ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahypln-po.htm

77 lines
4.8 KiB
HTML

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Plan your Directory Server</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahypln-po"></a>
<h2 id="rzahypln-po">Plan your Directory Server</h2>
<p>Before you install Directory Server and begin to configure your LDAP directory,
you should take a few minutes to plan the directory. Important things to consider
include the following:</p>
<ul>
<li><img src="delta.gif" alt="Start of change" /><span class="bold">Organize the directory</span>. Plan
the structure of your directory and determine what suffixes and attributes
your server will require. For more information, see <a href="rzahyrecoprac.htm#rzahyrecoprac">Recommended practices for directory structure</a>, <a href="rzahydefdir.htm#rzahydefdir">Directories</a>, <a href="rzahysuffix.htm#rzahysuffix">Suffix (naming context)</a>, and <a href="rzahyattributes.htm#rzahyattributes">Attributes</a>.<img src="deltaend.gif" alt="End of change" /></li>
<li><span class="bold">Decide how large your directory will be</span>.
You can then estimate how much storage you need. The size of the directory
depends on the following:
<ul>
<li>The number of attributes in the servers schema.</li>
<li>The number of entries on the server.</li>
<li>The type of information that you store on the server.</li></ul>For example, an empty directory that uses the default Directory Server schema
requires approximately 10 MB of storage space. A directory that uses the default
schema and which contains 1000 entries of typical employee information requires
about 30 MB of storage space. This number will vary depending on the exact
attributes that you used. It will also increase greatly if you stored large
objects, such as pictures, in the directory.</li>
<li><span class="bold">Decide what security measures you will take</span>.
<p>Directory server allows you to apply a password policy to ensure
that ensure that users change their passwords periodically, and that the passwords
meet the organization's syntactic password requirements.</p>
<p>Directory Server supports
the use of Secure Sockets Layer (SSL) and Digital Certificates as well as
Transport Layer Security (TLS) for communication security. Kerberos authentication
is also supported.</p>
<p>Directory Server allows you to control access to directory
objects with access control lists (ACLs). You can also use the operating system's
security auditing to protect the directory.</p>
<p>Additionally decide what
password policy to apply.</p></li>
<li><span class="bold">Choose an administrator DN and password</span>.
The default administrator DN is <tt class="xph">cn=administrator</tt>. This
is the only identity that authority to create or change directory entries
when the server is initially configured. You can use the default administrator
DN or select a different DN. You also need to create a password for the administrator
DN.</li>
<li><span class="bold">Install prerequisite software for the Directory
Server Web administration tool</span>. In order to use the Directory Server
Web administration tool, the following prerequisite products must be installed
on the iSeries server.
<ul>
<li>IBM HTTP Server for iSeries (5722-DG1)</li>
<li>IBM WebSphere Application Server - Express (5722-IWE Base and Option 2)</li></ul>See the <a href="../rzaie/rzaiemain.htm">IBM HTTP Server</a> topic for more information
about IBM HTTP Server for iSeries and IBM WebSphere Application Server - Express.</li></ul>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>