Netscape NETSCAPE ENTREPRISE SERVER 6.0 - ADMINISTRATOR, Administrator'S Manual

Page 1: ...Administrator s Guide Netscape Enterprise Server Version6 0 November 2001...

Page 2: ...ghts reserved This product includes software developed by Apache Software Foundation http www apache org Copyright c 1999 The Apache Software Foundation All rights reserved This product includes softw...

Page 3: ...Server Documentation 22 Part 1 Server Basics 25 Chapter 1 Introduction to Enterprise Server 27 Enterprise Server 27 Enterprise Server Features 28 Administering and Managing Enterprise Servers 29 Ente...

Page 4: ...Removing a Server 46 Migrating a Server 47 Part 2 Using the Administration Server 49 Chapter 3 Setting Administration Preferences 51 Shutting Down the Administration Server 51 Editing Listen Socket S...

Page 5: ...tatic and Dynamic 75 Dynamic Group Impact on Server Performance 75 Guidelines for Creating Dynamic Groups 75 To Create a Dynamic Group 77 Managing Groups 77 Finding Group Entries 78 The Find all group...

Page 6: ...Installing a Certificate 98 Migrating Certificates When You Upgrade 100 Migrating a Certificate 100 Using the Built in Root Certificate Module 101 Managing Certificates 102 Installing and Managing CR...

Page 7: ...Caching SSL Files 132 Limiting Ports 132 Knowing Your Server s Limits 133 Making Additional Changes to Protect Servers 133 Specifying chroot for a Virtual Server Class 134 Specifying chroot for a Virt...

Page 8: ...157 Thread Pools UNIX Linux 157 Editing Thread Pools 157 Using Thread Pools 158 Chapter 8 Controlling Access to Your Server 159 What Is Access Control 159 Setting Access Control for User Group 160 Def...

Page 9: ...Example of an htaccess File 197 Supported htaccess Directives 197 allow 197 deny 198 AuthGroupFile 198 AuthUserFile 198 AuthName 199 AuthType 199 Limit 199 LimitExcept 200 order 200 require 201 htacc...

Page 10: ...Enabling and Starting the SNMP Master Agent 234 Starting the Master Agent on Another Port 234 Manually Configuring the SNMP Master Agent 235 Editing the Master Agent CONFIG File 235 Defining sysContac...

Page 11: ...64 Search Home Page 265 A Search Query 265 Guided Search 266 Advanced Search 268 The Search Results 269 Listing Matched Documents 269 Sorting the Results 270 Displaying a Highlighted Document 270 Disp...

Page 12: ...irtual Server 301 Virtual Server Selection for Request Processing 302 Document Root 303 Log Files 303 Migrating Virtual Servers from a Previous Release 304 Using Enterprise Server Features with Virtua...

Page 13: ...Configuring Virtual Server Quality of Service Settings 329 Configuring Virtual Server Log Settings 330 Configuring Virtual Server Java Web Application Settings 331 Deleting a Virtual Server 331 Chapte...

Page 14: ...357 Customizing User Public Information Directories Unix Linux 358 Restricting Content Publication 359 Loading the Entire Password File on Startup 359 Using Configuration Styles 360 Enabling Remote F...

Page 15: ...82 Examples 382 create Command 382 Options 383 Create Virtual Server Class 383 Create Connection Group 384 Create Listen Socket 384 Create Virtual Server 385 delete Command 387 Options 387 Delete Clas...

Page 16: ...the Server 405 Entering UTF 8 Data 406 File or Directory Names 406 LDAP Users and Groups 406 Using the Accept language Header 406 Using Other Language Settings 407 Search Information 408 International...

Page 17: ...ions on Windows NT Systems 420 Installing FrontPage97 Server Extensions on UNIX Linux Systems 425 Installing FrontPage98 Server Extensions on UNIX Linux Systems 428 Installing FrontPage2000 Server Ext...

Page 18: ...18 Netscape Enterprise Server Administrator s Guide November 2001...

Page 19: ...onfigure and administer the Enterprise Server After configuring your server use this guide to help maintain your server After you install the server this guide is available in HTML format at manual ht...

Page 20: ...erprise Server Chapter 2 Administering Enterprise Servers describes how to manage your Enterprise Server with the Administration Server Part II Using the Administration Server This part provides conce...

Page 21: ...to the Netscape Enterprise Server Performance Tuning Sizing and Scaling Guide Chapter 12 Using Search describes how to search the contents and attributes of documents on the server In addition this c...

Page 22: ...vide support for Microsoft FrontPage In addition a glossary is included to define frequently used terms that may be unfamiliar to Enterprise Server administrators Conventions Used In This Guide The co...

Page 23: ...ols provided with your OS Defining your server workload and sizing your system to meet your performance needs Installing Java applets CGI programs JavaScript applications and other plug ins onto your...

Page 24: ...purpose and use of the configuration files and provides a comprehensive list of the directives and functions that can be used in these configuration files Netscape Enterprise Server Programmer s Guide...

Page 25: ...25 Part 1 Server Basics Chapter 1 Introduction to Enterprise Server Chapter 2 Administering Enterprise Servers...

Page 26: ...26 Netscape Enterprise Server Administrator s Guide November 2001...

Page 27: ...erver Enterprise Server Architecture Enterprise Server Configuration Administration Server Server Manager Class Manager Virtual Server Manager Enterprise Server Enterprise Server 6 0 is a multi proces...

Page 28: ...1 which defines the interface used for communication between SSL and PKCS 11 modules Federal Information Processing Standards FIPS 140 and special certificates that work with 56 128 or 168 bits depend...

Page 29: ...see Administration Server on page 38 For managing individual instances of Enterprise Server you can use the Server Manager For more information see Server Manager on page 39 To manage virtual servers...

Page 30: ...erver they can view your files provided they have access to them The Search engine enables Enterprise Server users to search the contents and attributes of documents on the server As the server admini...

Page 31: ...ions including instantiation initialization destruction access from other components and configuration management Java servlets and JavaServer pages are reusable Java applications that run on a web se...

Page 32: ...to map your choices with the desired server activity For more information about these files see Enterprise Server Configuration Files on page 33 The server includes a number configuration files which...

Page 33: ...nf file for each virtual server class or grouping of virtual servers Whenever this guide refers to the obj conf file it refers to all obj conf files or to the obj conf file for the virtual server clas...

Page 34: ...ic reconfiguration allows you to make configuration changes to a live web server without having to stop and restart the web server for the changes to take effect You can dynamically change all configu...

Page 35: ...iles The file generated server id acl contains changes you make using the Server Manager access control forms after saving your changes genwork server id acl contains your changes before you save your...

Page 36: ...g files reconfig is the script used to reconfigure the server dynamically If you make non global changes to the server you can use this script to reconfigure the server without stopping and starting i...

Page 37: ...tions using NSAPI search contains information for your server s search plugins snmp contains information for your server s SNMP plugins setup contains the various Enterprise Server setup files includi...

Page 38: ...vers using the Virtual tab of the Server Manager as well as the Class Manager interface and the server xml file The settings for virtual servers are stored in the server xml file found in the server_r...

Page 39: ...istration Server For more information about distributed administration see Allowing Multiple Administrators on page 54 in Chapter 3 Setting Administration Preferences The first page you see when you a...

Page 40: ...server on and off In addition the Server Manager provides the following tabs for additional Enterprise Server managerial tasks Security Logs Monitor Virtual Server Class Java Legacy Servlets Search Fo...

Page 41: ...om those discussed in this section Wildcard patterns use special characters If you want to use one of these characters without the special meaning precede it with a backslash character Class Manager T...

Page 42: ...information see the Class Manager in the online help Virtual Server Manager To access the Virtual Server Manager go to the Virtual Servers tab in the Class Manager then select a virtual server from th...

Page 43: ...ration Server Running Multiple Servers Installing Multiple Instances of the Server Removing a Server Migrating a Server Accessing the Administration Server This section describes how to access the Adm...

Page 44: ...nistration Server icon or type the following URL for starting the administration server in your browser http hostname domain name administration_port Enterprise Server then displays a window prompting...

Page 45: ...ammer s Guide For more information about virtual servers see Chapter 13 Using Virtual Servers Installing Multiple Instances of the Server In past releases of Enterprise Server virtual servers did not...

Page 46: ...tin 1 characters should be used in instance names For more information see The Add Server Page in the online help Removing a Server You can remove a server from your system using the Administration Se...

Page 47: ...ng the same settings is created You should stop running the 4 x server before migrating settings Make sure you have a compatible version of a web browser installed on your computer before migrating se...

Page 48: ...Migrating a Server 48 Netscape Enterprise Server Administrator s Guide November 2001...

Page 49: ...49 Part 2 Using the Administration Server Chapter 3 Setting Administration Preferences Chapter 4 Managing Users and Groups Chapter 5 Securing Your Enterprise Server Chapter 6 Managing Server Clusters...

Page 50: ...50 Netscape Enterprise Server Administrator s Guide November 2001...

Page 51: ...g Listen Socket Settings Changing the User Account UNIX Linux Changing the Superuser Settings Allowing Multiple Administrators Specifying Log File Options Configuring Directory Services Restricting Se...

Page 52: ...socket then direct the request to the correct connection group and virtual server When you install Enterprise Server one listen socket ls1 is created automatically This listen socket uses the IP addre...

Page 53: ...s but not run programs To access the Server Settings page perform the following steps 1 Access the Administration Server and choose the Preferences tab 2 Click the Server Settings link 3 Make the desi...

Page 54: ...g Multiple Administrators Multiple administrators can change specific parts of the server through distributed administration With distributed administration you have three levels of users NOTE You can...

Page 55: ...th discussion of access control for Enterprise Server see What Is Access Control on page 159 in Chapter 8 Controlling Access to Your Server To enable distributed administration perform the following s...

Page 56: ...Server or you can omit certain clients from the log In addition you can choose the Common Logfile Format which provides a fixed amount of information about the server or you can create a custom log f...

Page 57: ...n Server and choose the Preferences tab 2 Click the View Error Log link and click OK For more information see The View Access Log Page in the online help and Chapter 9 Using Log Files Archiving Log Fi...

Page 58: ...ron daemons include scheduling collection maintenance and archiving log files You need to restart cron control whenever you change the settings for scheduled tasks To restart start or stop cron contro...

Page 59: ...ration Server or for a resource within a specific server instance through the Server Manager For more information about setting access control for a resource see Setting Access Control on page 171 in...

Page 60: ...1 Access the Enterprise Server Administration Server 2 Select the Global Settings tab 3 Click the Configure JRE JDK Paths link The Configure JRE JDK Paths page appears 4 Click the radio button corresp...

Page 61: ...Manage Users and Groups The Administration Server provides access to your application data about user accounts group lists access privileges organization units and other user and group specific infor...

Page 62: ...or example you need to specify DN information each time you create or modify directory entries set up access controls and set up user accounts for applications such as mail or publishing The users and...

Page 63: ...try Directory Server User Entries Guidelines for Creating User Entries Consider the following guidelines when using the administrator forms to create new user entries If you enter a given name or firs...

Page 64: ...r Entry To create a user entry read the guidelines outlined in Guidelines for Creating User Entries on page 63 then perform the following steps 1 Access the Administration Server and choose the Users...

Page 65: ...icense The following fields are also available when editing the user entry Sometimes a user s name can be more accurately represented in characters of a language other than the default language You ca...

Page 66: ...mation Editing User Information Managing a User s Password Managing User Licenses Renaming Users Removing Users Finding User Information Before you can edit a user entry you must display the associate...

Page 67: ...eld select the organizational unit under which you want to search for entries The default is the directory s root point or top most entry 5 In the Format field choose either On Screen or Printer 6 Cli...

Page 68: ...anizational unit entry s description for a match Table 4 4 Search Type Options Option Name Description contains Causes a substring search to be performed Entries with attribute values containing the s...

Page 69: ...entry see Renaming Users on page 71 sounds like Causes an approximate or phonetic search to be performed Use this option if you know an attribute s value but you are unsure of the spelling For example...

Page 70: ...Password Management Form to enter a new password Managing User Licenses Administration Server enables you to track which Netscape server products your users are licensed to use To manage the licenses...

Page 71: ...s 1 Access the Administration Server and choose the Users Groups tab 2 Display the user entry as described in Finding User Information on page 66 Note that if you are using common name based DNs speci...

Page 72: ...ribute except for the CN Groupname attribute Dynamic groups allow you to use a LDAP URL to define a set of rules that match only for group members For Dynamic Groups the members do share a common attr...

Page 73: ...Create Group to add the group and immediately return to the New Group form Alternatively click Create and Edit Group to add the group and then proceed to the Edit Group form for the group you have ju...

Page 74: ...multiple memberURL attributes each one consisting of an LDAP URL that enumerates a set of objects in the directory The members of the group would be the union of these sets For example the following...

Page 75: ...ibutes are valid The group s membership is the union of its static and dynamic members Dynamic Group Impact on Server Performance There is a server performance impact when using dynamic groups If you...

Page 76: ...ory such as o example com attributes A list of the attributes to be returned by the search To specify more than one use commas to delimit the attributes for example cn mail telephoneNumber if no attri...

Page 77: ...erform the following steps 1 Access the Administration Server and choose the Users Groups tab 2 Click the New Group link 3 Select Dynamic Group from the Type of Group dropdown list 4 Enter the require...

Page 78: ...iding in your directory You can achieve the same effect by simply leaving the field blank Any LDAP search filter Any string that contains an equal sign is considered to be a search filter As an altern...

Page 79: ...bers to a group perform the following steps 1 Access the Administration Server and choose the Users Groups tab 2 Click the Manage Groups link 3 Locate the group you want to manage as described in Find...

Page 80: ...umbers ending in the search number are returned An email address any search string containing an at symbol is assumed to be an email address If an exact match cannot be found then a search is performe...

Page 81: ...istration Server and choose the Users Groups tab 2 Click the Manage Groups link locate the group you want to manage as described in Finding Group Entries on page 78 and click the Edit button under Gro...

Page 82: ...choose the Users Groups tab 2 Click the Manage Groups link locate the group you want to manage as described in Finding Group Entries on page 78 and click Delete Group Remove entries from the owners li...

Page 83: ...from Online Sales to Internet Investments but you cannot rename the entry such that Online Sales under the Marketing organizational unit becomes Online Sales under the Product Management organization...

Page 84: ...lowing steps 1 Access the Administration Server and choose the Users Groups tab 2 Click the Manage Organizational Units link 3 Type the name of the unit you want to find in the Find organizational uni...

Page 85: ...To display all of the group entries contained in the Look Within directory enter either an asterisk or simply leave this text field blank For more information regarding how to build a custom search f...

Page 86: ...g box Deleting Organizational Units To delete an organizational unit entry access the Administration Server and perform the following steps 1 Make sure no other entries exist in the directory under th...

Page 87: ...se the Users Groups tab 2 Click the Manage Preferred Language List link 3 In the Display Language Selection List field click Yes or No to specify whether Enterprise Server displays the Language Select...

Page 88: ...Managing a Preferred Language List 88 Netscape Enterprise Server Administrator s Guide November 2001...

Page 89: ...These concepts include encryption and decryption public and private keys digital certificates and the encryption protocols For more information see Managing Servers with Netscape Console The process...

Page 90: ...ntranet or extranet You decide which CAs you trust enough to serve as verifiers of other people s identities In addition to a public key and the name of the entity identified by the certificate a cert...

Page 91: ...d see Changing Passwords or PINs on page 131 In the trust database you create and store the public and private keys referred to as your key pair file The key pair file is used for SSL encryption You w...

Page 92: ...ss to them On UNIX leaving the SSL enabled server s password in the password conf file is a large security risk Anyone who can access the file has access to the SSL enabled server s password Consider...

Page 93: ...Authority CA If your company has its own internal CA request your certificate from them If you plan to purchase your certificate from a commercial CA choose a CA and ask for the specific format of the...

Page 94: ...all VeriSign Certificate link 3 Choose internal software from the drop down list for cryptographic module unless you will use an external encryption module 4 Enter your Key Pair File Password or PIN 5...

Page 95: ...ial legal name of your company educational institution partnership and so on Most CAs require that you verify this information with legal documents such as a copy of a business license Organizational...

Page 96: ...six months or a year Some CAs will automatically send you a renewal 4 Perform the following steps to specify how you want to submit the request for the certificate If the CA expects to receive the re...

Page 97: ...ered with during routing from your server machine to the CA In the rare event that the request is tampered with the CA will usually contact you by phone If you choose to email the request the server c...

Page 98: ...o on up to a root CA When you receive a certificate from the CA it will be encrypted with your public key so that only you can decrypt it The server will use the key pair file password you specify to...

Page 99: ...ate name unique across all server instances within a single cryptographic module If a name is entered it will be displayed in the Manage Certificates list and should be descriptive For example United...

Page 100: ...certificates In Enterprise Server 6 0 the Administration Server and each server instance has its own certificate and key pair file referred to as a trust database instead of an alias You manage the tr...

Page 101: ...ll known CA certificates you can now simply update the root certificate module file to a newer version as it becomes available through future versions of Enterprise Server or in Service Packs Because...

Page 102: ...root alias If you are using an external cryptographic module such as a hardware accelerator you will first need to enter your password for each specific module and click OK The certificate list will u...

Page 103: ...produced and periodically updated by a CA Installing a CRL or CKL To obtain a CRL or CKL from a CA perform the following steps 1 Obtain the CA s URL for downloading CRLs or CKLs 2 Enter the URL in yo...

Page 104: ...r Manager and choose the Security tab For the Server Manager you must first select the server instance from the drop down list 2 Click the Manage CRL CKLs link The Manage Certificate Revocation Lists...

Page 105: ...use the strongest cipher they can both have for communication You can choose ciphers from the SSL2 SSL3 and TLS protocols The encryption process alone isn t enough to secure your server s confidentia...

Page 106: ...tion strength and government restrictions on export of encrypted software Among other functions the SSL and TLS handshake protocols determine how the server and client negotiate which cipher suites th...

Page 107: ...ng steps 1 Access the Server Manager and select the server instance the listen socket will be created in from the drop down list 2 Select the Preferences tab if not already displayed 3 Choose the Add...

Page 108: ...e Server Manager click Apply and then Restart for changes to take effect Selecting a Server Certificate for a Connection Group You can configure connection groups in either the Administration Server o...

Page 109: ...er will set those security preferences for all virtual servers associated with that connection group If you wish to have unsecured virtual servers they must all be configured to the same connection gr...

Page 110: ...8 Optional If you selected SSL2 or SSL3 TLS in the Security Features window either Accept Allow and the default ciphers Accept Allow and check only desired ciphers or uncheck unwanted ciphers Uncheck...

Page 111: ...ual server security settings to work SSL properties for virtual servers can be found on a per server basis in the SSLPARAMS element of the server xml file To set values for your SSL configuration file...

Page 112: ...t value is 100 If the SSLSessionTimeout directive is specified the value of seconds is silently constrained to be between 5 and 100 seconds SSLCacheEntries Specifies the number of SSL sessions that ca...

Page 113: ...dware accelerators Imported certificates and keys for external hardware accelerators are stored in the secmod db file which is generated when the PKCs 11 module is installed Using modutil to Install a...

Page 114: ...al PKCS 11 module You can always export certificates and keys to your internal database but most external tokens will not allow you to export certificates and keys By default pk12util uses certificate...

Page 115: ...n internal or external PKCS 11 module perform the following steps 1 Go to the server_root alias directory containing the databases 2 Add server_root bin https admin bin to your PATH 3 Locate pk12util...

Page 116: ...external PKCS 11 modules include one of the module s token names in their identifier For example a server certificate installed on an external smartcard reader called smartcard0 would be named smartca...

Page 117: ...hen you log in to the external module where Server Cert is stored its certificates are displayed in the list in the TOKENNAME NICKNAME form FIPS 140 Standard PKCS 11 APIs enable communication with sof...

Page 118: ...p down list to turn Security on for that connection group if it is off 6 Click OK The Attributes link now appears 7 Click the Attributes link 8 The Security Settings of Listen Socket page appears 9 Cl...

Page 119: ...rusted CA To accept or reject trusted CAs you must have set client trust for the CA For more information see Managing Certificates on page 102 Enterprise Server will log an error reject the certificat...

Page 120: ...ck Off for Client Auth to turn it on 7 Click OK 8 For the Server Manager click Apply and then Restart for changes to take effect Mapping Client Certificates to LDAP This section describes the process...

Page 121: ...ine where in the LDAP directory it needs to start its search The certificate mapping file also tells the server where to start Once the server knows where to start its search and what it needs to sear...

Page 122: ...following location server_root userdb certmap conf The file contains one or more named mappings each applying to a different CA A mapping has the following syntax certmap name issuerDN name property...

Page 123: ...alue the server searches the entire LDAP tree for entries matching the filter FilterComps is a list of comma separated attributes used to create a filter by gathering information from the user s DN in...

Page 124: ...ee Managing Servers with Netscape Console If this property exists in the certmap conf file the server searches the entire LDAP directory for an entry whose attribute named with this property matches t...

Page 125: ...ap conf file should have at least one entry The following examples illustrate the different ways you can use the certmap conf file Example 1 This example represents a certmap conf file with only one d...

Page 126: ...tificate other certificates are not verified Example 3 The following example uses the CmapLdapAttr property to search the LDAP database for an attribute called certSubjectDN whose value exactly matche...

Page 127: ...sed on an NSAPI PathCheck directive in obj conf rather than Service fn key toosmall This directive is PathCheck fn ssl check secret keysize nbits bong file filename where nbits is the minimum number o...

Page 128: ...edit from the drop down list by clicking Browse by clicking Wildcard 7 Select the secret key size restriction 168 bit or larger 128 bit or larger 56 bit or larger No restrictions 8 Enter the file loc...

Page 129: ...hanges to Protect Servers Limit Physical Access This simple security measure is often forgotten Keep the server machine in a locked room that only authorized people can enter This prevents anyone from...

Page 130: ...e key and your private key password they can create a fake server that appears to be yours or intercept and change communications to and from your server A good password is one you ll remember but oth...

Page 131: ...ose the Security tab For the Server Manager you must first select the server instance from the drop down list 2 Select the Change Password link 3 Select the security token on which you want to change...

Page 132: ...s NT Carefully consider which drives and directories you share with other machines Also consider which users have accounts or Guest privileges Similarly be careful about what programs you put on your...

Page 133: ...run an unprotected server on the same machine as your protected server do the following Assign proper port numbers Make sure that the protected server and the unprotected server are assigned different...

Page 134: ...r instance from the drop down list 2 Select the Virtual Server Class tab 3 Click the Edit Classes link 4 Make sure the Option is set to Edit for the class in which you wish to specify chroot 5 Click t...

Page 135: ...e Tree View of the Server 4 Select the Settings tab The Settings page appears 5 Enter the full pathname in the Set to field next to Chroot Directory 6 Click OK 7 Click Apply 8 Choose Load Configuratio...

Page 136: ...Considering Additional Security Issues 136 Netscape Enterprise Server Administrator s Guide November 2001...

Page 137: ...About Clusters A cluster is a group of Enterprise Servers that can be administered from a single Administration Server Each cluster must include one server designated as the administration server If...

Page 138: ...alled For example if you want three clusters of five Enterprise Servers per cluster you would need to 1 Install all of the servers on the computers where they ll run using the same administration user...

Page 139: ...l installed Enterprise Servers Make sure all Administration Servers are Enterprise Server version 6 0 and use the same protocol HTTP or HTTPS Only Enterprise Server 6 0 servers are supported for addit...

Page 140: ...Administration Server is tuned on 2 Access the Administration Server and choose the Cluster Mgmt tab 3 Click the Add Server link 4 Choose the protocol that the remote Administration Server uses http f...

Page 141: ...add it back into the cluster after the changes have been made The remote administration servers will not be affected by modification to the master cluster database unless their files have been transfe...

Page 142: ...ver through the cluster you can only access it now through it s own Administration Server Controlling Server Clusters Enterprise Server 6 0 allows you to control the remote servers in your cluster by...

Page 143: ...slaves using different port numbers or plug ins to define different shlib paths Adding variables affects only the master cluster database The remote administration servers will not be affected unless...

Page 144: ...d to the server s configuration file you are transferring to the slave For example SERVERPORT Port if port was the variable added You can set variables with different values for each slave in the conf...

Page 145: ...and Performance Tuning Chapter 7 Configuring Server Preferences Chapter 8 Controlling Access to Your Server Chapter 9 Using Log Files Chapter 10 Monitoring Servers Chapter 11 Tuning Your Server for Pe...

Page 146: ...146 Netscape Enterprise Server Administrator s Guide November 2001...

Page 147: ...Restoring Configuration Settings Configuring the File Cache Adding and Using Thread Pools Starting and Stopping the Server On UNIX some Enterprise Server installations may require access to more memor...

Page 148: ...server to complete its shut down process and for the status to change to Off If your machine crashes or is taken offline the server stops and any requests it was servicing may be lost Setting the Term...

Page 149: ...local or etc inittab files you must edit those files with a text editor If you do not know how to edit these files consult your system administrator or system documentation Normally you cannot start a...

Page 150: ...ot is the directory where you installed the server and type identifier is the server s directory The i option prevents the server from putting itself in a background process You must remove this line...

Page 151: ...rver_root type identifier stop Restarting the Server Windows NT You can restart the server by Using the Services Control Panel to restart any server Using the Services Control Panel to configure the o...

Page 152: ...You can also turn off the debugging dialog boxes by using the Registry Editor Changing the Time Interval Windows NT To change the time interval that elapses between startup and the time the server can...

Page 153: ...e to 1 Tuning Your Server for Performance There are two ways to tune the thread limit through editing the magnus conf file and through the Server Manager If you edit the magnus conf file RqThrottleMin...

Page 154: ...he settings to edit from the drop down list and click Manage The Server Manager displays the editor for the settings you specified 4 Make the desired changes to the settings and click OK For more info...

Page 155: ...apter 13 Using Virtual Servers Restricting Access You can control access to the entire server or to parts of the server that is directories files file types using the Server Manager s Restrict Access...

Page 156: ...ache to serve static information faster In the previous version of the server there was also an accelerator cache which routed requests to the file cache but the accelerator cache is no longer used Th...

Page 157: ...ou can use two types of thread pools the native thread pool NativePool and additional generic thread pools To edit the native thread pool access the Native Thread Pool page in the Server Manager You c...

Page 158: ...native pool using the Server Manager Using Thread Pools After you ve set up a thread pool use it by designating it as the thread pool for a specific service To configure a thread pool go to the Serve...

Page 159: ...d set up an administration group in your LDAP database This chapter assumes you have already configured distributed administration and have defined users and groups in your LDAP database You should al...

Page 160: ...apply for the current request Enterprise Server evaluates their ACEs to determine whether access should be granted or denied You allow or deny access based on Who is making the request User Group Whe...

Page 161: ...ine in the obj conf file Basic Authentication Basic authentication requires users to enter a username and password to access your web server or web site It is the default setting You must create and s...

Page 162: ...urity certificates in two ways Using the information in the client certificate as proof of identity Verifying a client certificate published in an LDAP directory additional When you set the server to...

Page 163: ...certificate in the browser with the client certificate in the directory server However the certmap conf file can be configured to only compare selected information from the certificate to the director...

Page 164: ...shown in Table 8 1 If you do not specify an ACL method the server will use either digest or basic when authentication is required or basic if authentication is not required This is the preferred meth...

Page 165: ...y resides on the same server machine that the Directory Server is installed on 2 Make sure you know the Directory Manager password 3 Modify the libdigest plugin ldif file changing all references to pa...

Page 166: ...ck Save 9 Restart your Directory Server instance Other Authentication You can create a custom authentication method using the access control API Setting Access Control for Host IP You can limit access...

Page 167: ...access control on the Administration Server or the files or directories on your web site the settings are stored in a file with the extension acl Access control files are stored in the directory serv...

Page 168: ...the maximum number of entries that can be held in the cache The default value for this parameter is 200 New entries are added to the head of the list and entries at the end of this list are recycled...

Page 169: ...allowed acl default authenticate user group database default method basic deny all user anyone allow read execute list info user all The following rules deny access to the directory web to everyone no...

Page 170: ...sing the Server Manager you could create an ACL for the file only or for each resource leading to the file That is one for the entire server one for the my_stuff directory one for the my_stuff web dir...

Page 171: ...e for payroll You can set access control globally for all servers through the Administration Server Each option is described in detail in the following section Selecting the Access Control Options Set...

Page 172: ...fault access control rules which cannot be edited 5 Check Access control is on if not already selected 6 To create or edit the global ACL click on Deny in the Action column The Allow Deny page is disp...

Page 173: ...User Group Page 9 Select which users and groups you will allow access to and click Update Clicking List for Group and User will provide lists for you to choose from 10 Click on anyplace in the From H...

Page 174: ...Continue column if it isn t already selected as the default The server will evaluate the next line before determining if the user is allowed access When creating multiple lines work from the most gen...

Page 175: ...h to create or edit ACLs for 2 Choose the Preferences tab from the Server Manager 3 Click the Restrict Access link 4 Under the Option column choose one of the following Add and enter the ACL file loca...

Page 176: ...a wildcard pattern for files or directories such as html choose a directory or a filename to restrict or browse for a file or directory Pick an existing ACL to select from a list of all the ACLs you h...

Page 177: ...g installation that restricts write access so only users in the LDAP directory can publish documents Entire Server One set of rules determines the access to your entire web site including any virtual...

