94 lines
5.1 KiB
HTML
94 lines
5.1 KiB
HTML
|
<?xml version="1.0" encoding="utf-8"?>
|
||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow"/>
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<title>Directory Server (LDAP) - Create a realm administrator</title>
|
||
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
||
|
</head>
|
||
|
<body>
|
||
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
||
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
||
|
|
||
|
|
||
|
<a name="rzahyrealmadmin"></a>
|
||
|
<h3 id="rzahyrealmadmin">Create a realm administrator</h3>
|
||
|
<p>To create a realm administrator, you must first create an administration
|
||
|
group for the realm by doing the following:</p>
|
||
|
<ol type="1">
|
||
|
<li>Create the realm administration group.
|
||
|
<ol type="a">
|
||
|
<li>Expand the <span class="bold">Directory management</span> category
|
||
|
in the navigation area of the Web administration tool.</li>
|
||
|
<li>Click <span class="bold">Manage entries</span>.</li>
|
||
|
<li>Expand the tree and select the realm you just created, <span class="bold">cn=realm1,o=ibm,c=us</span>.</li>
|
||
|
<li>Click <span class="bold">Edit ACL</span>.</li>
|
||
|
<li>Click the <span class="bold">Owners</span> tab.</li>
|
||
|
<li>Ensure that <span class="bold">Propagate owner</span> is
|
||
|
checked.</li>
|
||
|
<li>Enter the DN for the realm, <span class="bold">cn=realm1,o=ibm,c=us</span>.</li>
|
||
|
<li>Change the <span class="bold">Type</span> to group.</li>
|
||
|
<li>Click <span class="bold">Add</span>.</li></ol></li>
|
||
|
<li>Create the administrator entry. If you do not already have a
|
||
|
user entry for the administrator, you must create one.
|
||
|
<ol type="a">
|
||
|
<li>Expand the <span class="bold">Directory management</span> category
|
||
|
in the navigation area of the Web administration tool.</li>
|
||
|
<li>Click <span class="bold">Manage entries</span>.</li>
|
||
|
<li>Expand the tree to the location where you want the administrator
|
||
|
entry to reside.
|
||
|
<a name="wq361"></a>
|
||
|
<div class="notetitle" id="wq361">Note:</div>
|
||
|
<div class="notebody">Locating the administrator
|
||
|
entry outside of the realm avoids giving the administrator the ability to
|
||
|
accidently delete him or herself. In this example the location might be <span class="bold">o=ibm,c=us</span>.</div></li>
|
||
|
<li>Click <span class="bold">Add</span>.</li>
|
||
|
<li>Select the <span class="bold">Structural object class</span>, for example <span class="bold">inetOrgPerson</span>.</li>
|
||
|
<li>Click <span class="bold">Next</span>.</li>
|
||
|
<li>Select any auxiliary object class you want to add.</li>
|
||
|
<li>Click <span class="bold">Next</span>.</li>
|
||
|
<li>Enter the required attributes for the entry. For example,
|
||
|
<ul>
|
||
|
<li><span class="bold">RDN</span> cn=JohnDoe</li>
|
||
|
<li><span class="bold">DN</span> o=ibm,c=us</li>
|
||
|
<li><span class="bold">cn</span> John Doe</li>
|
||
|
<li><span class="bold">sn</span> Doe</li></ul></li>
|
||
|
<li>On the <span class="bold">Other attributes</span> tab
|
||
|
ensure that you have assigned a password.</li>
|
||
|
<li>When you are done, click <span class="bold">Finish</span>.</li></ol></li>
|
||
|
<li>Add the administrator to the administration group.
|
||
|
<ol type="a">
|
||
|
<li>Expand the <span class="bold">Directory management</span> category
|
||
|
in the navigation area of the Web administration tool.</li>
|
||
|
<li>Click <span class="bold">Manage entries</span>.</li>
|
||
|
<li>Expand the tree and select the realm you just created, <span class="bold">cn=realm1,o=ibm,c=us</span>.</li>
|
||
|
<li>Click <span class="bold">Edit attributes</span>.</li>
|
||
|
<li>Click the <span class="bold">Members</span> tab.</li>
|
||
|
<li>Click <span class="bold">Members</span>.</li>
|
||
|
<li>In the <span class="bold">Members</span> field enter the
|
||
|
DN of the administrator, in this example <span class="bold">cn=John
|
||
|
Doe,o=ibm,c=us</span>.</li>
|
||
|
<li>Click <span class="bold">Add</span>. The DN is displayed
|
||
|
in the <span class="bold">Members</span> list.</li>
|
||
|
<li>Click <span class="bold">OK</span>.</li>
|
||
|
<li>Click <span class="bold">Update</span>. The DN is displayed
|
||
|
in the <span class="bold">Current members</span> list.</li>
|
||
|
<li>Click <span class="bold">OK</span>.</li></ol></li>
|
||
|
<li>You have created an administrator that can manage entries within
|
||
|
the realm.</li></ol>
|
||
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
||
|
</body>
|
||
|
</html>
|