows NT Domains with NDS Installs the Account Management components and runs the Domain Object Wizard, which transparently migrates existing NT domains to NDS. ! ConsoleOne Installs ConsoleOneTM 1.2d. ConsoleOne can perform all the tasks previously performed in NetWare Administrator and NDS ManagerTM.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 2 Click Open > select NDS4NT21.SCH. 3 Click Done. 4 Run SETUP.EXE from the Account Management CD.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 44 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing Account Management on Solaris Use the following instructions to install Account Management on Solaris*. System Requirements " Solaris 2.6, 2.7, or 8 with an assigned IP address. " A Pentium* 200 computer with 64 MB RAM. " Root (super user) access to the Solaris machine. For an installation into an existing tree, you need administrative rights to the Tree object to extend the schema.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT 2 When prompted, accept the license agreement. The installation program displays a list of components that you can install. 3 Choose the option to install the Account Management component. The installation program proceeds to add the Account Management package and related components. 4 Enter the following configuration parameters in the ndscfg.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT ! /etc/slp.conf The SLP configuration file ! /etc/pam.conf.
QuickStart Rev 99a 29 ACCOUNT MANAGEMENT 48 160-000276-001 November 15, 2000 22 June 00
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT VERSION 2.1 Installing Account Management on Linux System Requirements " Red Hat 6.1 or later, Laser Linux Suse, or Open Linux with an assigned IP address. " A Pentium* 200 computer with 64 MB RAM. " Root (super user) access to the Linux machine. For an installation into an existing tree, you need administrative rights to the Tree object to extend the schema.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT 3 Select the option to install the Account Management component. The installation program proceeds to add the Account Management package and related components. 4 Enter the following configuration parameters in the ndscfg.
QuickStart Rev 99a 29 22 June 00 ACCOUNT MANAGEMENT ! /etc/pam.d.