Page 178: ...server instance click on Deny in the Action column The Allow Deny page is displayed in the lower frame Figure 8 8 Allow Deny Page 9 Select Allow if it isn t already selected as the default and click...

Page 179: ...ollowing and then click Update All Access Rights Only the following rights and check all appropriate rights for this user 16 Optional Click the x under the Extra column to add a customized ACL express...

Page 180: ...takes when a request matches the access control rule Allow means users or systems can access the requested resource Deny means users or systems cannot access the resource The server goes through the l...

Page 181: ...sers in the groups you specify User matches the individual users you specify For the Administration Server the users must also be in the administrators group you specified for distributed administrati...

Page 182: ...ct a database the server will use to authenticate users This option is only available through the Server Manager If you choose Default the server looks for users and groups in an LDAP directory If you...

Page 183: ...s not When the appears in an IP address it must be the right most character For example 198 is acceptable but not 198 251 30 Restricting Access to Programs Access to programs can only be restricted by...

Page 184: ...ss only to the Configure Directory Service page you would set up a rule that applies only to them host IP and so on and enter dsconfig in the Program Items field Figure 8 11 Page Name Program Item Set...

Page 185: ...me of day day of the week or both The following customized expression shows how you could restrict access by time of day and day of the week This example assumes you have two groups in your LDAP direc...

Page 186: ...for each access control object To change the message sent for a particular ACL perform the following steps 1 Click the Response when denied link in the ACL page 2 Check Respond with the following fil...

Page 187: ...ain For instance you may have a server for a company department that you only want users to access from computers in a specific subdomain of your network Using the steps described for setting access c...

Page 188: ...Resource section and select the directory you want to restrict The directories in the server s document root are displayed Once selected the Editing drop down list displays the absolute path to the d...

Page 189: ...in the ACL name section For example uri my_directory 5 Click Edit Access Control 6 Create a new rule to allows all users read access 7 Create another new rule to allow access for the owner of the dire...

Page 190: ...cting Access Based on Time of Day You can restrict write and delete access to the server or during specified hours or on specified days You might use this to prevent people from publishing documents d...

Page 191: ...reate protection for resources that should only be transmitted over a secure channel To limit access based on security using the steps described for setting access control for a server instance you wo...

Page 192: ...t giving them access to the Enterprise Server The subset of configuration options are stored in dynamic configuration files The following topics are described in this section Using htaccess Files Supp...

Page 193: ...magnus conf Converting Existing nsconfig Files to htaccess Files Using htaccess register Example of an htaccess File Enabling htaccess from the User Interface To configure your Enterprise Server to us...

Page 194: ...NativeThread no Init fn htaccess init For Windows NT Init fn load modules funcs htaccess init htaccess find htaccess register shlib server_root plugins htaccess htaccess dll NativeThread no Init fn ht...

Page 195: ...nterprise Server 6 0 includes the htconvert plug in for converting your existing nsconfig files to htaccess files The nsconfig files are no longer supported If you have been using nsconfig files you s...

Page 196: ...t all the groups a user belongs to username password group1 group2 group3 groupn 2 Revise the AuthGroupFile directive to point to the same file as the AuthUserFile Alternatively you can 1 Remove the A...

Page 197: ...ess from all client hosts host is all or the last part of a DNS host name host is a full or partial IP address Does not need to be enclosed within a Limit or LimitExcept range but usually is Effect Al...

Page 198: ...definitions in the form groupname user user Must not appear within a Limit or LimitExcept range Effect Specifies that the named group file is to be used for any group definitions referenced in a requi...

Page 199: ...re authentication realm is a string identifying an authorization realm to be associated with any request for user authentication Must not appear within a Limit or LimitExcept range Effect The authenti...

Page 200: ...the web server understands can be used here Effect Applies the enclosed directives only for requests types not matching the specified HTTP methods order Syntax Order ordering where ordering is one of...

Page 201: ...ation page of Content Mgmt in the Class Manager Great care should be taken in allowing PUT access to directories containing htaccess files since it will allow them to be replaced PUT access can be pre...

Page 202: ...uld be empty dcsuffix is a new attribute for LDAP databases in dbswitch conf that defines the root of the DC tree according to the Netscape LDAP schema It is relative to the baseDN in the LDAP URL Whe...

Page 203: ...ab if not already displayed 4 Click the ACL Settings link 5 Choose ACL Settings from the Select a Setting drop down list The ACL Settings for Virtual Servers page is displayed 6 Choose Edit from the d...

Page 204: ...Delete from the drop down list in the Option field for each virtual server you wish to change 6 Click the Edit link in the ACL File field to display the available ACL files 7 Select one or more ACL fi...

Page 205: ...alyzer Viewing Events Windows NT About Log Files Server log files record your server s activity You can use these logs to monitor your server and to help you when troubleshooting The error log file lo...

Page 206: ...ss Log on the Virtual Server Manager page You can specify the number of entries to view or entries with a conditional qualifier of your choice The following is an example of an access log in the Commo...

Page 207: ...s tab and choose the View Error Log page Table 9 1 The fields in the last line of the sample access log file Access Log Field Example Hostname or IP address of client arrow example com In this case th...

Page 208: ...iles You can set up your access and error log files to be automatically archived At a certain time or after a specified interval your logs will be rotated Enterprise Server saves the old log files and...

Page 209: ...0 a m from 4 00 a m to 8 00 a m and so forth If log rotation is enabled log file rotation starts at server startup The first log file to be rotated gathers information from the current time until the...

Page 210: ...ccess a resource To use one log file for multiple virtual servers that log file should have vsid in its format string for the access log and LogVsid should be turned on in the magnus conf file for the...

Page 211: ...hive it or create a new access log file for the resource You can specify logging preferences using the Log Preferences page in the Server Manager or you can manually configure the following directives...

Page 212: ...essed most frequently and so on You can run the log analyzer from Enterprise Server or the command line The log analyzer cannot generate statistics for virtual servers other than the default server Ho...

Page 213: ...Error status codes Misconfiguration u total unique URL s o total unique hosts k total kilobytes transferred c total kilobytes saved by caches z Do not count any items t sx mx hx xx z Find general sta...

Page 214: ...which can occur before the error log can be opened To use the Event Viewer perform the following steps 1 From the Start menu select Programs and then Administrative Tools Choose Event Viewer in the Ad...

Page 215: ...in and already enabled You can view the server s status in real time by using the statistics feature or the SNMP If you re using UNIX or Linux you must configure your Netscape server for SNMP if you p...

Page 216: ...network kernel to accommodate the requests For more information see the Netscape Enterprise Server Performance Tuning Sizing and Scaling Guide Once you enable statistics you can view statistics in the...

Page 217: ...isplayed 4 From the pull down list choose the kind of statistics you want displayed 5 Click OK If your server instance is running and you have enabled statistics profiling you see a page displaying th...

Page 218: ...quired Changes to obj conf Known Limitations to Quality of Service Quality of Service Example The following example shows how the quality of service information is collected and computed The server ha...

Page 219: ...he user interface To actually enforce your quality of service settings you must also set up Server Application Functions SAFs in your obj conf file To configure quality of service follow these steps 1...

Page 220: ...ems require opposite solutions 6 Enable quality of service for the server instance and or the virtual server classes The lower portion of the screen lists the server instance and server classes Choose...

Page 221: ...tistic that triggered the limit You may want to alter the sample code to provide different error information These samples are available at server_root plugins nsapi examples qos c You can use these s...

Page 222: ...after the next recompute interval period starts the bandwidth computed will go up significantly because of that recent large PR_TransmitFile This case could cause the server to deny all requests until...

Page 223: ...than the limit and the virtual server class and server instance values are not quite as accurate since they re only computed at intervals SNMP Basics SNMP is a protocol used to exchange data about ne...

Page 224: ...et object identifier has four subtrees directory 1 mgmt 2 experimental 3 and private 4 The private 4 subtree contains the enterprises 1 node Each subtree in the enterprises 1 node is assigned to an in...

Page 225: ...tifier nesInstanceVersion String such as Netscape WebServer Enterprise 6 0 BB1 01 24 2001 17 15 SunOS DOMESTIC nesInstanceDescription Description of the server instance nesInstanceOrganization Organiz...

Page 226: ...sInstanceCount304 Number of 304 Not Modified responses issued by the server instance nesInstanceCount400 Number of 400 Bad Request responses issued by the server instance nesInstanceCount401 Number of...

Page 227: ...unt400 Number of 400 Bad Request responses issued by the virtual server nesVsCount401 Number of 401 Unauthorized responses issued by the virtual server nesVsCount403 Number of 403 Forbidden responses...

Page 228: ...x nesListenId Listen socket identifier nesListenAddress Address where socket listens nesListenPort Port where socket listens nesListenSecurity Encryption support nesThreadPoolTable Enterprise Server t...

Page 229: ...ur system documentation for information on how to verify this information NOTE After changing SNMP settings in the Administration Server installing a new server or deleting an existing server you must...

Page 230: ...inue using native agent 1 Install a proxy SNMP agent 2 Start the proxy SNMP agent 3 Restart the native agent using a port number other than the master agent port number 4 Start the master agent 5 Enab...

Page 231: ...P agent and restart the native SNMP daemon See Using a Proxy SNMP Agent UNIX Linux on page 230 3 Start the SNMP master agent See Enabling and Starting the SNMP Master Agent on page 234 4 Enable the su...

Page 232: ...t the command prompt enter snmpd P port_number where port_number is the port number specified in the CONFIG file For example on the Solaris platform using the port in the previously mentioned example...

Page 233: ...he master SNMP agent using the Server Manager 1 Log in as root 2 Check whether an SNMP daemon snmpd is running on port 161 If no SNMP daemon is running go to Step 4 If an SNMP daemon is running make s...

Page 234: ...r to System Error Could not bind to port when restarting the master agent use ps ef grep snmp to check if magt is running If it is running use the command kill 9 pid to end the process The CGIs for SN...

