SAS 9.1.3 Integration Technologies » Administrator's Guide (LDAP Version)

Setting up an LDAP Directory Server
Installing the Server
Installing LDAP Schema for IPlanet, Netscape, and SecureWay
Installing the LDAP Schema for Microsoft Active Directory
Adding Person Entries to the Directory
LDAP Configuration Overview
Getting Started

Installing the Server

In order for Integration Technologies software to use the LDAP directory, you must set up a directory server. These instructions provide the procedure for setting up a directory server using iPlanet (previously known as Netscape), which is the option distributed with SAS software. These instructions assume that you are using a Windows/NT server.

  1. Verify that the TCP protocol is configured and that at least a host name and domain name are defined. To verify, follow these steps:

    1. Right-click on the Network Neighborhood icon on the Windows/NT desktop and select Properties from the pop-up menu. The Network window appears.

    2. If it is not selected already, select TCP/IP Protocol in the Network Protocols list.

    3. Select the Protocols tab, and then select the Properties button. The TCP/IP Properties dialog box appears.

    4. Select the DNS tab in the dialog box.

    5. Verify that values are entered in the Host Name and Domain fields. If the fields are blank, you must enter valid values before you can continue with directory installation.

    6. Close all dialog boxes.

  2. Start the iPlanet Directory Server (previously known as Netscape Directory Server) installation program. After you agree to the software license, you are asked what type of installation to perform. Select Custom Install.

  3. Select which components to install. In general, the default selections should be acceptable. You do not need to install Synch Services unless you plan to use replication.

  4. The next dialog box asks whether this directory service instance is the configuration directory server. Accept this selection unless you fully understand the consequences of using a different server to store the configuration information.

  5. The installation procedure requests the server identifier, port, and suffix. In most cases, the default identifier and port should be acceptable without change. However, you can modify the suffix to match your installation.

    For example, a for company named Alphalite Airways, you might enter the suffix o=Alphalite Airways,c=US. Alternatively, you could use the domain component format: dc=alpair,dc=com.

    If you are not sure what value to use, enter o=CompanyName,c=US for a US company. For other countries, use the appropriate two-character ITU abbreviation.

  6. You are prompted for the Configuration Directory Administrator user ID and password. The Configuration Directory Administrator has access to the configuration data stored in the directory server. Enter secure values for these fields and remember the values, because they are difficult to recover if they are lost. This user ID is automatically added as the Configuration Administrator user in the directory's configuration data tree.

  7. When prompted for the Administration Domain, accept the default value.

  8. You are prompted for the Directory Manager DN. This value is different from the Configuration Directory Administrator user ID and password. The Directory Manager has access to all user-added data in the server. Any user with the specified DN and password can freely access all data in the directory regardless of the access control settings.

    A common manger DN is cn=root, although you can use any valid DN that is formatted as a comma-separated series of name/value pairs. Select a secure password.

  9. Next, you are asked whether you want to configure the directory as a supplier or consumer of replication data. Unless you have read the instructions and know you want to replicate your directory, accept the defaults for this prompt.

  10. You are asked whether you want to install sample data into the directory. If you want to test the directory installation but do not have any data immediately available, select Yes for this prompt.

  11. You are asked whether you want to disable schema checking. SAS recommends that you NOT disable schema checking, which ensures that all of the entries in the directory conform to the schema definition. The schema is a list of attribute types consisting of name, object identifier (OID), matching rule (case-insensitive string, case-exact string, etc.), and a list of object classes that defines which attributes are required and allowed for that class. With schema checking enabled, new entries are compared against the schema before those entries are added to the directory. Entries that do not conform to the schema are not added to the directory.

  12. You are prompted for the Administration Server Access user ID and password. This is the ID and password that are required when you start the console application. It is convenient, but not necessary, to select the same ID and password as the Configuration Directory Administrator.

  13. You are prompted for the administration port. Accept the default value.

  14. Delete the installation cache.

  15. Reboot, if requested to do so.

  16. The installation procedure is finished.