Start of change

Publish information to the Directory Server

You can configure your system to publish certain information into a Directory Server on the same system or on a different system as well as user defined information. The operating system automatically publishes this information to the Directory Server when you use iSeries Navigator to change this information on i5/OS. Information that you can publish includes system (systems and printers), print shares, user information, and TCP/IP Quality of service policies (for more information see Publishing).

If the parent DN to which the data is being published does not exist, Directory Server automatically creates it. You might have also installed other i5/OS applications which publish information in an LDAP directory. Additionally, you can call application program interfaces (APIs) from your own programs to publish other types of information to the LDAP directory.

Note:
You can also publish i5/OS information to a directory server that is not running on i5/OS if you configure that server to use the IBM schema.

To configure your system to publish i5/OS information into a directory server, take these steps:

  1. In iSeries Navigator, right-click on your system and select Properties.
  2. Click the Directory Server tab.
  3. Select the types of information that you want to publish.
    Tip:
    If you plan to publish more than one type of information to the same location, you can save time by selecting multiple information types to configure at one time. Operations Navigator will then use the values you enter when you configure the one information type as default values when you configure subsequent information types.
  4. Click Details.
  5. Click the Publish system information check box.
  6. Specify the Authentication method that you want the server to use, as well as the appropriate authentication information.
  7. Click the Edit button next to the (Active) Directory server field. In the dialog that pops up, enter the name of the directory server where you want to publish i5/OS information, then click OK.
  8. In the Under DN field, enter the parent distinguished name (DN) where you want information added on the directory server.
  9. Fill in the fields in the Server connection frame that are appropriate to your configuration.
    Note:
    To publish i5/OS information to the directory server using SSL or Kerberos, you need to first have your directory server configured to use the appropriate protocol. See Kerberos authentication with the Directory Server for more information about SSL and Kerberos.
  10. If your directory server does not use the default port, enter the correct port number in the Port field.
  11. Click Verify to ensure that the parent DN exists on the server and that the connection information is correct. If the directory path does not exist, a dialog will prompt you to create it.
    Note:
    If the parent DN does not exist, and you do not create it, then publishing will not be successful.
  12. Click OK.

Note:
You can also publish i5/OS information to a directory server that is on a different platform. You must publish user and system information to a directory server that uses a schema compatible with the IBM Directory Server schema. For more information about the IBM Directory Schema, see IBM Directory Server schema.

APIs for publishing i5/OS information to the directory server

Directory Server provides built-in support for publishing user and system information. These items are listed on the Directory Server page of the systems Properties dialog. You can use LDAP server configuration and publishing APIs to enable the i5/OS programs that you write to publish other types of information. These types of information then appear on the Directory Server page as well. Like users and systems, they are initially disabled, and you configure them using the same procedure. The program that adds the data to the LDAP directory is called the publishing agent. The type of information that is published, as it appears on the Directory Server page, is called the agent name.

The following APIs will allow you to incorporate publishing into your own programs:

QgldChgDirSvrA
An application uses the CSVR0500 format to initially add an agent name that is marked as a disabled entry. Instructions for users of the application should instruct them to use iSeries Navigator to go to the Directory Server property page to configure the publishing agent. Examples of agent names are the systems and users agent names automatically available on the Directory Server page.
QgldLstDirSvrA
Use this APIs LSVR0500 format to list what agents are currently available on your system.
QgldPubDirObj
Use this API to do the actual publishing of information.

For detailed information about these APIs, see the Lightweight Directory Access Protocol (LDAP) topic under Programming in the iSeries Information Center.

End of change