Page 235: ...is an SNMP daemon snmpd running on port 161 If an SNMP daemon is running make sure you know how to restart it and which MIB trees it supports Then kill its process 3 Edit the CONFIG file located in pl...

Page 236: ...ed Configuring the SNMP Subagent You can configure the SNMP subagent to monitor your server To configure the SNMP subagent perform the following steps 1 From the Administration Server select the serve...

Page 237: ...er name in the CONFIG file will cause the master agent start up to fail To start a master agent on a nonstandard port use one of two methods Method one In the CONFIG file specify a transport mapping f...

Page 238: ...ty string is a text string that an SNMP agent uses for authorization This means that a network management station would send a community string with each message it sends to the agent The agent can th...

Page 239: ...the SNMP subagent use the SNMP Configuration page in the Server Manager and start the subagent from the SNMP Subagent Control page For more information see the corresponding sections in the online hel...

Page 240: ...subagent 3 The subagent retrieves the data or changes the variable in the MIB 4 The subagent reports data or status to the master agent and then the master agent forwards the message back a GET messag...

Page 241: ...241 Chapter 11 Tuning Your Server for Performance For information on tuning your server for performance please see the Netscape Enterprise Server Performance Tuning Sizing and Scaling Guide...

Page 242: ...242 Netscape Enterprise Server Administrator s Guide November 2001...

Page 243: ...Performing a Search The Basics Using the Query Operators Customizing the Search Interface About Search Server documents can be in a variety of formats such as HTML Microsoft Excel Adobe PDF and WordP...

Page 244: ...he directory or directories of documents that you want prepared for searching and index the document information into a searchable database called a collection The next several sections discuss the de...

Page 245: ...on Server s Users Groups function You can allow or restrict access through the Restrict Access interface in the Server Manager For more information about setting access control see Chapter 8 Controlli...

Page 246: ...ory for most of the search interface files When creating a collection you must specify which document directory to index You can only choose a directory that has a URL mapping or a subdirectory within...

Page 247: ...liminating Words from Search You can specify words the search engine should not index or search against These are typically referred to as stop words or drop words and include articles conjunctions an...

Page 248: ...to enter all the case variations of a word For instance for the you should enter the THE and The If you want to use stop words make sure you create the style stp file before you create a collection C...

Page 249: ...Set Size field The default is 5000 If you enter 250 as the value and 1000 documents were found matching the search criteria users would only have access to either the first 250 or the 250 top ranked...

Page 250: ...iles The Default start and end pattern files will be used if no start and end pattern files are listed for a collection or in a multi collection search For more information about how to change the use...

Page 251: ...ection is being searched 6 Enter the relative pathname for the Pattern File for Query Page This entry defines the search query page that appears when the search function is started 7 Click OK to confi...

Page 252: ...r file format For example HTML files have Title and SourceType attribures You can also define META tagged HTML attributes in your HTML files Some file formats such as PDF have a great many default att...

Page 253: ...tions of files to target Once the documents are indexed their contents and file properties such as their titles creation dates and authors are available for searching You can add or delete documents f...

Page 254: ...example HTML or PDF A collection has records with information about each document that has been indexed If the document is deleted from the collection only the collection s entry for that document is...

Page 255: ...email s subject field Date date The date the email was created PDF InstanceID text An internal ID number PermanentID text An internal ID number NumPages integer The number of pages in the document Di...

Page 256: ...e or you can create a collection of documents in various formats that are automatically converted to HTML during indexing When you define a multiple format collection with the auto convert option the...

Page 257: ...ment directories see Mapping URLs on page 245 4 Accept the default html for the Documents Matching field or define your own wildcard expression You can define multiple wildcards in an expression For e...

Page 258: ...aximum of 1024 characters in the optional Description field This description is displayed in the collection contents page 9 Select the type of files the collection is to contain ASCII HTML News Email...

Page 259: ...nts Define how to highlight displayed documents Define which pattern files to use Define how to format dates You should avoid making unnecessary changes to a collection s settings To configure a colle...

Page 260: ...for displaying the search results for Header Footer Record 8 Enter or change the name of the pattern file displaying a single highlighted document from the list of search results in the Result Patter...

Page 261: ...m the collection in the Documents Matching field Entering a wildcard such as html allows only files with this extension to be updated For files within a subdirectory enter the pathname as it appears i...

Page 262: ...new documents that fit the original criteria Collection entries are removed when the source documents have been deleted and can no longer be found Remove You can remove a collection This only removes...

Page 263: ...ies that match your criteria 5 Enter the time of day when you want the scheduled maintenance to take place in the Schedule Time field Use a military format HH MM HH must be less than 24 and MM must be...

Page 264: ...he scheduled maintenance is currently scheduled to take place 5 Click OK to remove the scheduled maintenance For UNIX Linux users to make your newly scheduled maintenance take effect you must restart...

Page 265: ...es individual links to each of the three search query interfaces as well as an online QuickStart tutorial on customizing the interface The tutorial discusses the various pattern files and gives exampl...

Page 266: ...r search query in the For field You can create complex queries by combining operators For details about the search operators see Using the Query Operators on page 271 4 Click the Search button to exec...

Page 267: ...rop down list to select the type of element you wish to search for In this example choose Words 5 Enter in the word you want to search for in the blank text field For details about the search operator...

Page 268: ...wser http server_root port search 2 Click the Advanced HTML Search link on the home page To access advanced HTML search through the standard search query page perform the following steps 1 Go to the s...

Page 269: ...from the list of matching documents Your access permissions are checked at several points during the search process When a user clicks on the icon displayed for a document in the search results which...

Page 270: ...ute name in the Sort By field the documents are displayed in an ascending sort sequence You can list the documents in a descending sort sequence by adding a minus sign prefix to the attribute as in ke...

Page 271: ...splaying Collection Contents You can display the contents of your collection database to see which attributes are set for each collection The default installation of Enterprise Server uses the HTML de...

Page 272: ...t the top of the search results while those that are far apart are put at the bottom of the results This section includes the following topics Default Assumptions Search Rules Determining Which Operat...

Page 273: ...te that angle brackets are not required for OR Search Rules To create complex searches you can Combine query operators Manipulate the query syntax Include wildcard characters Angle Brackets With the e...

Page 274: ...It ignores documents with plans or planning Modifying Operators You can use AND OR and NOT to modify other operators For example you may want to exclude documents with titles that contain the phrase t...

Page 275: ...Finds documents that have all of the specified words Antarctica AND mountain climb Finds only documents containing both Antarctica and mountain climb plus all the stemmed variants such as mountain cli...

Page 276: ...uments created before June 30 1996 less than or equal to Finds documents in which a document field is less than or equal to a specific date or numeric value Created 6 30 96 Finds documents created on...

Page 277: ...ds optional criteria to the search Finds any document that contains at least one of the search values apples OR oranges Finds documents containing either apples or oranges PHRASE Finds documents that...

Page 278: ...tial string Does not work with wildcards Does not rank documents for relevance SUBSTRING employ Finds documents that can match on all or part of employ so it can succeed with ploy WILDCARD Finds docum...

Page 279: ...o construct the forms used for search input and output Many of the variables are defined in the system and user configuration files userdefs ini and dblist ini which are discussed in Configuring Files...

Page 280: ...s the header or footer For example uri cgi bin header cgi These Service functions should precede the actual Service function that will answer the request such as send file or send cgi HTML Pattern Fil...

Page 281: ...om the search results page for more information see Displaying a Highlighted Document on page 270 descriptions pat displays the collection contents The pattern files contain HTML formatting instructio...

Page 282: ...s could be any image or text the user wanted to display on the form sitename Defined in the userdefs ini file as the server s host name that is provided by the NS host search macro queryLabel Defined...

Page 283: ...icator Everything after the is information used by the search function NS collection NS collection This uses the search macro NS collection to define the collection s filename You can set up a search...

Page 284: ...se or attribute you want to search on Collection can specify more than once for multiple collection searches Search functions that display the search results page require these arguments NS search pag...

Page 285: ...hen defined in the configuration file and a NS prefix when used in decorated URLs and pattern files For example NS max records NS doc root and NS date time become NS max records NS doc root and NS dat...

Page 286: ...S host help help search htm title Sample Search Interface searchButtonLabel Search searchNote To search choose a collection then enter words and phrases separated by commas br e g search jet engines b...

Page 287: ...on File Variables Some variables are defined in the system configuration and in the collection configuration files These use a prefix of NS in the configuration file to differentiate them from other m...

Page 288: ...te time The date and time format to use when displaying results NS date input format The format for inputting dates the default is MMDDYY NS HTML descriptions pat The pattern file to use when displayi...

Page 289: ...ether the collection is displayed as part of the collection information listing when NS search page contents The default is YES NS highlight start Begin highlighting at this point in the displayed doc...

Page 290: ...generated pattern variables Variable Description NS collection list An HTML multiple select list of all the collections in dblist ini where NS display select is set to YES NS collection list dropdow...

Page 291: ...is equal to NS max records and is positioned by using NS search offset NS get prev This variable gets the previous set of search results that has been displayed The set is equal to NS max records and...

Page 292: ...Customizing the Search Interface 292 Netscape Enterprise Server Administrator s Guide November 2001...

Page 293: ...l Servers and Services Chapter 13 Using Virtual Servers Chapter 14 Creating and Configuring Virtual Servers Chapter 15 Extending Your Server With Programs Chapter 16 Content Management Chapter 17 Appl...

Page 294: ...294 Netscape Enterprise Server Administrator s Guide November 2001...

Page 295: ...ervers you can offer companies or individuals domain names IP addresses and some server monitoring capabilities with a single installed server For the users it is almost as if they have their own Ente...

Page 296: ...topics Multiple Server Instances Virtual Server Classes Listen Sockets Connection Groups Virtual Servers Virtual Server Selection for Request Processing Document Root Log Files Migrating Virtual Serv...

Page 297: ...ss expensive class of virtual servers You create a class of virtual servers by naming it and setting up a document root where all virtual servers belonging to the class will have their document roots...

