94 lines
6.4 KiB
HTML
94 lines
6.4 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Configure directory server" />
|
|
<meta name="abstract" content="QoS policy configurations can be exported to an LDAP directory server." />
|
|
<meta name="description" content="QoS policy configurations can be exported to an LDAP directory server." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzak8configuring.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzak8ldap.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzak8tree.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="../rzahy/rzahyrzahywelpo.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="../rzahy/rzahyess-pi.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzak8keyword.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="http://www.ibm.com/servers/eserver/iseries/ldap/schema/" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzak8tree.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzak8direct_server" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Configure directory server</title>
|
|
</head>
|
|
<body id="rzak8direct_server"><a name="rzak8direct_server"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Configure directory server</h1>
|
|
<div><p>QoS policy configurations can be exported to an LDAP directory
|
|
server.</p>
|
|
<p>This can make your quality of service (QoS) solution easier to manage.
|
|
Instead of configuring QoS policies on all of your servers, you can store
|
|
the configuration data on one local directory server for many systems to share.
|
|
When you first configure QoS on your server, an Initial Configuration
|
|
wizard appears. This wizard will prompt you to configure a directory server.</p>
|
|
<p>To configure the directory server you will need to decide or know the following
|
|
information:</p>
|
|
<ul><li>Directory server name</li>
|
|
<li>Determine a distinguished name (DN) to refer to the QoS policies</li>
|
|
<li>Determine whether to use SSL security with your LDAP directory server</li>
|
|
<li>Determine whether to use keywords to improve the search for your policies
|
|
on the directory server</li>
|
|
</ul>
|
|
<div class="note"><span class="notetitle">Note:</span> Currently, Kerberos cannot be configured as the authentication method
|
|
the QoS server will use to access the directory.</div>
|
|
<p>To administer the LDAP directory server, you must have one of the following
|
|
authority sets:</p>
|
|
<ul><li>*ALLOBJ authority and *IOSYSCFG authority</li>
|
|
<li>*JOBCTL authority and object authority to the End TCP/IP (ENDTCP), Start
|
|
TCP/IP (STRTCP), Start TCP/IP Server (STRTCPSVR), and End TCP/IP Server (ENDTCPSVR)
|
|
commands</li>
|
|
<li>*AUDIT authority to configure i5/OS™ security auditing</li>
|
|
</ul>
|
|
<p>If you are using iSeries™ Navigator, you will already have access to
|
|
the default QoS Schema. The actual schema file is located on your server at <samp class="codeph">/QIBM/UserData/OS400/DirSrv</samp>.
|
|
However, if you are using an editor other than iSeries Navigator, you will need to import
|
|
the LDIF file described in the following section. You can also import this
|
|
file, if after editing, you want to reload the original, default file.</p>
|
|
<div class="section"><h4 class="sectiontitle">QoS schema</h4><p>A set of rules, called a <em>schema</em>,
|
|
exist to specify what types of LDAP objects are valid to the QoS server. The
|
|
schema contains the necessary rules for QoS. If, however, the LDAP server
|
|
used is not an iSeries server,
|
|
these rules must be imported to the LDAP server. This is done with an LDIF
|
|
(LDAP Data Interchange Format) file. Use the iSeries LDAP Web page to download the
|
|
LDIF file. You will find this file under <span class="menucascade"><span class="uicontrol">Categories</span> > <span class="uicontrol">TCP/IP Policies</span></span> on the left pane. See
|
|
LDAP concepts for a sample QoS schema.</p>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzak8configuring.htm" title="You can use this topic to create differentiated service policies, integrated service policies, and inbound admission policies.">Configure QoS</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzak8ldap.htm" title="You can export your policies to a directory server. Read this topic to see the advantages of using or not using a directory server, Lightweight Directory Access Protocol (LDAP) concepts and configuration, as well as the quality of service (QoS) schema.">Directory server</a></div>
|
|
<div><a href="rzak8tree.htm" title="When you want to manage part of your directory, you refer to the distinguished name (DN) or (if you choose) a keyword.">Distinguished name</a></div>
|
|
<div><a href="../rzahy/rzahyrzahywelpo.htm">IBM Directory Server for iSeries (LDAP)</a></div>
|
|
<div><a href="../rzahy/rzahyess-pi.htm">SSL security with your LDAP directory server</a></div>
|
|
<div><a href="rzak8keyword.htm" title="When you configure your directory server, you need to determine whether to associate keywords with each quality of service (QoS) configuration.">Keywords</a></div>
|
|
</div>
|
|
<div class="relinfo"><strong>Related information</strong><br />
|
|
<div><a href="http://www.ibm.com/servers/eserver/iseries/ldap/schema/" target="_blank">iSeries LDAP Web page</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |