(No Ratings Yet)
Loading...
Note: For most up-to-date OUD/ODSM information click here
Glassfish ldap-admin server1
Glassfish ldap-admin server2
ldap-admin server1
ldap-admin server2
Contents
Create a solaris zone
Admin server information
Glassfish ldap-admin server1
Glassfish ldap-admin server2
ldap-admin server1
ldap-admin server2
Admin server setup information
- Create a zone with zonecfg, the config is below
- Install the zone with zoenadm
# zonecfg -z ldap-admin1 info
zonename: ldap-admin1
zonepath: /rpool/ldap-admin1
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
fs:
dir: /rpool/ldap_install
special: rpool/ldap_install
raw not specified
type: lofs
options: []
net:
address: 10.10.10.10
physical: igb1
defrouter not specified
dataset:
name: rpool/gf30-inst1
Setup the environment
export HISTSIZE=1000 export PATH=/gf30-inst1/bin:$PATH:/usr/sfw/bin:/opt/dsee7/bin export JAVA_HOME=/usr/jdk1.6.0_21Download Oracle glassfish 3.0.1 Extract and install glassfish with silent file below
#openInstaller Dry Run Answer File. This File can be used as input to the openInstaller engine using the -a option. #Mon Jul 19 11:17:33 EDT 2010 RegistrationOptions.regoptions.CREATE_NEWACCT=CREATE_NEWACCT glassfish.Administration.HTTP_PORT=8080 updatetool.Configuration.PROXY_PORT=8080 glassfish.Administration.ADMIN_PASSWORD=password JDKSelection.directory.JDK_FROM_LIST_CHOICE=true RegistrationOptions.regoptions.SKIP_REGISTRATION=SKIP_REGISTRATION updatetool.Configuration.PROXY_HOST=10.10.10.5 SOAccountCreation.accountinfo.COUNTRY= InstallHome.directory.INSTALL_HOME=/gf30-inst1 RegistrationOptions.regoptions.USE_EXISTINGACCT=USE_EXISTINGACCT SOAccountCreation.accountinfo.FIRSTNAME= updatetool.Configuration.ALLOW_UPDATE_CHECK=false glassfish.Administration.ADMIN_USER=admin JDKSelection.directory.JDK_LIST=/usr/java (v. 1.6.0_21 by Sun Microsystems Inc.) SOAccountCreation.accountinfo.PASSWORD= SOAccountCreation.accountinfo.COMPANYNAME= JDKSelection.directory.HIDDEN_JDK=/usr/java SOAccountCreation.accountinfo.COUNTRY_DROP_DOWN= SOAccountCreation.accountinfo.REENTERPASSWORD= RegistrationOptions.regoptions.USERNAME= updatetool.Configuration.BOOTSTRAP_UPDATETOOL=false SOAccountCreation.accountinfo.LASTNAME= glassfish.Administration.ADMIN_PORT=4848 RegistrationOptions.regoptions.USERPASSWORD= JDKSelection.directory.JDK_TYPED_IN_CHOICE=false SOAccountCreation.accountinfo.EMAIL= JDKSelection.directory.JDK_TYPE_IN= RegistrationOptions.regoptions.DUMMY_PROP=Create glassfish domain
# ./asadmin create-domain domain0 Enter admin user name [Enter to accept default "admin" / no password]> admin Enter the admin password [Enter to accept default of no password]> Enter the admin password again> Enter the master password [Enter to accept default password "changeit"]> Enter the master password again> Using port 4848 for Admin. Using default port 8080 for HTTP Instance. Using default port 7676 for JMS. Using default port 3700 for IIOP. Using default port 8181 for HTTP_SSL. Using default port 3820 for IIOP_SSL. Using default port 3920 for IIOP_MUTUALAUTH. Using default port 8686 for JMX_ADMIN. Using default port 6666 for OSGI_SHELL. Distinguished Name of the self-signed X.509 Server Certificate is: [CN=ldap-admin1,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US] No domain initializers found, bypassing customization step Domain domain0 created. Domain domain0 admin port is 4848. Domain domain0 admin user is "admin". Command create-domain executed successfully.Start the domain
# ./asadmin start-domain domain0 Enter master password (3) attempt(s) remain)> Waiting for DAS to start ... Started domain: domain0 Domain location: /gf30-inst1/glassfish/domains/domain0 Log file: /gf30-inst1/glassfish/domains/domain0/logs/server.log Admin port for the domain: 4848 Command start-domain executed successfully.
glassfish setup
If the glassfish admin hangs because it tries to connect to the intranet, stop the admin and do.cd /gf30-inst1/glassfish/modules mv console-updatecenter-plugin.jar console-updatecenter-plugin.jar.org
To configure the war file run on the admin server
dsccsetup war-file-create Created /opt/SUNWdsee7/var/dscc7.war dsccsetup ads-create Choose password for Directory Service Manager: Confirm password for Directory Service Manager: Creating DSCC registry... DSCC Registry has been created successfully
How to deploy the war file
- Deploye the /opt/SUNWdsee7/var/dscc7.war file in glassfish
- Add in the [glassfish_config_path]/glassfish/domains/domain1/config/server.policy
// Permissions for Directory Service Control Center
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/dscc7/-"
{
permission java.security.AllPermission;
};
How to add the DS/DPS to the admin
On the Director server / Directory Proxy server, test the connection to the admin
dsccreg list-servers -h 10.10.10.10 Enter DSCC administrator's password: Hostname Port sPort Type Owner Flags iPath Description -------- ---- ----- ---- ----- ----- ----- ----------- 0 server instance(s) found in DSCC on 10.10.10.10.
Add the DS/DPS to the admin server
Note: The dsccreg needs to run on the DS/DPS servers (not the admin server)dsccreg add-server -h 10.10.10.10 /data1/ldap_inst1/ldap/ Enter DSCC administrator's password: /data1/ldap_inst1/ldap/ is an instance of DS Enter password of "cn=Directory Manager" for /data1/ldap_inst1/ldap/: This operation will restart /data1/ldap_inst1/ldap/. Do you want to continue ? (y/n) y Connecting to /data1/ldap_inst1/ldap (using ldap://127.0.0.1:1389) Enabling DSCC access to /data1/ldap_inst1/ldap Restarting /data1/ldap_inst1/ldap Registering /data1/ldap_inst1/ldap in DSCC on 10.10.10.10. dsccreg add-server -h 10.10.10.10 /data1/ldaproxy-config Enter DSCC administrator's password: /data1/ldaproxy-config is an instance of DPS Enter password of "cn=Proxy Manager" for /data1/ldaproxy-config: Connecting to /data1/ldaproxy-config (using ldap://127.0.0.1:389) Enabling DSCC access to /data1/ldaproxy-config Registering /data1/ldaproxy-config in DSCC on 10.10.10.10.
Verify the registration is good
dsccreg list-servers -h 10.10.10.10 Enter DSCC administrator's password: Hostname Port sPort Type Owner Flags iPath Description ---------------- ---- ----- ---- ----- ----- ---------------------- ----------- ldap1.domain.com 389 636 DS root /data1/ldap_inst1/ldap ldproxy1.domain.com 389 636 DPS root /data1/ldaproxy-config 2 server instance(s) found in DSCC on 10.10.10.10.
Run on each instance
# dsccsetup cacao-reg Registering DSCC Agent in Cacao... Checking Cacao status... Deploying DSCC agent in Cacao... DSCC agent has been successfully registered in Cacao.
Replication between the admin servers
Note: First make sure to follow this process to setup the certificates between the admin servers Follow this process to complete replication between the admin serversHow to Patch Directory Server
Note: The instructions below is only for the ZIP versionStop the running domain
This is only needed on the admin serverasadmin stop-domain domain0
Prepare for the patch
dsccsetup prepare-patch
Unzip and overwrite the old files
cd TEMP_DIRECTORY unzip -qq ODSEE11_1_1_3_0_xxx.zip cd ODSEE_ZIP_Distribution unzip -qq sun-dsee7.zip -d INSTALL_PATH cd INSTALL_PATH/dsee7 # unzip -qq sun-dsee7.zip -d /optreplace /opt/dsee7/lib/libslapd.so.1? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
Complete install process
dsccsetup complete-patch
***
Configuring Cacao...
Cacao has been successfully configured.
Registering DSCC Agent in Cacao...
Checking Cacao status...
Starting Cacao...
DSCC Agent will use locale C and charset ISO646-US
DSCC agent has been successfully registered in Cacao.
You can now restart your Directory Proxy Server instances:
/opt/dsee7/bin/dpadm start /ldproxy1/ldap-proxy1/proxy
***
Start Directory Server
/opt/SUNWdsee7/bin/dsadm start /opt/SUNWdsee7/var/dcc/ads or /opt/dsee7/bin/dpadm start /ldpr1/ldap-proxy1/proxy or /opt/dsee7/bin/dsadm start /ldap1/ldap_inst1/ldap
Start the domain – for Admin servers only
asadmin start-domain domain0