Page 298: ...you want a listen socket to listen on all configured IP addresses on a given port for a machine use 0 0 0 0 any ANY or INADDR_ANY for the IP address When you install Enterprise Server one listen sock...

Page 299: ...P addresses Using this functionality you can set up virtual server with dedicated IP addresses For each listen socket there is always a connection group that is the default connection the IP address s...

Page 300: ...lue in the Host header It evaluates the IP address first For more information see Virtual Server Selection for Request Processing on page 302 IP Address Based Virtual Servers In order to have multiple...

Page 301: ...software works with them Older client software that does not support the HTTP Host header won t work These clients will receive the default virtual server for the connection group Default Virtual Ser...

Page 302: ...up is selected If the listen socket is configured to listen on ANY the IP address to which the client connected is matched to the IP address of a connection group contained by that listen socket If no...

Page 303: ...Enterprise Server instance That becomes the document root for the default class You can change that directory at the class level or override it at the individual virtual server level When you add a cl...

Page 304: ...ribe the features and provide information on where to look for more information This section includes the following topics Using SSL with Virtual Servers Using Access Control with Virtual Servers Usin...

Page 305: ...ers see Chapter 5 Securing Your Enterprise Server For a diagram of a sample SSL configuration with virtual servers see Example 2 Secure Server on page 317 Using Access Control with Virtual Servers Wit...

Page 306: ...In addition a user interface for end users who have an individual virtual server is available For more information see Allowing Users to Monitor Individual Virtual Servers on page 311 This section inc...

Page 307: ...e are a few other variables such as accesslog the path to each virtual server s access log and docroot the path to each virtual server s document root that you may occasionally see but id is the only...

Page 308: ...pages then click the Load Configuration Files button on the Apply Changes page If there are errors in installing the new configuration the previous configuration is restored Setting Up Virtual Servers...

Page 309: ...uses an alias The default virtual server is the virtual server that will answer requests for the listen socket s default connection group if no other virtual server is found first For more informatio...

Page 310: ...or more information see Chapter 16 Content Management Editing or Deleting a Virtual Server Class To edit a virtual server class s settings follow these steps 1 From the Server Manager click the Virtua...

Page 311: ...mbers of a particular virtual server class you create virtual servers on the Class Manager For more information see Creating a Virtual Server on page 323 Specifying Settings Associated with a Virtual...

Page 312: ...l server administration user interface without having access to your Administration Server port Figure 13 1 shows the administrators of individual virtual servers accessing the useradmin virtual serve...

Page 313: ...server xml file found at server_root https admserv config server xml 3 Add a new listen socket and connection group to the file The IP address should be 0 0 0 0 or ANY and the port number should be a...

Page 314: ...tual server is unique you can set access so that only the correct administrator can access the settings for a virtual server For more information see Chapter 8 Controlling Access to Your Server Log Fi...

Page 315: ...examples discuss some of the possible configurations available for Enterprise Server Example 1 Default Configuration After a new installation of the Enterprise Server you have one server instance This...

Page 316: ...e served by virtual server VS1 http 127 0 0 1 initiated on example com http localhost initiated on example com http example com http 10 0 0 1 Use this configuration for traditional Enterprise Server u...

Page 317: ...ANY 443 and associate VS1 to the new listen socket s default connection group The virtual server now has two connection groups one that uses the secure listen socket and one that doesn t Now your ser...

Page 318: ...he status of their requests to the Information Services department Previously in this example these sites were hosted on three different computers that had the names phone example com maps example com...

Page 319: ...ard setup using wildcard certificates For more information see Chapter 5 Securing Your Enterprise Server URL host based virtual servers don t work with legacy HTTP clients Figure 13 5 Intranet hosting...

Page 320: ...tions require setting up name to address mappings for the three names In the IP address based configuration each name maps to a different address The host machine must be set up to receive connections...

Page 321: ...kets also results in additional overhead memory and scheduling because of the additional acceptor threads Example 4 Mass Hosting Mass hosting is a configuration in which you enable many low traffic vi...

Page 322: ...irtual Servers 322 Netscape Enterprise Server Administrator s Guide November 2001 Figure 13 7 Mass Hosting Notice that the virtual server installed when you installed the server VS1 still exists in de...

Page 323: ...rvers This chapter contains the following sections Creating a Virtual Server Editing Virtual Server Settings Editing Using the Virtual Server Manager Editing Using the Class Manager Deleting a Virtual...

Page 324: ...Manager or the Virtual Server Manager On the Class Manager the pages are organized by the kind of setting you want to change For example you can go to the Quality of Service page to change the Qualit...

Page 325: ...ing must be on before you can deploy or edit a web application The Deploy Web Application page allows you to deploy a WAR file on either your local machine or a remote server specifying the path URI a...

Page 326: ...s conf by changing Init fn init access accesslog to Init fn init access newaccesslog 9 Select Only Log under Format and check VSid For a custom format select Custom Format and add vsid to the end of t...

Page 327: ...m the pull down list next to the virtual server you want choose Edit or Delete The default virtual server can only be edited and not deleted 4 Set the State to On Off or Disable If you set the state t...

Page 328: ...ociate them with a virtual server One MIME types file mime types exists by default on the server To create new MIME types files or to edit the definitions in a MIME Types file see Choosing MIME Types...

Page 329: ...Quality of Service on page 217 To configure the quality of service settings for a virtual server follow these steps 1 From the Class Manager click the Virtual Servers tab 2 Click Quality of Service A...

Page 330: ...Virtual Servers tab 2 Click Logging Settings A page appears listing all the virtual servers in the class and the location of their error logs 3 Enter an absolute path to the error and access logs The...

Page 331: ...b Applications tab of the Virtual Server Manager to deploy and edit web applications for a specific virtual server For more information on web applications and the web apps xml file see Chapter 15 Ext...

Page 332: ...Deleting a Virtual Server 332 Netscape Enterprise Server Administrator s Guide November 2001...

Page 333: ...lets and JavaServer Pages JSP Installing CGI Programs Installing Windows NT CGI Programs Installing Shell CGI Programs for Windows NT Using the Query Handler Overview of Server Side Programs Java serv...

Page 334: ...Server Each type of program is installed onto the server differently The following list summarizes the procedures For Java servlets you can create and deploy web applications For more information see...

Page 335: ...an open directory structure To develop servlets use Sun Microsystems Java Servlet API For information about using the Java Servlet API see the documentation provided by Sun Microsystems at http java...

Page 336: ...tscape Enterprise Server Programmer s Guide to Servlets Enterprise Server includes the Java Runtime Environment JRE but not the Java Development Kit JDK The server can run servlets and precompiled JSP...

Page 337: ...s its own web apps xml file which defines contexts for a set of web applications running in that virtual server The context information includes a context path of the web application and other propert...

Page 338: ...d directory gets added to the web apps xml file The WAR file gets extracted at the target directory The server is dynamically reconfigured to load the new web application uri_path The URI prefix for t...

Page 339: ...ise Server 6 0 SP1 after deploying or deleting a web application wdeploy dynamically reconfigures the server causing the server to load or unload the web application that was deployed or deleted Previ...

Page 340: ...the Web Applications tab of the Virtual Server Manager To deploy a web application follow these steps 1 Enter the Path to the web application file in the Web Applications File field This is set to we...

Page 341: ...loyed Editing Web Applications You can edit delete disable or enable an already deployed web application Access the Edit Web Applications page by selecting Edit Web Applications under the Web Applicat...

Page 342: ...scape Enterprise Server Programmer s Guide to Servlets Deleting Version Files The Delete Version Files page on the Java tab of the Server Manager allows you to delete the files that contain the versio...

Page 343: ...uses to determine the structure of the directories and files in the caches You can clean out the caches by simply deleting the version file When the server starts up if it does not find the version fi...

Page 344: ...ng and Scaling Guide On a Windows NT computer you might find CGI programs written in C or batch files For Windows NT CGI programs written in a Windows based programming language such as Visual Basic u...

Page 345: ...are benefits to either implementation If you want to allow only a specific set of users to add CGI programs keep the CGI programs in specified directories and restrict access to those directories If y...

Page 346: ...y a URL prefix in the next step 4 Click OK 5 Save and apply your changes To remove an existing CGI directory click that directory s Remove button in the CGI Directory form To change the URL prefix or...

Page 347: ...ecution begins 8 Click OK 9 Save and apply your changes Specifying CGI as a File Type To specify CGI programs as a file type perform the following steps 1 From the Class Manager choose the Programs ta...

Page 348: ...Specifying a Windows NT CGI Directory Specifying Windows NT CGI as a File Type Overview of Windows NT CGI Programs Windows NT CGI programs are handled much as other CGI programs You specify a directo...

Page 349: ...s not supported Forms sent with multi part form data encoding are not supported Specifying a Windows NT CGI Directory To specify a Windows NT CGI only directory 1 From the Class Manager choose the Pro...

Page 350: ...need to specify a URL prefix in Step 3 6 Click OK 7 Save and apply your changes To remove an existing Windows NT CGI directory click that directory s Remove button in the Windows NT CGI Directory form...

Page 351: ...rview of Shell CGI Programs for Windows NT Specifying a Shell CGI Directory Windows NT Specifying Shell CGI as a File Type Windows NT Overview of Shell CGI Programs for Windows NT Shell CGI is a serve...

Page 352: ...mple suppose you store all shell CGI files in a directory called C docs programs cgi shell cgi but you want users to see the directory as http www yourserver com shell In this case you would type shel...

Page 353: ...GI file perform the following steps 1 Create the shell directory on your computer This directory doesn t have to be a subdirectory of your document root directory 2 From the Server Manager choose Serv...

Page 354: ...SINDEX tag see an HTML reference manual To set a query handler perform the following steps 1 From the Server Manager choose the Programs tab 2 Click the Query Handler link The Query Handler window app...

Page 355: ...irectory Setting Additional Document Directories Customizing User Public Information Directories Unix Linux Restricting Symbolic Links Unix Linux Enabling Remote File Manipulation Configuring Document...

Page 356: ...t document directory for a virtual server vs1 that belongs to the class is netscape servers docs vs1 For more information about the document directory and how it is used at the server instance class a...

Page 357: ...rectories for individual virtual servers in the class you must use variables so that the directory the URL prefix is mapped to is different for every virtual server To add an additional document direc...

Page 358: ...ds Jane s home directory The server then looks at jdoe public_html aboutjane html To configure your server to use public directories follow these steps 1 From the Class Manager click the Content Manag...

Page 359: ...ailing slash to the user s home directory path in the etc passwd file jdoe 1234 1234 John Doe home jdoe bin sh becomes jdoe 1234 1234 John Doe home jdoe bin sh After you make this modification Netscap...

Page 360: ...te file manipulation By activating these commands you allow remote browsers to change a server s documents You should use access control to restrict write access to these resources to prevent unauthor...

Page 361: ...at follow For additional information see the online help for the Document Preferences page Entering an Index Filename If a document name is not specified in the URL the server automatically displays t...

Page 362: ...links to other documents By default the server finds the index file specified in the Index Filename field in the Document Preferences page and uses that for the home page However you can also specify...

Page 363: ...edirection is a method for the server to tell a user that a URL has changed for example because you have moved files to another directory or server You can also use redirection to seamlessly send a pe...

Page 364: ...pecific directory If a client tries to connect to a part of your server protected by access control you might return an error file with information on how to get an account Before you can enable a cus...

Page 365: ...he server includes this parameter in its response Netscape Navigator changes its character set accordingly Examples are Content Type text html charset iso 8859 1 Content Type text html charset iso 202...

Page 366: ...time for all the documents in a certain section of the server This footer works for all files except output of CGI scripts or parsed HTML shtml files If you need your document footer to appear on CGI...

Page 367: ...wo filenames that point to the same set of data blocks the original file and the link are identical For this reason hard links cannot be on different file systems Symbolic soft links A symbolic link c...

Page 368: ...rst enable HTML parsing To parse HTML follow these steps 1 From the Class Manager click the Content Management tab 2 Click Parse HTML 3 Choose a resource for which the server will parse HTML Choose En...

Page 369: ...nformation HTTP 1 1 see the Hypertext Transfer Protocol HTTP 1 1 specification RFC 2068 at http www ietf org To set cache control directives follow these steps 1 From the Class Manager click the Conte...

Page 370: ...Using Stronger Ciphers 370 Netscape Enterprise Server Administrator s Guide November 2001 Using Stronger Ciphers For information on setting stronger ciphers see Setting Stronger Ciphers on page 127...

Page 371: ...onfigure access logging for all the files and directories in your virtual server This chapter includes the following sections Creating a Configuration Style Assigning a Configuration Style Listing Con...

Page 372: ...7 1 Configuration Style Categories Category Description CGI file type Allows you to activate CGI as a file type For more information about CGIs see Installing CGI Programs on page 343 in Chapter 15 Ex...

Page 373: ...ory you apply the configuration style to all of the directory s contents 5 Select the configuration style you want to apply To remove any configuration style previously applied to the resource apply t...

Page 374: ...er resources 4 To edit a configuration style assignment click the Edit link next to the configuration style name For more information see The List Assignments Page in the online help Editing a Configu...

Page 375: ...iguration Style Before removing a configuration style remove assignments that had the configuration style applied to them If you do not do this before removing the configuration style you must manuall...

Page 376: ...Removing a Configuration Style 376 Netscape Enterprise Server Administrator s Guide November 2001...

Page 377: ...Appendixes Appendix A Command Line Utilities Appendix B HyperText Transfer Protocol Appendix C ACL File Syntax Appendix D Internationalized Enterprise Server Appendix E Server Extensions for Microsoft...

Page 378: ...378 Netscape Enterprise Server Administrator s Guide November 2001...

Page 379: ...ons For information about formatting LDIF entries see the Netscape Directory Server Command and File Reference Modifying Database Entries Using ldapmodify You use the ldapmodify command line utility t...

Page 380: ...ariable NES_SERVER_HOME to the server root directory in your environment For example on UNIX Linux systems setenv NES_SERVER_HOME usr netscape servers On Windows NT systems 1 On the Control Panel choo...

Page 381: ...ot specify a virtual server the command starts stops or disables every virtual server in the class Options Use the options shown in Table A 2 with the control command to control classes and virtual se...

Page 382: ...les the specified virtual server or all virtual servers in the class if no virtual server is specified Table A 3 Control command parameters Parameters Value cl classname Designates the virtual server...

Page 383: ...hown in Table A 5 with the create c command option to create classes Table A 4 Create command options Option Value c Creates a virtual server class g Creates a connection group l Creates a listen sock...

Page 384: ...ion of the create command to create a listen socket HttpServerAdmin create c cl myclass1 d export netscape servers sinst https netscape com Table A 6 Create connection group parameters Parameter Value...

Page 385: ...change the default values after the virtual server is created Table A 7 Create listen socket parameters Parameter Value ip ip_address The IP address for the listen socket port port_number The port nu...

Page 386: ...mber urlh URL_hosts The URL hosts for the virtual server You can specify more than one URL host separated by a comma conngroupid connection_group_ID The connection group for the listen socket state st...

Page 387: ...x HttpServerAdmin delete c cl classname d server_root sinst http_instance Parameters Use the parameters shown in Table A 9 with the delete command to delete classes Example Table A 9 Delete command op...

Page 388: ...this option of the delete command to delete a listen socket Syntax HttpServerAdmin delete l id listen_socket d server_root sinst http_instance Parameters Use the parameters shown in Table A 9 with th...

Page 389: ...rtual server Example list Command Use the list command to list classes of virtual servers virtual servers listen sockets and connection groups Syntax HttpServerAdmin list command_option d server_root...

Page 390: ...ptions Option Value c Lists all virtual server classes g lsid listen_socket Lists all connection groups for a listen socket l Lists all listen sockets v Lists all virtual servers HttpServerAdmin list...

Page 391: ...l a set of rules that describe how information is exchanged on a network that allows a web browser and a web server to talk to each other using the ISO Latin1 alphabet which is ASCII with extensions f...

Page 392: ...iant see the Hypertext Transfer Protocol HTTP 1 1 specification RFC 2068 at http www ietf org html charters http charter html Requests A request from a client to a server includes the following inform...

Page 393: ...d the client waits for the server s response Responses The server s response includes the following Status code Response header Response data Table B 1 Common request headers Request header Descriptio...

Page 394: ...This is not an error 302 Found Redirection to a new URL The original URL has moved This is not an error most browsers will get the new page 304 Use a local copy If a browser already has a page in its...

Page 395: ...Table B 3 Common response headers Response header Description Server The name and version of the Enterprise Server Date The current date in Greenwich Mean Time Last modified The date when the document...

Page 396: ...Responses 396 Netscape Enterprise Server Administrator s Guide November 2001...

Page 397: ...ontrol API to interface with another database such as an Oracle or Informix database This appendix contains the following sections ACL File Syntax Referencing ACL Files in obj conf ACL File Syntax All...

Page 398: ...e type information in double quotation marks followed by a semicolon Each type information for all ACLs must be a unique name even among different ACL files The following lines are examples of several...

Page 399: ...the ACL type line specifies basic authentication with users matched to individual users in the database or directory authenticate user method basic The following example uses SSL as the authentication...

Page 400: ...s who need access However in some cases if you set the default ACL to deny access to everyone then your other ACL rules don t need a deny all rule The following line denies access to everyone deny all...

Page 401: ...oking for other resources that match Attribute Expressions Attribute expressions define who is allowed or denied access based on their username group name host name or IP address The following lines a...

Page 402: ...fy days of the week Sun Mon Tue Wed Thu Fri and Sat The following statement allows access for users in the premium group any day and any time Users in the discount group get access all day on weekends...

Page 403: ...L file you could make changes in the genwork file then save and apply the changes using Enterprise Server Figure C 1 genwork File General Syntax Items Input strings can contain the following character...

Page 404: ...an ACL as it appears in any ACL file For example you might add the following lines to your obj conf file if you want to restrict access to a directory using the ACL named testacl Object ppath usr ns h...

Page 405: ...text search on a variety of languages This appendix contains the following sections General Information Search Information Servlet Internationalization General Information The following information c...

Page 406: ...er ID and password information must be stored in ASCII To make sure you enter characters in the correct format for users and groups use a UTF 8 form capable client such as Netscape Communicator to inp...

Page 407: ...l http www example com somepage_de html 2 Language codes without the country codes fr in the case of fr CH http www example com fr somepage html http www example com somepage_fr html 3 The DefaultLang...

Page 408: ...one character set encoding at a time you might receive inaccurate results when using those features For best results use one specific character set for all documents when creating search collections f...

Page 409: ...ports the following query operators for Japanese Document Formats This release supports the following document formats for the Japanese language HTML ASCII Table D 3 Query operators for Japanese Opera...

Page 410: ...ji hiragana katakana full width and half width ASCII full width and half width The search engine translates half width katakana to full width katakana and translates full width ASCII to half width ASC...

Page 411: ...nc value where value can be one of the following auto default none any valid encoding These values are described below auto auto requires the servlet container to look for some hints regarding the cha...

Page 412: ...be any valid encoding string like Shift_JIS or UTF 8 For example you would specify this as UTF 8 if you know that the form POST data is always in UTF 8 For more information on parameter encoding see t...

Page 413: ...Posting to JSPs Appendix D Internationalized Enterprise Server 413 h1 The Entered Name is request getParameter test h1 body html...

Page 414: ...Posting to JSPs 414 Netscape Enterprise Server Administrator s Guide November 2001...

Page 415: ...w FrontPage server extensions are CGI programs that provide Enterprise Server support for FrontPage webs Client server communication takes place through standard HTTP POST requests that are forwarded...

Page 416: ...tPage Webs Security Issues Types of FrontPage Webs There are two kinds of FrontPage webs Root webs are the top level content directory of a Enterprise Server or in a multi hosting environment of a vir...

