AIX(R) ¹× SOLARIS¿ë IBM(R) DISTRIBUTED COMPUTING ENVIRONMENT(DCE) ¹öÀü 3.2 README ADDENDA ===================================================== (C) Copyright IBM Corporation 2001. All rights reserved. Âü°í: ÀÚ¼¼ÇÑ ÀúÀÛ±Ç ³»¿ëÀº 12.0 ÁÖÀÇ»çÇ×À» ÂüÁ¶ÇϽʽÿÀ. ===================================================== ¸ñÂ÷ 1.0 README ADDENDA¿¡ ´ëÇÑ Á¤º¸ 2.0 LDAP °í·Á»çÇ× 2.1 IBM SecureWay(R) Directory ¼­¹ö¿¡ ´ëÇÑ E-fix 2.2 µ¿½Ã Àбâ/¾²±â ¿ä±¸»çÇ× 2.3 IBM SecureWay Directory ¼­¹ö¿¡¼­ dcecp Ä«Å»·Î±× ¸í·É¿¡ ´ëÇÑ LDAP Å©±â ÇÑ°è º¯°æ 2.4 ldif2db ¹× º¹Á¦¸¦ »ç¿ëÇÏ´Â CreatorsName ¼Ó¼º 2.5 ½ºÅ°¸¶ ¼öÁ¤ ½Ã ¿À·ù 3.0 AIX °í·Á»çÇ× 3.1 AIX¿¡¼­ °í°´ ÀÀ¿ëÇÁ·Î±×·¥ ½ÇÇà ½Ã °í·Á»çÇ× 3.2 dcecp¿¡ Ãß°¡µÈ dcf_ulimit ¸í·É 3.3 dcf_ulimit ¸í·É 4.0 DCE 3.2 ¼º´É °í·Á»çÇ× ¹× Á¶Á¤ ÆÁ 4.1 secd Á¶Á¤ 4.1.1 LDAP ¼­¹ö¿¡ ´ëÇÑ º¹¼ö ¿¬°á Á¶Á¤ 4.1.2 ÀüÆÄ ½º·¹µå ¼ö Á¶Á¤ 4.1.3 init_repÀÇ °³½ÃÀÚÀÎ secd Á¶Á¤ 4.2 IBM SecureWay LDAP »ç¿ë ½Ã DB2(R) Á¶Á¤ 4.3 LDAP Á¶Á¤ 4.3.1 IBM SecureWay LDAP ¼­¹ö Á¶Á¤ 4.3.2 iPlanet/Netscape LDAP ¼­¹ö Á¶Á¤ 4.4 Çϵå¿þ¾î 4.5 ³×Æ®¿öÅ© 4.6 Ãʱâ ÀÌÁÖ ±â´ë »çÇ× 4.7 DCE ÀÀ¿ëÇÁ·Î±×·¥ °í·Á»çÇ× 4.8 »ç¿ëÀÚ ÀÛ¾÷(·Î±×ÀÎ, ¾ÏÈ£ º¯°æ) 4.9 °ü¸®ÀÚ ÀÛ¾÷(»ç¿ëÀÚ ÀÛ¼º, »ç¿ëÀÚ »èÁ¦) 5.0 ·ÎÄÉÀÏ °í·Á»çÇ× 5.1 UTF-8¿¡ ´ëÇÑ Solaris LDAP Ŭ¶óÀ̾ðÆ® ¹®Á¦Á¡(Solaris¸¸ ÇØ´ç) 5.2 Áö¿øµÇÁö ¾Ê´Â ·ÎÄÉÀÏ ¼³Á¤¿¡ °ü·ÃµÈ LDAP ½ÇÆÐ 6.0 ÇÊ¿äÇÑ ·¹Áö½ºÆ®¸® ¹öÀü ¼öÁ¤ 6.1 LDAP ¸¶½ºÅÍ·Î ÀÌÁÖÇϱâ Àü¿¡ ¸ðµç º¹Á¦º»ÀÇ ·¹Áö½ºÆ®¸® ¹öÀü ¹øÈ£°¡ °°ÀºÁö È®ÀÎ 6.2 Registry modify -version ¸í·ÉÀÌ ÀÏ·Ã ¹øÈ£°¡ ÀÏÄ¡ÇÒ ¶§±îÁö ´ë±â 7.0 ÀÌÁÖ °í·Á»çÇ× ¹× °¡´ÉÇÑ ¿À·ù »óȲ 7.1 ·¹Áö½ºÆ®¸® ÀÌÁÖ ½Ã ÀϺΠ¿ÏÀüÇÑ ¸Å°³º¯¼ö ÇÊ¿ä 7.2 ·¹Áö½ºÆ®¸® ÀÌÁÖ¸¦ Áß´ÜÇصµ LDAP·Î DCE µ¥ÀÌÅÍ ÀüÆÄ Áö¼Ó 7.3 LDAP ½½·¡À̺ê ÀÌÁÖ ½ÇÆÐ 7.4 LDAP ¸¶½ºÅÍ ÀÌÁÖ ½ÇÆÐ 7.5 ÀÌÁÖ Áß Æ¼ÄÏ ¸¸±â ÈÄÀÇ ¸Þ½ÃÁö 8.0 SECD Àç½ÃÀÛ Á¶°Ç 8.1 SSLÀ» »ç¿ëÇÏ¿© Å° µ¥ÀÌÅͺ£À̽º ÆÄÀÏÀ» º¯°æÇϱâ À§ÇØ secd Àç½ÃÀÛ 8.2 LDAP_SERVER_DOWN Á¶°Ç 9.0 TRY PE_SITE ȯ°æ º¯¼ö¸¦ »ç¿ëÇÏ¿© ·¹Áö½ºÆ®¸® ¼±Åà 9.1 CDS 1Â÷ ¼­¹ö¸¦ Ç×»ó ÇöÀç º¸¾È ¼­¹ö·Î ÁöÁ¤ 9.2 °­Á¦ ÀÌÁÖ¿¡¼­ pe_site ÆÄÀÏ¿¡ Ãß°¡ º¸¾È ¼­¹ö IP ÁÖ¼Ò ÇÊ¿ä 10.0 LDAP »ç¿ë ½Ã ·¹Áö½ºÆ®¸® Á¦ÇÑ»çÇ× 10.1 À̸§ÁöÁ¤ Á¦ÇÑ»çÇ× 10.2 ±âÁ¸ LDAP °èÁ¤ »èÁ¦ ºÒ°¡ 11.0 ±âŸ 11.1 dcebackÀÌ ¹é¾÷ÇÒ ¼ö ¾ø´Â ÆÄÀÏÀÇ ¼öµ¿ ¹é¾÷ 11.2 ºÐÇÒ ±¸¼º ȯ°æ¿¡¼­ IP ÁÖ¼Ò º¯°æ 11.3 DCE ¹®¼­ - start_dcedoc 12.0 ÁÖÀÇ»çÇ× 12.1 »óÇ¥ ¹× ¼­ºñ½ºÇ¥ ===================================================== 1.0 README ADDENDA¿¡ ´ëÇÑ Á¤º¸ ÀÌ ÆÄÀÏ¿¡´Â AIX ¹× Solaris¿ë DCE ¹öÀü 3.2¿Í ÇÔ²² Á¦°øµÈ README ÆÄÀÏ¿¡ ´ëÇÑ Ãß°¡ º¯°æ ¹× °»½Å »çÇ×ÀÌ ¼ö·ÏµÇ¾î ÀÖ½À´Ï´Ù. Âü°í: ¸í·É¿¡ µû¿ÈÇ¥¸¦ ³ÖÁö ¸¶½Ê½Ã¿À. ===================================================== 2.0 LDAP °í·Á»çÇ× ===================================================== 2.1 IBM SecureWay(R) Directory ¼­¹ö¿¡ ´ëÇÑ E-fix "DCE Security Registry and LDAP Integration Guide"ÀÇ "Chapter 2, Planning Considerations"¿¡ ÀÖ´Â "Supported versions of LDAP" Àý¿¡¼­ ´ÙÀ½ ¹®ÀåÀÌ Æ²·È½À´Ï´Ù. "The IBM SecureWay Directory client requires a minimum e-fix of 3.2.2-SWD-0001". ¾ÕÀÇ ¹®ÀåÀº ´ÙÀ½À¸·Î ´ëüÇØ¾ß ÇÕ´Ï´Ù. "The IBM SecureWay Directory server requires a minimum e-fix of 3.2.1-SWD-004". ¶ÇÇÑ SolarisÀÇ UTF-8 ·ÎÄÉÀÏ¿¡¼­ ½ÇÇà ÁßÀ̸é, E-fix 3.2.1-SWD-005°¡ ÇÊ¿äÇÕ´Ï´Ù. ÀÚ¼¼ÇÑ ³»¿ëÀº 5.1 ÀýÀ» ÂüÁ¶ÇϽʽÿÀ. E-fix´Â IBM SecureWay À¥ »çÀÌÆ® www.ibm.com/secureway/directory¿¡¼­ º¼ ¼ö ÀÖ½À´Ï´Ù. ===================================================== 2.2 µ¿½Ã Àбâ/¾²±â ¿ä±¸»çÇ× IBM SecureWay Directory ¼­¹ö¸¦ ¿¹ºñ ÀúÀå¼Ò·Î »ç¿ë ÁßÀ̸é, LDAP ¼­¹ö°¡ µ¿½Ã Àбâ/¾²±â¸¦ »ç¿ëÇϵµ·Ï ¼³Á¤ÇØ¾ß ÇÕ´Ï´Ù. À̸¦ ¼öÇàÇÏÁö ¾ÊÀ¸¸é, LDAP ¹× DCE »çÀÌ¿¡ ±³Âø»óÅ°¡ ¹ß»ýÇÒ ¼ö ÀÖ½À´Ï´Ù. slapd32.conf ÆÄÀÏ¿¡¼­ ´ÙÀ½ ½ºÅÄÀÚ¸¦ ¼öÁ¤ÇÏ¿© LDAP_CONCURRENTRW ¼Ó¼ºÀ» Ãß°¡ÇϽʽÿÀ. dn: cn=Front End, cn=Configuration cn: Front End ibm-slapdSetenv: LDAP_CONCURRENTRW=ON objectClass: top objectClass: ibm-slapdFrontEnd iPlanet/Netscape Directory¿¡¼­´Â µ¿½Ã Àбâ/¾²±â°¡ ±âº» ±¸¼ºÀÔ´Ï´Ù. ===================================================== 2.3 IBM SecureWay Directory ¼­¹ö¿¡¼­ dcecp Ä«Å»·Î±× ¸í·É¿¡ ´ëÇÑ LDAP Å©±â ÇÑ°è º¯°æ "dcecp -c principal cat" ¹× "dcecp -c account cat"¿Í °°Àº dcecp Ä«Å»·Î±× ¸í·ÉÀº ibm-slapdSizeLimit °ªÀÌ ³Ê¹« ³·°Ô ¼³Á¤µÈ °æ¿ì, ¸ðµç ÇÁ¸°½ÃÆÞ µ¥ÀÌÅ͸¦ ¸®ÅÏÇÏÁö´Â ¸øÇÒ ¼öµµ ÀÖ½À´Ï´Ù. ±âº»°ªÀº 500À̸ç, ÀÌ´Â ´ë·« 480°³ÀÇ ÇÁ¸°½ÃÆÞ¿¡ ´ëÇÑ Á¤º¸°¡ ¸®Å쵃 ¼ö ÀÖ´Â °ªÀÔ´Ï´Ù. ibm-slapdSizeLimit´Â /usr/ldap/etc/slapd32.conf¿¡¼­ Á¤ÀÇÇÕ´Ï´Ù. ===================================================== 2.4 ldif2db ¹× º¹Á¦¸¦ »ç¿ëÇÏ´Â CreatorsName ¼Ó¼º krbTrustedAdmObject ¼Ó¼º ¶Ç´Â krbKdcServiceObject ¼Ó¼º¿¡´Â LDAP¿¡¼­ DCE µ¥ÀÌÅ͸¦ ÀÛ¼ºÇÒ °ÍÀ¸·Î ¿¹»óµÇ´Â ¸ðµç »ç¿ëÀÚ³ª ÀÀ¿ëÇÁ·Î±×·¥¿¡ ´ëÇÑ ±¸º° À̸§(DN)ÀÌ ÀÖ¾î¾ß ÇÕ´Ï´Ù. ¿©±â¿¡´Â ¸ðµç DCE º¸¾È ¼­¹ö, ³×Æ®¿öÅ© ÀÎÁõ ¼­ºñ½º KDC ¼­¹ö ¹× ±âŸ LDAP °ü¸® ÀÀ¿ëÇÁ·Î±×·¥ÀÌ Æ÷ÇԵ˴ϴÙ. DCE ¼¿¿¡ ´ëÇÑ LDAP µð·ºÅ丮°¡ µð·ºÅ丮 ¹ÝÀÔ ÅøÀ» »ç¿ëÇÏ¿© º¹¿øµÉ °æ¿ì, ¼¿¿¡ ´ëÇÑ LDAP Ç׸ñÀÇ krbTrustedAdmObject ¼Ó¼º ¶Ç´Â krbKdcServiceObject ¼Ó¼ºÀÌ DCE ½ÃÀÛ ÀÌÀü¿¡ Åø¿¡¼­ »ç¿ëÇÑ ±ÇÇÑ DNÀ» Æ÷ÇÔÇϵµ·Ï °»½ÅµÇ¾î¾ß ÇÕ´Ï´Ù. ldif2db¸¦ »ç¿ëÇÏ¿© IBM SecureWay µð·ºÅ丮¸¦ º¹¿øÇÒ °æ¿ì, ÀÌ´Â LDAP µð·ºÅ丮 °ü¸®ÀÚÀÇ DNÀÔ´Ï´Ù. ¶ÇÇÑ µð·ºÅ丮 ¼­¹öÀÇ º¹Á¦ ±â´ÉÀÌ ·¹Áö½ºÆ®¸®ÀÇ LDAP º¹Á¦º»À» Á¦°øÇÏ´Â µ¥ »ç¿ëµÉ °æ¿ì, LDAP ¸¶½ºÅÍ ¼­¹ö¿¡¼­ ¼¿ Ç׸ñ¿¡ ´ëÇÑ krbTrustedAdmObject ¹× krbKdcServiceObject ¼Ó¼ºÀº °¢ º¹Á¦º»¿¡ ´ëÇØ LDAP Á¦°ø¾÷ü ¶Ç´Â °í°´ÀÌ »ç¿ëÇÏ´Â DNÀ» Æ÷ÇÔÇϵµ·Ï °»½ÅµÇ¾î¾ß ÇÕ´Ï´Ù. ===================================================== 2.5 ½ºÅ°¸¶ ¼öÁ¤ ½Ã ¿À·ù iPlanet Directory ¼­¹ö¿¡ ´ëÇÑ ½ºÅ°¸¶¸¦ ¼öÁ¤ÇÒ °æ¿ì, ½ÃµµÇÑ passwordMinAge ¹× gecos ¼Ó¼º ¼öÁ¤¿¡ ´ëÇØ ¿À·ù°¡ º¸°íµÉ ¼ö ÀÖ½À´Ï´Ù. ÀÌ·¯ÇÑ ¼öÁ¤Àº ¼Ó¼ºÀÇ OID ¶Ç´Â ±¸¹®À» ó¸®ÇÕ´Ï´Ù. ¾î´À ¿À·ùµµ DCE ÀÛµ¿À̳ª iPlanet Directory ¼­¹ö¸¦ »ç¿ëÇÏ´Â ±âŸ ÀÀ¿ëÇÁ·Î±×·¥¿¡ ¿µÇâÀ» ÁÖÁö´Â ¾Ê½À´Ï´Ù. ===================================================== 3.0 AIX °í·Á»çÇ× ===================================================== 3.1 AIX¿¡¼­ °í°´ ÀÀ¿ëÇÁ·Î±×·¥ ½ÇÇà ½Ã °í·Á»çÇ× ÀÀ¿ëÇÁ·Î±×·¥¿¡¼­ ¸Þ½ÃÁö(¶Ç´Â ¿¹¿Ü)°¡ ¹ß»ýÇÒ °æ¿ì: RPC¿¡ ´ëÇÑ ¸Þ¸ð¸®°¡ ¾øÀ½(dce/rpc) ÀÀ¿ëÇÁ·Î±×·¥ÀÌ ±âº» µ¥ÀÌÅÍ Å©±â ÇÑ°èÀÎ 128MB¿¡ µµ´ÞÇÏ¿´À» ¼ö ÀÖ½À´Ï´Ù. ÀÌ·¯ÇÑ ¹®Á¦Á¡À» ±Øº¹ÇÏ·Á¸é ÀÀ¿ëÇÁ·Î±×·¥¿¡ ´ëÇÑ µ¥ÀÌÅÍ Å©±â ÇѰ踦 ´Ã¸®½Ê½Ã¿À. ¶ÇÇÑ »ç¿ë °ø°£ÀÌ 256MBº¸´Ù Å« ÀÀ¿ëÇÁ·Î±×·¥¿¡ ´ëÇؼ­´Â AIX ´ëÇü ¸Þ¸ð¸® ¸ðµ¨ »ç¿ëÀ» °í·ÁÇÒ ¼öµµ ÀÖ½À´Ï´Ù. ===================================================== 3.2 dcecp¿¡ Ãß°¡µÈ dcf_ulimit ¸í·É DCEÀÇ µ¥ÀÌÅÍ Å©±â ulimit¸¸ º¯°æÇÏ°í ½Ã½ºÅÛ¿¡¼­ ½ÇÇà ÁßÀÎ ´Ù¸¥ ÀÀ¿ëÇÁ·Î±×·¥Àº º¯°æÇÏÁö ¾ÊÀ¸·Á¸é, /opt/dcelocal/tcl/user_cmd.tcl ÆÄÀÏ ³»¿¡¼­ "dcecp -c dcf_ulimit" ¸í·ÉÀ» »ç¿ëÇÏ¸é µË´Ï´Ù. user_cmd.tcl ÆÄÀÏ¿¡¼­ ÀÌ ¸í·ÉÀ» »ç¿ëÇÏ´Â ¹æ¹ý¿¡ ´ëÇÑ »ùÇÃÀÌ /opt/dcelocal/tcl/user_cmd.sample.tcl¿¡ ÀÖ½À´Ï´Ù. ÀÌ ¸í·ÉÀÇ ±¸¹®¿¡ ´ëÇؼ­´Â 3.3 ÀýÀ» ÂüÁ¶ÇϽʽÿÀ. ===================================================== 3.3 dcf_ulimit ¸í·É ¸í·ÉÀÌ dcf_ulimit¶ó´Â dcecp¿¡ Ãß°¡µÇ¾ú½À´Ï´Ù. ÀÌ dcf_ulimit´Â ulimitó·³ ÀÛµ¿Çϸç, º¹¼ö ¸í·É ¸Å°³º¯¼ö¸¦»ç¿ëÇÕ´Ï´Ù. dcf_ulimit ¸í·É¿¡¼­ -?, -help ¶Ç´Â help¸¦ ÀÔ·ÂÇϸé, ´ÙÀ½ÀÌ Ç¥½ÃµË´Ï´Ù. dcf_ulimit [-S|-H] -f -c -t -d -s -m -n dcecp(¶Ç´Â tcl ½ºÅ©¸³Æ®) ³»¿¡¼­ ulimit -a ¸í·ÉÀ» »ç¿ëÇÏ¿© ÇöÀç ulimit ¼³Á¤À» º¼ ¼ö ÀÖ½À´Ï´Ù. ±×·¯³ª -a ¸Å°³º¯¼ö´Â dcf_ulimit·Î Áö¿øµÇÁö ¾Ê½À´Ï´Ù. ¿î¿µÃ¼Á¦¿¡¼­ ulimit ¸í·ÉÀº 64ºñÆ® °ªÀ» »ç¿ëÇÕ´Ï´Ù. dcecp´Â 32ºñÆ® ÇÁ·Î±×·¥À̹ǷÎ, setrlimit API¿¡ Àü´ÞÇØ¾ß ÇÏ´Â Á¤¼ö Å©±â¿¡ ÀÇÇØ Á¦Çѵ˴ϴÙ. ´ÙÀ½Àº dcf_ulimit ¸í·ÉÀ» »ç¿ëÇÏ¿© Àü´ÞÇÒ ¼ö ÀÖ´Â ÃÖ´ë°ªÀÔ´Ï´Ù. -f FSIZE 4194303 -c CORE 4194303 -t CPU 2147483647 -d DATA 2097151 -s STACK 2097151 -m RSS 2097151 -n NOFILE 2147483647 Å°¿öµå "unlimited"µµ ¸ðµç ¸Å°³º¯¼ö¿¡ ´ëÇÑ °ªÀ¸·Î Çã¿ëµË´Ï´Ù. ÀϹÝÀûÀ¸·Î dcf_ulimit ¸í·ÉÀº ulimit ¸í·É°ú °°Àº ¹æ½ÄÀ¸·Î ÀÛµ¿ÇÕ´Ï´Ù. ===================================================== 4.0 DCE 3.2 ¼º´É °í·Á»çÇ× ¹× Á¶Á¤ ÆÁ ===================================================== DCE 3.2 ±â´ÉÀ» »ç¿ëÇÏ¿© DCE º¸¾È Á¤º¸¸¦ LDAP µð·ºÅ丮¿¡ ÀÌÁÖÇÒ °æ¿ì °í·ÁÇØ¾ß ÇÒ Æ¯Á¤ ¼º´ÉÀÌ ÀÖ½À´Ï´Ù. ¸Þ¸ð¸® ³» µ¥ÀÌÅͺ£À̽º(·¹°Å½Ã DCEÀÇ ¸ðµ¨)¿¡¼­ µð½ºÅ©ÀÇ µ¥ÀÌÅͺ£À̽º·Î DCE º¸¾È ·¹Áö½ºÆ®¸®¸¦ À̵¿ÇÒ °æ¿ì ¼º´É¿¡ ¿µÇâÀÌ ¹ÌĨ´Ï´Ù. ÀÌ·¯ÇÑ ¿µÇâÀº ¼¿ÀÌ ÀÖ´Â ÀÌÁÖ ´Ü°è¿¡ µû¶ó ´Þ¶óÁý´Ï´Ù. °í°´Àº LDAP¿¡ ¿ÏÀüÈ÷ ÀÌÁÖµÈ ¼¿º¸´Ù ÇÏÀ̺긮µå ¼¿(·¹°Å½Ã º¸¾È ¼­¹ö ¹× °øÁ¸ÇÏ´Â LDAP ¼­¹ö¸¦ Æ÷ÇÔÇÏ´Â ¼¿) ¼º´É¿¡ ´õ ¸¹Àº ¿µÇâÀÌ ¹ÌÄ£´Ù´Â Á¡À» º¼ ¼ö ÀÖ½À´Ï´Ù. ÀÌ´Â LDAP¿Í ·¹°Å½Ã DCE º¸¾È ¼­¹ö·Î °»½Å»çÇ×À» ÀüÆÄÇÏ´Â °Í°ú ¿¬°üµÇ´Â ¿À¹öÇìµå ¶§¹®ÀÔ´Ï´Ù. ÀϹÝÀûÀ¸·Î, º¸¾È ·¹Áö½ºÆ®¸®¸¦ ÀÚÁÖ °»½ÅÇÏ¸ç ±×·¯ÇÑ °»½Å»çÇ׿¡ ¹Ù·Î ¾×¼¼½ºÇÏ´Â DCE ÀÀ¿ëÇÁ·Î±×·¥À» »ç¿ëÇÏ´Â °í°´Àº ´ÙÀ½ Áß Çϳª¸¦ ¼öÇàÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÕ´Ï´Ù. o ¿¬Àå ±â°£ µ¿¾È ÇÏÀ̺긮µå ȯ°æ¿¡¼­ ½ÇÇàÇÏÁö ¸¶½Ê½Ã¿À. o º¸¾È »ç¿ë ½Ã ÀÀ¿ëÇÁ·Î±×·¥ÀÇ º¸¾È ¿äûÀÌ ·¹°Å½Ã DCE º¸¾È ¼­¹ö·Î º¸³»Áöµµ·Ï ¼±ÅÃÇϽʽÿÀ. ´ÙÀ½ Àý¿¡ ¼³¸íµÈ °Íó·³ LDAP ÅëÇÕ ±â´É°ú ¿¬°üµÇ´Â ¸î °¡Áö Ãß°¡ ¼º´É Á¶Á¤ °í·Á»çÇ×ÀÌ ÀÖ½À´Ï´Ù. ===================================================== 4.1 secd Á¶Á¤ ===================================================== 4.1.1 LDAP ¼­¹ö¿¡ ´ëÇÑ º¹¼ö ¿¬°á Á¶Á¤ MAX_CONNECTIONS ȯ°æ º¯¼ö´Â º¸¾È ¼­¹ö°¡ LDAP µ¥ÀÌÅͺ£À̽º¿¡ ´ëÇØ °¡Áö°í ÀÖ¾î¾ß ÇÏ´Â ¿¬°á ¼ö¸¦ °áÁ¤ÇÕ´Ï´Ù. ÇöÀç ±âº»°ªÀº 8À̸ç, ÀÌ´Â ´ëºÎºÐÀÇ °í°´ ȯ°æ¿¡ ÃæºÐÇÑ °ªÀÔ´Ï´Ù. ±×·¯³ª Ãß°¡ ¿¬°áÀÌ ÇÊ¿äÇÒ ¼ö ÀÖ´Â ½Ã³ª¸®¿À°¡ ÀÖ½À´Ï´Ù. ÇϳªÀÇ ¿¹·Î, Áß¿äÇÑ µ¿½Ã ·Î±×ÀÎ ¿öÅ©·Îµå¸¦ ÁöÅÊÇϴ ȯ°æÀ» µé ¼ö ÀÖ½À´Ï´Ù. ¸ÖƼÇÁ·Î¼¼¼­ ȯ°æ¿¡¼­´Â Áõ°¡µÈ ½Ã½ºÅÛ ¿ë·®À» ÀÌ¿ëÇϱâ À§ÇØ ¿¬°á ¼ö¸¦ ´Ã¸± ¼öµµ ÀÖ½À´Ï´Ù. ¾ðÁ¦µçÁö MAX_CONNECTIONS ȯ°æ º¯¼ö¸¦ ¼öÁ¤Çϸé ÇØ´ç ½Ã½ºÅÛÀÇ º¸¾È ¼­¹ö¸¦ ´Ù½Ã ½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù. Áö¿øµÇ´Â ÃÖ´ë ¿¬°á ¼ö´Â 64°³ÀÔ´Ï´Ù. ===================================================== 4.1.2 ÀüÆÄ ½º·¹µå ¼ö Á¶Á¤ º¸¾È ¼­¹ö°¡ ¼¼ °³ÀÎ ¼¿¿¡¼­ ·¹°Å½Ã º¹Á¦º» ¹× LDAP ÀÌÁÖ ¼­¹ö·Î µ¿½Ã ÀüÆĸ¦ ÀÌÇàÇÏ·Á¸é, ¸¶½ºÅÍ º¸¾È ¼­¹ö¿¡¼­ ±âÁ¸ÀÇ MAX_SEC_PROP_THREADS ȯ°æ º¯¼ö¸¦ 2·Î ¼³Á¤ÇϽʽÿÀ. ¼¿¿¡ ³× °³ ÀÌ»óÀÇ º¸¾È ¼­¹ö°¡ ÀÖ´Â °æ¿ì, ½º·¹µå ¼ö´Â secd¿¡ ÀÇÇØ ÀÚµ¿À¸·Î 2·Î Áõ°¡µË´Ï´Ù. ===================================================== 4.1.3 init_repÀÇ °³½ÃÀÚÀÎ secd Á¶Á¤ LDAP·Î ÀÌÁÖÇÏ´Â µ¿¾È º¸¾È ·¹Áö½ºÆ®¸®°¡ ¼ö½ÅµÇ´Â ·¹°Å½Ã º¹Á¦º»À» ÁöÁ¤ÇÏ·Á¸é ¸¶½ºÅÍ º¸¾È ¼­¹ö¿¡¼­ SEC_REP_INIT_FROM_UUID ȯ°æ º¯¼ö¸¦ »ç¿ëÇϽʽÿÀ. ÀÌÁÖ ¼­¹ö¿¡¼­ dcecp ·¹Áö½ºÆ®¸® ÀÌÁÖ ¸í·ÉÀ» ¹ßÇàÇϱâ Àü¿¡ ÀÌ º¯¼ö¸¦ ·¹°Å½Ã º¹Á¦º»ÀÇ UUID(Universal Unique Identifier)·Î ¼³Á¤ÇϽʽÿÀ. UUID¸¦ È®º¸ÇÏ·Á¸é, "sec_admin" ¸í·ÉÀ» ¹ßÇàÇÑ ´ÙÀ½ "lr -all"À» ÀÔ·ÂÇϽʽÿÀ. UUID´Â ¼­¹öÀÇ ÀνºÅϽº IDÀÔ´Ï´Ù. ÀÌ È¯°æ º¯¼ö¸¦ ¼³Á¤ÇÏ°í ³ª¸é, ¸¶½ºÅÍ º¸¾È ¼­¹ö¸¦ Áß´ÜÇÑ ´ÙÀ½ ´Ù½Ã ½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù. ÀÌ È¯°æ º¯¼ö¸¦ »ç¿ëÇϸé ÃʱâÈ­¿¡ ·¹°Å½Ã ¸¶½ºÅÍ°¡ »ç¿ëµÇÁö ¾Ê½À´Ï´Ù. ÃʱâÈ­¿¡ ·¹°Å½Ã ¸¶½ºÅÍ°¡ »ç¿ëµÉ °æ¿ì, ÀÌÁÖ µ¿¾È À¯Áöº¸¼ö ¸ðµå¿¡ ³õÀÔ´Ï´Ù. ·¹°Å½Ã º¸¾È º¹Á¦º»Àº ÀÌ ±â´ÉÀ» ¼öÇàÇÒ ¼ö ÀÖÁö¸¸ LDAP ¼­¹ö´Â ¼öÇàÇÒ ¼ö ¾ø½À´Ï´Ù. SEC_REP_INIT_FROM_UUID ȯ°æ º¯¼ö¸¦ LDAP ½½·¡À̺êÀÇ UUID·Î ¼³Á¤Çؼ­´Â ¾ÈµË´Ï´Ù. ===================================================== 4.2 IBM SecureWay LDAP »ç¿ë ½Ã DB2(R) Á¶Á¤ Âü°í: ÀÌ ÀýÀÇ Áö½Ã»çÇ׿¡¼­´Â »ç¿ëÀÚ°¡ ±âº» LDAP DB2 »ç¿ëÀÚ ID (ldapdb2)¸¦ »ç¿ëÇÑ´Ù°í °¡Á¤ÇÕ´Ï´Ù. ´Ù¸¥ LDAP DB2 »ç¿ëÀÚ ID¸¦ »ç¿ë ÁßÀ̸é ÀûÀýÇÏ°Ô ´ëüÇϵµ·Ï ÇϽʽÿÀ. Ç×»ó DB2 ij½Ã°¡ Ŭ¼ö·Ï I/O ¾×¼¼½º Ƚ¼ö°¡ Àû¾îÁö´Â °ÍÀº ¾Æ´Õ´Ï´Ù. º¸´Ù ³ªÀº °èȹÀº LDAP ij½ÃÀÇ ¿ë·®À» ´Ã¸®´Â °ÍÀÔ´Ï´Ù. ÀϹÝÀûÀ¸·Î, DB2 ¹öÆÛ Ç® Å©±â´Â ÃÖ¼ÒÈ­ÇÏ°í LDAP Ç׸ñ ¹× ÇÊÅÍ Ä³½Ã´Â ÃÖ´ëÈ­ÇϽʽÿÀ. ´ÙÀ½ ¿¹Á¦¿¡¼­´Â AIX ¸í·ÉÀ» »ç¿ëÇÕ´Ï´Ù. LDAP ¼­¹öÀÇ À§Ä¡¿¡ µû¶ó ÀûÀýÇÑ ¿î¿µÃ¼Á¦ ¸í·ÉÀ» »ç¿ëÇϽʽÿÀ. ¿¹Á¦ ´Ü°è - DB2(IBM SecureWay LDAP¸¦ »ç¿ëÇÒ °æ¿ì) 1. DB2 ¼öÆÛÀ¯Àú ldapdb2·Î ·Î±×ÀÎÇϽʽÿÀ. ¿¹: su -ldapdb2 2. ±âÁ¸ SHEAPTHRES(Á¤·Ä Èü ÀÓ°è°ª)¸¦ È®ÀÎÇϽʽÿÀ. ¿¹: db2 get dbm config | grep SHEAP 3. ±âÁ¸ SHEAPTHRES¸¦ 20000À¸·Î Àç¼³Á¤ÇϽʽÿÀ. ¿¹: db2 update db manager config using SHEAPTHRES 20000 4. DB2¸¦ ½ÃÀÛÇϽʽÿÀ. ¿¹: db2start 5. LDAP/DB2¿¡ ¿¬°áÇϽʽÿÀ. ¿¹: db2 connect to ldapdb2 6. ±âÁ¸ BUFFPAGE(¹öÆÛ Ç® Å©±â)¸¦ È®ÀÎÇϽʽÿÀ. ¿¹: db2 get db config for ldapdb2 | grep BUFF 7. ½Ã½ºÅÛ ¸Þ¸ð¸® Å©±â(MB)¸¦ È®º¸ÇϽʽÿÀ. ¿¹: lsattr -E -l mem0 8. DB2¿Í ÇÔ²² Á¦°øµÈ ±âº» BUFFPAGE´Â 1000(4KB ÆäÀÌÁö)·Î ´ëÇü µ¥ÀÌÅͺ£À̽ºÀÇ °æ¿ì ÃæºÐÈ÷ Å©Áö ¾ÊÀ» ¼ö ÀÖ½À´Ï´Ù. ½Ã½ºÅÛÀÇ ¸Þ¸ð¸® ¾çÀÌ Å¬ °æ¿ì(1GB ÀÌ»ó) °øÅë °¨Áö ¹æ½ÄÀ» »ç¿ëÇÏ¿© BUFFPAGE ¾ç¿¡ ÇÒ´çÇÏ´Â ¸Þ¸ð¸® ¾ç(50%´Â ¾Æ´Ô)À» °è»êÇϽʽÿÀ. ´ë·« 512MB ÀÌÇÏÀÇ ¸Þ¸ð¸®¸¦ »ç¿ëÇÏ¿© ½ÇÇàÇÒ °æ¿ì, ¾Ë°í¸®ÁòÀ» µû¸£´Â °ÍÀÌ À¯¿ëÇÕ´Ï´Ù. BUFFPAGE¸¦ Àç¼³Á¤ÇÒ °æ¿ì: db2 update db config for ldapdb2 using BUFFPAGE nnnnn ¿©±â¼­ nnnnnÀº ´ÙÀ½°ú °°ÀÌ °è»êµË´Ï´Ù(½Ã½ºÅÛÀÇ 50%°¡ ¹öÆÛ Ç®¿¡ ÇÒ´ç). nnnnn = ½Ã½ºÅÛ ¸Þ¸ð¸® MB * 50% / 4KB(1 ÆäÀÌÁö = 4KB) 9. BUFFPAGE ¸Å°³º¯¼ö¸¦ ´Ã¸± °æ¿ì, BUFFPAGE ¸Å°³º¯¼ö¿¡¼­ 30ÀÌ Áõ°¡µÉ ¶§¸¶´Ù DBHEAP Å©±âµµ 1¾¿ ´Ã·Á¾ß ÇÕ´Ï´Ù. ±âº» DBHEAP(µ¥ÀÌÅͺ£À̽º Èü)À» È®ÀÎÇÒ °æ¿ì, ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ. ¿¹: db2 get db config for ldapdb2 | grep DBHEAP 10. ¿¹¸¦ µé¾î, DBHEAP¸¦ 1700À¸·Î Àç¼³Á¤ÇÏ·Á¸é ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ. db2 update db