Page 417: ...iles and directories in each FrontPage web Installing FrontPage always modifies the ACLs of the Server Extensions stub executables contained in the _vti_bin directory in each web A new installation of...

Page 418: ...y are vt20 solaris tar z and wpp solaris tar z which is part of the WPP Kit Software FrontPage 98 Server Extensions version 3 0 Windows NT You can download an executable file UNIX Linux You can downlo...

Page 419: ...ndows NT systems you need to have approximately 6MB of disk space available The downloaded file is 3MB and the installed files total 2 5MB On UNIX Linux systems you should have at least 32MB available...

Page 420: ...installs stub extensions to the webs asks for the web owner Installing FrontPage Server Extensions You can install the FrontPage 97 the FrontPage 98 or FrontPage 2000 extensions on Windows NT or UNIX...

Page 421: ...er Extensions Resource Kit launch the Server Extensions Administrator under Start Programs Administrative Tools right click on your machine s host name under Console Root FrontPage Server Extensions a...

Page 422: ...re copied to the bin directory The FrontPage Server Administrator is a tool for installing updating verifying or removing the FrontPage Server Extensions For FrontPage98 extensions these components ar...

Page 423: ...Tools or the command line version fpsrvadm exe which is copied to the bin subdirectory The FrontPage Server Administrator is a tool for installing updating verifying or removing the FrontPage Server...

Page 424: ...rompted for the name of a server to edit or open If the user wants to edit a web on a different machine click on MoreWebs on the line to select a web server or disk location enter the servername portn...

Page 425: ...n as the root user so you can install the FrontPage Server Extensions from the tar file cd usr local 2 Untar the downloaded file This creates a usr local FrontPage version2 0 directory and installs se...

Page 426: ...parameter information fpdir dir default FrontPage Directory httpdconfdir dir default Directory where server s configuration file is located web webname required Web where the Server Extensions are be...

Page 427: ...ing installation the install shell modifies or adds the following files and directories Modifies magnus conf Creates a configuration file named usr local frontpage hostname port cnf Modifies the serve...

Page 428: ...installation you must perform some additional administrative tasks for setting permissions and accessing specific webs To install the extensions perform the following steps 1 Log in as the root user s...

Page 429: ...s were added to the obj conf file During installation the install shell modifies or adds the following files and directories Modifies magnus conf Creates a configuration file named usr local frontpage...

Page 430: ...ch page s contents are parsed to expand FrontPage components such as Include components and Substitution components create a hyperlink map of the FrontPage web and extract page titles and base URLs Th...

Page 431: ..._vti_aut contains author exe _vti_cnf _vti_pvt _private _vti_log _vti_txt images Creates nsconfig files in the _vti_bin _vti_adm _vti_aut and the document root directories Further Information Additio...

Page 432: ...Further Information 432 Netscape Enterprise Server Administrator s Guide November 2001...

Page 433: ...erminal See also intelligent agents authentication Allows clients to verify their identity to the server Basic or Default authentication requires users to enter a username and password to access your...

Page 434: ...atical function used for encryption or decryption ciphertext Information disguised by encryption which only the intended recipient can decrypt client Software such as Netscape Navigator used to reques...

Page 435: ...urdomain domain where the server currently exists document root A directory on the server machine that contains the files images and data you want to present to users accessing the server drop word Se...

Page 436: ...mat originally created by CompuServe GIF files are usually much smaller in size than other graphic file types BMP TIFF GIF is one of the most common interchange formats GIF images are readily viewable...

Page 437: ...ligent agent An object within a server that performs various requests such as HTTP NNTP SMTP and FTP requests on behalf of the user In a sense the intelligent agent acts as a client to the server maki...

Page 438: ...lists of users and gorups is stored for use in authentication listen socket The combination of port number and IP address Connections between the server and clients happen on a listen socket magnus co...

Page 439: ...rk to which you have been granted access rights NIS UNIX Network Information Service A system of programs and data files that UNIX machines use to collect collate and share specific information about...

Page 440: ...miconductor based memory in a computer rc 2 d UNIX A file on UNIX machines that describes programs that are run when the machine starts This file is also called etc rc 2 d because of its location redi...

Page 441: ...the server to internally restart that is reread its configuration files A soft restart sends the process the HUP signal signal number one The process itself does not die as it does in a hard restart...

Page 442: ...at shows the current state of system resource usage top level domain authority The highest category of hostname classification usually signifying either the type of organization the domain is for exam...

Page 443: ...ile virtual server Virtual servers are a way of setting up multiple domain names IP addresses and server monitoring capabilities with a single installed server web application A collection of servlets...

Page 444: ...444 Netscape Enterprise Server Administrator s Guide November 2001...

Page 445: ...NS rel doc name 291 NS search offset 291 NS server url 283 291 NS sort by 291 queryLabel 282 sitename 282 in wildcards 23 65 68 76 121 177 TOKENNAME 117 vsid adding to log file format string 210 vsid...

Page 446: ...68 IP addresses 182 LDAP directories and 182 methods Basic SSL 161 my_stuff directory 170 overview 159 programs 184 public information directories using configuration styles to control 360 redirection...

Page 447: ...ron daemon 58 enabling SSL 106 how to remove the old full name or uid values when renaming a user s entry 71 instance of Enterprise Server 29 introduction 38 main top level page tabs 39 removing a ser...

Page 448: ...Group 161 167 AuthGroupFile 196 198 AuthName 199 Authorization 393 authorization statements ACL 399 AuthTrans qos handler 221 AuthType 199 AuthUserFile 198 automatic restart utility Windows NT 152 B...

Page 449: ...cifying directories 346 specifying shell directory Windows NT 352 specifying Windows NT file type 350 using virtual servers 305 virtual servers configuring unique attributes 346 Windows 348 Windows NT...

Page 450: ...Common Logfile Format definition 434 example 206 server access logs 211 common log 211 community string a text string that an SNMP agent uses for authorization 238 component options available at Enter...

Page 451: ...ine architecture overview 30 Content length 395 Content type 395 Control Panel Windows NT using to shut down the Administration Server 52 control access overview 159 conventions used in this book 22 c...

Page 452: ...administration 55 user entries 64 directory services configuring 58 directory services preferences configuring 58 DirID 255 distinguished name for users form of 64 Distinguished Name DN attribute def...

Page 453: ...pping 148 Enterprise wide manageability feature overview delegated administration clusters and LDAP 28 equals 276 error log example 57 viewing 57 error log file 205 207 location 205 error logs 207 vir...

Page 454: ...stallation parameters 426 security issues 417 server extensions installing 420 webs types of 416 FTS_Author 255 FTS_CreationDate 255 FTS_Creator 255 FTS_Keywords 255 FTS_ModificationDate 255 FTS_Produ...

Page 455: ...196 htconvert 195 HTML 409 character entities 287 defined 436 pattern files 280 server parsed setting up 368 HTML collections default attributes Title Sourcetype 255 HTML server parsed file cache 156...

Page 456: ...22 jp 365 iso646 us 365 iso 8859 1 365 iso ir 100 365 iso ir 6 365 issuerDN 122 J Java guided search interface 266 Java Development Kit JDK configuring paths 59 download location 59 Java Runtime Envir...

Page 457: ...ty 63 Directory Server utility 69 modifying entries with 379 using to change an attribute value that is not displayed by the group edit form 79 LDIF adding database entries 63 entries described 379 en...

Page 458: ...htaccess 194 global variable settings at start up 154 language settings 406 407 security issues 111 termination timeout 148 tuning thread limit 153 magnus conf clfilter 35 MAIL 410 mail 65 124 Mail S...

Page 459: ...t 225 nesInstanceCount2xx 5xx 226 nesInstanceCountOther 226 nesInstanceDeathCount 225 nesInstanceDescription 225 nesInstanceEntry 225 nesInstanceId 225 nesInstanceIndex 225 nesInstanceInOctets 225 nes...

Page 460: ...ory 37 NSAPI Engine runtime environment 31 NS collection NS collection 283 NS collection acl check 269 NS collection alias 289 ns cron conf 35 58 NS date input format 288 NS date time 288 NS default h...

Page 461: ...les HTML 280 search configuring 250 pattern variables configuration files 289 search 291 user defined 287 user defined 285 using 285 pattern variables generated 290 performance dynamic groups impact o...

Page 462: ...Fs in obj conf for using 219 using 217 virtual servers configuring settings for 329 query 273 building custom 67 non alphanumeric characters 279 operators as search words 274 operators for Chinese Jap...

Page 463: ...289 configuration file variables 289 configuration files 252 configuring 249 configuring files manually 251 controlling access to 245 customizing the interface 279 displaying a highlighted document 27...

Page 464: ...ing a new listen socket 107 enabling when editing a new listen socket 107 feature overview 28 FrontPage 417 global parameters in magnus conf 111 increasing 129 virtual servers configuring 328 Security...

Page 465: ...on overview of 31 servlets and JSPs deploying outside of web applications 342 servlets directory 37 Session Management Service application services overview 31 SessionData 36 343 SessionData directory...

Page 466: ...standards web software support for 28 start command Unix platforms 43 start file 38 startconsole file 37 starting the server 149 151 user account needed 53 STARTS 277 409 starts with search type opti...

Page 467: ...ion ciphers use for MS Internet Explorer 5 0 and 5 5 110 tocend pat 281 tocrec pat 281 tocstart pat 281 top level domain authority 442 traffic settings counting statistics for 218 Transport Layer Secu...

Page 468: ...erfaces Administration Server Server Manager Class Manager and Virtual Server Manager 29 user licenses managing 70 user password to change or create 70 useradmin virtual server 312 User agent 393 USER...

Page 469: ...reconfiguration 307 each class has separate configuration information 296 editing ACL settings 203 editing settings via Class Manager 327 editing settings via Virtual Server Manager 324 example defau...

Page 470: ...web root 416 web apps xml using 337 WebBot functions 415 WILDCARD 278 409 wildcards operator 279 operators 279 Resource Picker 41 table of patterns and descriptions 23 wildcards resource list of 177...