config for ldapdb2 using DBHEAP 1700 11. ±âÁ¸ SORTHEAP(Á¤·Ä ¸ñ·Ï Èü)¸¦ È®ÀÎÇϽʽÿÀ. ¿¹: db2 get db config for ldapdb2 | grep SORTHEAP 12. DB2 Database Monitor ÅøÀ» »ç¿ëÇÏ¿© SORTHEAP ¸Å°³º¯¼ö¿¡ ÀûÀýÇÑ °ªÀ» °è»êÇϽʽÿÀ. SORTHEAP¸¦ Àç¼³Á¤ÇÒ °æ¿ì: db2 update db config for ldapdb2 using SORTHEAP nnnn nnnn = BUFFPAGE / 300¾¿ Áõ°¡µÊ 13. ±âÁ¸ MAXLOCKS(ÀÀ¿ëÇÁ·Î±×·¥´ç Àá±Ý ¸ñ·ÏÀÇ ÆÛ¼¾Æ®)¸¦ È®ÀÎÇϽʽÿÀ. ¿¹: db2 get db config for ldapdb2 | grep MAXLOCKS 14. DB2 Database Monitor ÅøÀ» »ç¿ëÇÏ¿© MAXLOCKS ¸Å°³º¯¼ö¿¡ ÀûÀýÇÑ °ªÀ» °è»êÇϽʽÿÀ. MAXLOCKS¸¦ 100À¸·Î Àç¼³Á¤ÇÏ·Á¸é ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ. ¿¹: db2 update db config for ldapdb2 using MAXLOCKS 100 15. ¹öÆÛ Ç®À» Àç¼³Á¤ÇϽʽÿÀ. ¿¹: db2 alter bufferpool ibmdefaultbp size -1 (Âü°í: -lÀº LÀÌ ¾Æ´Ï¶ó "1"(¼ýÀÚ)ÀÔ´Ï´Ù.) 16. À§ÀÇ º¯°æ»çÇ×ÀÌ Àû¿ëµÇµµ·Ï db2¸¦ ´Ù½Ã ½ÃÀÛÇϽʽÿÀ. ¿¹: db2stop db2start DB2 Á¶Á¤¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ Á¤º¸´Â www.software.ibm.com/data/db2/library¸¦ ÂüÁ¶ÇϽʽÿÀ. ===================================================== 4.3 LDAP Á¶Á¤ LDAP ¼º´ÉÀº ´Ù¾çÇÑ ¿ä¼Ò¿¡ ÀÇÇØ ¿µÇâÀ» ¹Þ½À´Ï´Ù. ±âº» ±¸¼ºÀÇ º¯°æ»çÇ×À» Á¶Á¤ ¹× ÀÛ¼ºÇÏ´Â °ÍÀº ¼º´É Çâ»ó¿¡ Áß¿äÇÕ´Ï´Ù. ÀÌ·¯ÇÑ Ä³½Ã ÀÌÁ¡À» ½ÇÇöÇϱâ Àü¿¡ LDAP(IBM SecureWay LDAP¸¦ »ç¿ë ÁßÀÎ °æ¿ì¿¡´Â DB2 ij½Ã Æ÷ÇÔ)¸¦ ä¿ö¾ß ÇÕ´Ï´Ù. Ç׸ñ ¹× ÇÊÅ͸¦ Æ÷ÇÔÇÏ¿© ¸î °¡ÁöÀÇ LDAP ij½Ã À¯ÇüÀÌ ÀÖ½À´Ï´Ù. ƯÁ¤ °í°´ ȯ°æÀ» ±âÃʷΠij½ÃÇÒ Ç׸ñ ¼ö¸¦ ¼±ÅÃÇϽʽÿÀ. ÃÖ»óÀÇ Å©±â¸¦ ã±â À§ÇØ ½ÇÇèÀ» ÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù. ÀϹÝÀûÀ¸·Î, DB2 ¹öÆÛ Ç® Å©±â´Â ÃÖ¼ÒÈ­ÇÏ°í LDAP Ç׸ñ ¹× ÇÊÅÍ Ä³½Ã´Â ÃÖ´ëÈ­ÇϽʽÿÀ. DCE 3.2 µ¥ÀÌÅͺ£À̽º´Â DCE ½ºÅ°¸¶¸¦ IBM SecureWay LDAP¿¡ ·ÎµåÇÒ ¶§ ÀÚµ¿À¸·Î »öÀÎÈ­µË´Ï´Ù. iPlanet/Netscape Directory ¼­¹ö¸¦ »ç¿ë ÁßÀÏ °æ¿ì, ½ºÅ°¸¶¸¦ ¼öµ¿À¸·Î »öÀÎÈ­ÇØ¾ß ÇÕ´Ï´Ù. µ¿½Ã Àбâ/¾²±â¸¦ »ç¿ëÇÏ¿© LDAP¸¦ ½ÇÇàÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÕ´Ï´Ù. IBM SecureWay Directory¸¦ »ç¿ë ÁßÀÎ °æ¿ì (LDAP_CONCURRENTRW=ON)¿¡¼­ µ¿½Ã Àбâ/¾²±â¸¦ ¼³Á¤ÇØ¾ß ÇÕ´Ï´Ù. iPlanet/Netscape Directory¸¦ »ç¿ë ÁßÀÎ °æ¿ì ±âº»ÀûÀ¸·Î ¼³Á¤µÇ¾î ÀÖ½À´Ï´Ù. µ¿½Ã Àбâ/¾²±â¸¦ ¼³Á¤ÇÏ°í ³ª¸é, slapd¸¦ ´Ù½Ã ½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù. ===================================================== 4.3.1 IBM SecureWay LDAP ¼­¹ö Á¶Á¤ Âü°í: ÀÌ ÀýÀÇ Áö½Ã»çÇ׿¡¼­´Â »ç¿ëÀÚ°¡ ±âº» slapd ±¸¼º ÆÄÀÏ (AIX¿¡¼­ /usr/ldap/etc/slapd32.conf)°ú ±âº» slapd ¿À·ù ·Î±× ÆÄÀÏ(AIX¿¡¼­ /tmp/slapd.errors)À» »ç¿ëÇÏ°í ÀÖ´Â °ÍÀ¸·Î °¡Á¤ÇÕ´Ï´Ù. LDAP ¼­¹ö°¡ ÀÌ·¯ÇÑ ±âº»°ªÀ» »ç¿ëÇÏÁö ¾ÊÀ» °æ¿ì, ÀûÀýÇÏ°Ô ´ëüÇϵµ·Ï ÇϽʽÿÀ. IBM SecureWay slapd.errors ÆÄÀÏ(AIX¿¡¼­ /tmp/slapd.errors, Solaris¿¡¼­ /var/ldap/slapd.errors, NT¿¡¼­ C:\Program Files\IBM\LDAP\tmp\slapd32.errors)ÀÌ Ä¿Áú¼ö·Ï LDAP ¼º´ÉÀÌ ÀúÇ쵃 ¼ö ÀÖ½À´Ï´Ù. ¸¹Àº ¿À·ù°¡ ¹ß»ýÇÒ °ÍÀ¸·Î ¿¹»óµÇÁö´Â ¾ÊÁö¸¸ Àå±â ½ÇÇà ȯ°æ¿¡¼­ ÀÌ ÆÄÀÏÀº °£È¤ º¸Áö ¸øÇÏ°í ³Ñ¾î°¥ ¼ö ÀÖ½À´Ï´Ù. LDAP°¡ ½ÇÇàµÉ ¶§ ÀÌ ÆÄÀÏÀÌ »èÁ¦µÇ°Å³ª À̸§ÀÌ º¯°æµÉ ¼ö ÀÖ½À´Ï´Ù. »õ slapd.errors ÆÄÀÏÀº »èÁ¦µÇ°Å³ª À̸§ÀÌ º¯°æµÉ ¶§ ÀÚµ¿À¸·Î ÀÛ¼ºµË´Ï´Ù. IBM SecureWay LDAP ¼­¹ö ij½Ã¿¡¼­ ij½Ã Å©±â¿¡ Á÷Á¢ ¿µÇâÀ» ÁÖ´Â ³× °¡Áö ȯ°æ º¯¼ö°¡ ÀÖ½À´Ï´Ù. ÀÌ °ªµéÀº ƯÁ¤ ȯ°æ¿¡¼­ Ç÷§Æû, ¸Þ¸ð¸® Å©±â, ¿öÅ©·Îµå µîÀÇ ¿µÇâÀ» ¹Þ½À´Ï´Ù. º¯¼öÀÇ °ªÀ» ¼³Á¤Çϱâ À§ÇØ ÀÚÁÖ »ç¿ëµÇ´Â ¹æ¹ýÀº /usr/ldap/etc/slapd32.conf ÆÄÀÏÀ» »ç¿ëÇÏ´Â °ÍÀÔ´Ï´Ù. ¿¹Á¦ ´Ü°è - IBM SecureWay LDAP 1. ´ÙÀ½À» LDAP ±¸¼º ÆÄÀÏ¿¡ Ãß°¡ÇϽʽÿÀ. /usr/ldap/etc/slapd32.conf: #ADDED LDAP TUNING dn: cn=Front End, cn=Configuration objectclass: top objectclass: ibm-slapdFrontEnd #Turn on concurrent read/write. This can prevent race conditions #that could result in entries being returned that no longer #match the search filter. This locking mechanism can have a #dramatic impact on the performance of LDAP searches when #update operations are in progress. Default is FALSE. #Note that this variable can be set to ON or TRUE in v3.2.2 #of IBM SecureWay LDAP. ibm-slapdSetEnv: LDAP_CONCURRENTRW=ON #RDBM_CACHE_SIZE=; Default is 1000. #Specifies the maximum numbers of entries to keep in the Entry cache. ibm-slapdSetEnv: RDBM_CACHE_SIZE=100000 #RDBM_FCACHE_SIZE=; Default is one fourth of the size of the #RDBM_CACHE_SIZE. #Specifies the maximum number of entries to keep in the search filter #cache. ibm-slapdSetEnv: RDBM_FCACHE_SIZE=100000 #ACLCACHE=; Default is YES. #Controls whether or not the server caches ACL information. ibm-slapdSetEnv: ACLCACHE=YES #ACLCACHESIZE=; Default is = RDBM_CACHE_SIZE. #Specifies the maximum number of entries to keep in the ACL cache. ibm-slapdSetEnv: ACLCACHESIZE=25000 2. LDAP ¼­¹ö¸¦ Áß´ÜÇϽʽÿÀ. 3. AIXÀÇ °æ¿ì, LDAP ¼­¹ö¸¦ ´Ù½Ã ½ÃÀÛÇϱâ Àü¿¡ ´ÙÀ½ ȯ°æ º¯¼ö¸¦ ¹ÝÃâÇϽʽÿÀ. export MALLOCMULTIHEAP=heaps:n (n = ÇØ´ç LDAP È£½ºÆ® ±â°èÀÇ ÇÁ·Î¼¼¼­ ¼ö + 1) 4. LDAP ¼­¹ö¸¦ ½ÃÀÛÇϽʽÿÀ. ===================================================== 4.3.2 iPlanet/Netscape LDAP ¼­¹ö Á¶Á¤ iPlanet/Netscape Directory ¼­¹ö¸¦ »ç¿ë ÁßÀ̸é, ÇØ´ç Á¦Ç°¿¡ ´ëÇØ »ç¿ë °¡´ÉÇÑ ¹®¼­¿¡¼­ ¼º´É Á¶Á¤ Á¤º¸ ¹× ÆÁÀ» °ËÅäÇϽʽÿÀ. ƯÈ÷, 2001³â 5¿ù ³¯Â¥ÀÇ "iPlanet Directory Server Performance Tuning Guide"¿¡´Â "Top 10 List of Performance Tuning Tips"°¡ ÀÖ½À´Ï´Ù. ½ºÅ°¸¶´Â iPlanet/Netscape Directory ¼­¹ö¸¦ »ç¿ëÇÒ ¶§ ¼öµ¿À¸·Î »öÀÎÈ­ÇØ¾ß ÇÕ´Ï´Ù. iPlanet/Netscape Directory ¼­¹ö´Â µ¥ÀÌÅ͸¦ ¸Þ¸ð¸®¿¡ ij½ÃÇÕ´Ï´Ù. ÀÌ·¯ÇÑ Àθ޸𸮠ij½Ã ¿ª½Ã Á¶Á¤ °¡´ÉÇÕ´Ï´Ù. ¿¹Á¦ ´Ü°è - iPlanet/Netscape LDAP ´ÙÀ½ DCE LDAP ¼Ó¼ºÀ» µ¿ÀÏÇÑ »öÀÎ ¼Ó¼ºÀ¸·Î ±¸¼ºÇϽʽÿÀ. - krbRealmName-v2 - krbPrincipalName - krbPolicyName - krbKeyVersion - dceDirName - dceXattrName - dceGroupName - dceUUID - unixID DCE LDAP ÀÌÁÖ¸¦ ¼öÇàÇϱâ Àü¿¡ iPlanet/Netscape LDAP¸¦ »ç¿ëÇÏ¿© ÃÖ´ë Ç׸ñ ij½Ã Å©±â ¹× µ¥ÀÌÅͺ£À̽º ij½Ã Å©±â °ªÀ» °è»êÇÏ¿© ¼³Á¤ÇϽʽÿÀ. Ç׸ñ ij½Ã Å©±â(cachesize)´Â ij½ÃÀÇ ¸Þ¸ð¸® Å©±â°¡ ¾Æ´Ï¶ó ij½Ã ´ç Ç׸ñ ¼ö¸¦ ÁöÁ¤ÇÕ´Ï´Ù. ±âº» ±ÔÄ¢Àº ij½Ã ¸Þ¸ð¸®ÀÇ 75%¸¦ dbcachesize Àü¿ëÀ¸·Î ÁöÁ¤ÇÏ°í 25%¸¦ Ç׸ñ ij½Ã Å©±â·Î ÁöÁ¤ÇÏ´Â °ÍÀÔ´Ï´Ù. "The iPlanet Market Maker 1.0 Deployment Guide"ÀÇ 6Àå, "Performance Tuning and Monitoring"¸¦ ÂüÁ¶ÇϽʽÿÀ. LDAP ¼­¹ö ±¸¼º ÆÄÀÏ¿¡¼­ cachesize ¹× dbcachesize°¡ »õ °ªÀ» °®µµ·Ï °»½ÅÇØ¾ß ÇÕ´Ï´Ù. LDAP ¼­¹ö¸¦ ´Ù½Ã ½ÃÀÛÇÏ¿© ÀÌÀü Á¶Á¤ »çÇ×À» Àû¿ëÇϽʽÿÀ. iPlanet/Netscape¿¡ ´ëÇÑ 4.13, 5.0 ¹× ±âŸ ±ÇÀå»çÇ× Á¶Á¤¿¡ ´ëÇؼ­´Â http://docs.iplanet.com/docs/manuals/directory.html¸¦ ÂüÁ¶ÇϽʽÿÀ. ===================================================== 4.4 Çϵå¿þ¾î °í¼Ó ±â°è ¹× Ãß°¡ ¸Þ¸ð¸®´Â ÀÌ ±â´ÉÀ» Å×½ºÆ®ÇÒ ¶§ ¼º´É¿¡¼­ »ó´çÇÑ Â÷À̸¦ º¸ÀÔ´Ï´Ù. IBM Å×½ºÆ® ½Ã³ª¸®¿À´Â º¸¾È ·¹Áö½ºÆ®¸®¿¡ LDAP¸¦ »ç¿ëÇÏ´Â DCE ¼¿ÀÇ ¼º´ÉÀÌ LDAP¸¦ ½ÇÇàÇÏ´Â ½Ã½ºÅÛÀÇ ¿ë·®°ú Á÷Á¢ °ü·ÃÀÌ ÀÖÀ½À» º¸¿©ÁÝ´Ï´Ù. IBM ½ºÆ®·¹½º Å×½ºÆ®´Â LDAP/DB2 ¼­¹ö ±â°è·Î 4GBÀÇ ¸Þ¸ð¸®°¡ ÀÖ´Â IBM eServer pSeries(TM) 620 ¸ðµ¨ 6F1À» »ç¿ëÇÏ¿© ½ÇÇàµÇ¾ú½À´Ï´Ù. LDAP ¹× DB2 ij½Ã¿¡ ¸ðµÎ ÃæºÐÇÑ ¸Þ¸ð¸®°¡ ÇÊ¿äÇÕ´Ï´Ù. ±ÇÀåµÇ´Â ÃÖ¼Ò ¸Þ¸ð¸® ±¸¼ºÀº 128MBÀÔ´Ï´Ù. I/O ¼º´É °³¼±À» À§ÇØ LDAP/DB2 ¼­¹ö ±â°è¿¡ µå¶óÀ̺긦 Ãß°¡ÇÒ °ÍÀ» °í·ÁÇϽʽÿÀ. I/O¿¡¼­ ´ë±âÇÏ´Â µ¥ ¼Ò¿äµÇ´Â ½Ã°£ ¹éºÐÀ²À» °¨½ÃÇÒ ¼ö ÀÖ½À´Ï´Ù(¿¹¸¦ µé¾î, vmstat À¯Æ¿¸®Æ¼ »ç¿ë). 0%°¡ ¾Æ´Ï¸é, µ¥ÀÌÅͺ£À̽º°¡ I/O ¹ÙÀεåµÉ °ÍÀ» ¾Ï½ÃÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ´Â LDAP°¡ È¿À²ÀûÀ¸·Î ä¿öÁö°í ÀÖÀ½À» Ç¥½ÃÇÒ ¼ö ÀÖ½À´Ï´Ù. I/O ´ë±â ½Ã°£ÀÌ 0%¿¡ µµ´ÞÇÒ ¶§±îÁö µ¥ÀÌÅͺ£À̽º ¹öÆÛ Å©±â¸¦ ´Ã¸®´Â °ÍÀÌ ÀϹÝÀûÀ¸·Î °¡Àå È¿À²ÀûÀÎ ¹æ¹ýÀÔ´Ï´Ù. ===================================================== 4.5 ³×Æ®¿öÅ© µ¿ÀÏÇÑ ±â°è¿¡¼­ LDAP ¼­¹ö¿Í DCE º¸¾È ÀÌÁÖ ¼­¹ö¸¦ ½ÇÇàÇÏ¸é ¼º´ÉÀ» Çâ»ó½Ãų ¼ö ÀÖ½À´Ï´Ù. ƯÈ÷ ÀÌÁÖ Áß¿¡´Â ´õ¿í ¼º´ÉÀÌ Çâ»óµË´Ï´Ù. ³×Æ®¿öÅ©¸¦ °ÅÃÄ SSLÀ» »ç¿ëÇϸé Áß¿äÇÑ ¼º´É ¿µÇâÀ» ¹ÌÄ¥ ¼ö ÀÖ½À´Ï´Ù. ÀüÆÄ ¹× °»½Å È°µ¿ Ƚ¼ö°¡ Áõ°¡ÇÒ ¼öµµ ÀÖ½À´Ï´Ù. ===================================================== 4.6 Ãʱâ ÀÌÁÖ ±â´ë »çÇ× ÀÌÁÖ ¼­¹ö¸¦ °æÀ¯ÇÏ¿© LDAP·Î º¸¾È ·¹Áö½ºÆ®¸®¸¦ Ãʱâ ÀÌÁÖ½ÃÅ°¸é ·¹°Å½Ã º¹Á¦º»ÀÇ ÃʱâÈ­º¸´Ù ÇöÀúÇÏ°Ô ¸¹Àº ½Ã°£ÀÌ ¼Ò¿äµË´Ï´Ù. 10,000 ÇÁ¸°½ÃÆÞ/°èÁ¤ ·¹Áö½ºÆ®¸® ȯ°æ¿¡¼­ ·¹°Å½Ã º¹Á¦º»À¸·Î ÀÌÁÖÇÏ´Â µ¥ ¸î ºÐÀÌ ¼Ò¿äµÇ´Â ¹Ý¸é, LDAP ȯ°æ¿¡¼­´Â °ÅÀÇ 15½Ã°£ÀÌ ¼Ò¿äµÉ ¼ö ÀÖ½À´Ï´Ù. ===================================================== 4.7 DCE ÀÀ¿ëÇÁ·Î±×·¥ °í·Á»çÇ× ÇÏÀ̺긮µå ¼¿, º¹Á¦, ƯÈ÷ º¸¾È Á¤º¸ ÀüÆÄ ½Ã LDAP µ¥ÀÌÅͺ£À̽º¿¡ µµ´ÞÇÏ´Â µ¥ ¸¹Àº ½Ã°£ÀÌ ¼Ò¿äµÉ ¼ö ÀÖ½À´Ï´Ù. º¸¾È Á¤º¸¸¦ °»½ÅÇÏ°í Áï½Ã ±× µ¥ÀÌÅÍ¿¡ ¾×¼¼½ºÇÏ´Â °í°´ ÀÀ¿ëÇÁ·Î±×·¥Àº "·¹Áö½ºÆ®¸® ¿ÀºêÁ§Æ®¸¦ ãÀ» ¼ö ¾øÀ½" ¿À·ù¸¦ »ý¼ºÇÒ ¼ö ÀÖ½À´Ï´Ù. ¿À·ù ¹ß»ý ¿øÀÎÀº Á¤º¸¸¦ LDAP¿¡ °¡Á®¿À´Â µ¥ ÇÊ¿äÇÑ ÀüÆÄ Áö¿¬ÀÔ´Ï´Ù. ¸î °¡ÁöÀÇ ¹æ¹ýÀ¸·Î ÀÌ·¯ÇÑ ¹®Á¦Á¡À» ¿ÏÈ­½Ãų ¼ö ÀÖ½À´Ï´Ù. ÇÑ °¡Áö ¹æ¹ýÀº pe_site ÆÄÀÏÀ» »ç¿ëÇÏ´Â °ÍÀÔ´Ï´Ù. TRY_PE_SITE ȯ°æ º¯¼ö¸¦ »ç¿ëÇÏ°í, LDAP ÀÌÁÖ ¼­¹ö°¡ pe_site ÆÄÀÏ¿¡¼­ ù ¹ø° Ç׸ñÀÌ µÇÁö ¾Êµµ·Ï º¸¾È ¼­¹öÀÇ ¼ø¼­¸¦ ÁöÁ¤ÇϽʽÿÀ. ±×·¯¸é ÀÀ¿ëÇÁ·Î±×·¥Àº ÀüÆÄ Áö¿¬ÀÌ Áß¿äÇÏÁö ¾ÊÀº ·¹°Å½Ã secd ¼­¹ö¿¡ ¹ÙÀεåÇÕ´Ï´Ù. ¶Ç ´Ù¸¥ ¹æ¹ýÀº ±âÁ¸ ÀÀ¿ëÇÁ·Î±×·¥¿¡ Äڵ带 Ãß°¡ÇÏ¿© ÀüÆÄ¿¡ ÇÊ¿äÇÑ ½Ã°£ÀÌ °»½ÅµÇµµ·Ï Çã¿ëÇÑ ÈÄ ¿À·ù ¹ß»ý ½Ã Àç½ÃµµÇϵµ·Ï ÇÏ´Â °ÍÀÔ´Ï´Ù. ¼¿ÀÌ ¿ÏÀüÈ÷ LDAP¿¡ ÀÌÁÖµÇ°í ³ª¸é ÀüÆÄ´Â ´õ ÀÌ»ó ¹ß»ýÇÏÁö ¾Ê½À´Ï´Ù. ===================================================== 4.8 »ç¿ëÀÚ ÀÛ¾÷(·Î±×ÀÎ, ¾ÏÈ£ º¯°æ) IBMÀº LDAP ¼­¹ö¿¡ ´ëÇÑ º¹¼ö ¿¬°á Áö¿øÀ» ±¸ÇöÇÏ¿©, µ¿½Ã ·Î±×ÀÎ È°µ¿ÀÇ ¼º´ÉÀ» Çâ»ó½ÃÄ×½À´Ï´Ù. ȯ°æ º¯¼ö MAX_CONNECTIONS¿¡ ´ëÇÑ ¼³¸íÀº ¾ÕÀÇ "secd Á¶Á¤" ÀýÀ» ÂüÁ¶ÇϽʽÿÀ. »ç¿ëÀÚ´Â ¾ÏÈ£¸¦ º¯°æÇÑ ÈÄ ¹Ù·Î ·Î±×ÀÎÇÒ °æ¿ì¿¡ °£È¤ ÀüÆÄ Áö¿¬À» °æÇèÇÒ ¼ö ÀÖ½À´Ï´Ù. Ãʱ⠽ÇÆд ¾ÏÈ£ º¯°æÀÌ ¾ÆÁ÷ LDAP¿¡ ÀüÆĵÇÁö ¾Ê¾Æ¼­ ¹ß»ýÇÒ ¼ö ÀÖ½À´Ï´Ù. »ç¿ëÀÚ°¡ ´Ù½Ã ½ÃµµÇÏ¸é ·Î±×ÀεǾî¾ß ÇÕ´Ï´Ù. ===================================================== 4.9 °ü¸®ÀÚ ÀÛ¾÷(»ç¿ëÀÚ ÀÛ¼º, »ç¿ëÀÚ »èÁ¦) "dcecp -c user create" ¸í·ÉÀÌ Ã£±â¸¦ ¼öÇàÇÏ´Â ¹æ½ÄÀ¸·Î ÀÎÇØ °ü·Ã ´Ü°è¸¦ º°µµ·Î ¼öÇàÇÏ´Â °Íº¸´Ù LDAP¿¡¼­ ¼öÇàÇÏ´Â °ÍÀÌ º¸Åë ¼Óµµ°¡ ´À·ÁÁý´Ï´Ù. ´ÙÀ½°ú °°Àº °³º° dcecp ¸í·ÉÀ» ´ë½Å ½ÇÇàÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÕ´Ï´Ù. principal create group create org create group add member org add member account create "dcecp -c user delete"¿¡ ´ëÇؼ­µµ ¸¶Âù°¡ÁöÀÔ´Ï´Ù. "dcecp -c user create" ¸í·ÉÀ» »ç¿ëÇÏ´Â ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÒ °æ¿ì, ¾ÕÀÇ "DCE ÀÀ¿ëÇÁ·Î±×·¥ °í·Á»çÇ×" Àý¿¡ ÀÖ´Â pe_site ¼³¸íÀ» ÂüÁ¶ÇϽʽÿÀ. pe_site ÆÄÀÏÀ» »ç¿ëÇÏ¿© ¿äûÀ» ·¹°Å½Ã secd ¼­¹ö¿¡ "º¸³»¾î" ÀÌÁÖ µµÁß ÀÌÁÖ ¼­¹ö·ÎºÎÅÍ ºÐ¸®Çϸé ÀüÆÄ Áö¿¬ÀÌ ¾î´À Á¤µµ ¿ÏÈ­µÉ ¼ö ÀÖ½À´Ï´Ù. ===================================================== 5.0 ·ÎÄÉÀÏ °í·Á»çÇ× ===================================================== 5.1 UTF-8¿¡ ´ëÇÑ Solaris LDAP Ŭ¶óÀ̾ðÆ® ¹®Á¦Á¡(Solaris¸¸ ÇØ´ç) Solaris¿ë IBM SecureWay Directory V3.2.1 Ŭ¶óÀ̾ðÆ®´Â E-fix 3.2.1-SWD-005°¡ ¼³Ä¡µÈ UTF-8 ·ÎÄÉÀÏ¿¡¼­ ½ÇÇàµÇµµ·Ï Áö¿øÇÕ´Ï´Ù. Solaris UTF-8 ·ÎÄÉÀÏ¿¡¼­ E-fix¸¦ ¼³Ä¡ÇÏÁö ¾Ê°í ½ÇÇàÇÏ´Â µ¿¾È DCE¸¦ »ç¿ëÇÏ·Á°í Çϸé, DCE´Â ´ÙÀ½°ú À¯»çÇÑ LDAP ÀÎÄÚµù ¿À·ù·Î ½ÇÆÐÇÕ´Ï´Ù. 2001-07-09-15:47:53.898-05:00I----- secd ERROR sec ldap ldap_errors.c 666 0xfe8af9bc msgID=0x17122F9F ldap_simple_bind_s returned LDAP_ENCODING_ERROR during rgy_bind_to_ldap_server (1134). ===================================================== 5.2 Áö¿øµÇÁö ¾Ê´Â ·ÎÄÉÀÏ ¼³Á¤¿¡ °ü·ÃµÈ LDAP ½ÇÆÐ IBM SecureWay Directory V3.2.1 Ŭ¶óÀ̾ðÆ®´Â ¿î¿µÃ¼Á¦ÀÇ ·ÎÄÉÀÏ È¯°æ º¯¼ö LANG ¹× LC_ALLÀÌ ±¹Áö È£½ºÆ® ±â°è¿¡¼­ Áö¿øµÇÁö ¾Ê´Â °ªÀ¸·Î ¼³Á¤µÉ °æ¿ì ¿Ã¹Ù¸£°Ô ½ÇÇàµÇÁö ¾Ê½À´Ï´Ù. ¼³Á¤ÀÌ ¿Ã¹Ù¸£Áö ¾ÊÀ¸¸é ´ÙÀ½°ú À¯»çÇÑ DCE ¿À·ù¸¦ ¹ß»ý½ÃÅ°´Â LDAP ¿À·ù¸¦¾ß±âÇÕ´Ï´Ù. 2001-11-02-14:29:12.435-06:00I----- secd ERROR sec ldap ldap_errors.c 666 0xfea8f904 msgID=0x17122F9F ldap_simple_bind_s returned LDAP_ENCODING_ERROR during rgy_bind_to_ldap_server (1332). 2001-11-02-14:29:12.814-06:00I----- secd ERROR sec rs_ns rs_master_LDAP.c 550 0xfea8fbac msgID=0x17122084 Invalid data record ÀÌ·¯ÇÑ ¹®Á¦Á¡À» ÇØ°áÇÏ·Á¸é, LANG and LC_ALL °ªÀ» ±â°è¿¡¼­ Áö¿øµÇ´Â °ªÀ¸·Î ¼³Á¤ÇϽʽÿÀ. ÇöÀç ·ÎÄÉÀÏ ¼³Á¤À» º¸·Á¸é ¿î¿µÃ¼Á¦ "locale" ¸í·ÉÀ» DCE ¼¼¼Ç¿¡¼­ ½ÇÇàÇϽʽÿÀ. AIX¿¡¼­ "locale -a" ¸í·ÉÀº ·ÎÄÉÀÏ ±â°è¿¡ ´ëÇÑ À¯È¿ÇÑ ·ÎÄÉÀÏ ¼³Á¤À» º¸¿©ÁÝ´Ï´Ù. ÇöÀç ·ÎÄÉÀÏ ¼³Á¤ÀÌ ³ª¿­µÇÁö ¾ÊÀ¸¸é, LANG ¹× LC_ALLÀ» ³ª¿­µÈ °ªÀ¸·Î Àç¼³Á¤ÇØ¾ß ÇÕ´Ï´Ù. Solaris¿¡¼­´Â ¿î¿µÃ¼Á¦°¡ ½Ã½ºÅÛ ¸í·ÉÀ» ½ÇÇàÇÏ´Â µ¿¾È °æ°í ¸Þ½ÃÁö "·ÎÄÉÀÏÀ» ¿Ã¹Ù¸£°Ô ¼³Á¤ÇÒ ¼ö ¾øÀ½"À» Ç¥½ÃÇϹǷΠ¿Ã¹Ù¸£Áö ¾ÊÀº ¼³Á¤À» ¹ß°ßÇÒ ¼ö ÀÖ½À´Ï´Ù. ===================================================== 6.0 ÇÊ¿äÇÑ ·¹Áö½ºÆ®¸® ¹öÀü ¼öÁ¤ ===================================================== 6.1 LDAP ¸¶½ºÅÍ·Î ÀÌÁÖÇϱâ Àü¿¡ ¸ðµç º¹Á¦º»ÀÇ ·¹Áö½ºÆ®¸® ¹öÀü ¹øÈ£°¡ °°ÀºÁö È®ÀÎ LDAP ¸¶½ºÅÍ·Î ÀÌÁÖÇϱâ Àü¿¡, DCE º¸¾È ·¹Áö½ºÆ®¸® ¹öÀüÀ» 1.3·Î ³ô¿©¾ß ÇÕ´Ï´Ù. µû¶ó¼­ µÎ ¹öÀüÀ» ¼öÁ¤ÇØ¾ß ÇϹǷÎ, LDAP ¸¶½ºÅÍ·Î ÀÌÁÖÇϱâ Àü¿¡ ¸ðµç º¹Á¦º»ÀÇ ¹öÀü ¹øÈ£°¡ µ¿ÀÏÇÑÁö È®ÀÎÇØ¾ß ÇÕ´Ï´Ù. °è¼ÓÇϱâ Àü¿¡ ¸ðµç º¹Á¦º»¿¡ ´ëÇØ °»½ÅÀÌ ¹ß»ýÇß´ÂÁö °ËÁõÇϱâ À§ÇØ "lr -all"À» ½ÇÇàÇØ¾ß ÇÕ´Ï´Ù. "sec_admin" ¸í·ÉÀ» ¹ßÇàÇÑ ÈÄ "lr -all"À» ÀÔ·ÂÇϽʽÿÀ. ¸ðµç º¹Á¦º»ÀÌ 1.3 ¹öÀüÀÌ°í ÀÏ·Ã ¹øÈ£°¡ °°À¸¸é, LDAP ¸¶½ºÅÍ·Î ÀÌÁÖÇصµ ¾ÈÀüÇÕ´Ï´Ù. ===================================================== 6.2 Registry modify -version ¸í·ÉÀÌ ÀÏ·Ã ¹øÈ£°¡ ÀÏÄ¡ÇÒ ¶§±îÁö ´ë±â DCEÀÇ ÀÌÀü ¸±¸®½º¿¡¼­´Â ªÀº ½Ã°£ ³»¿¡ ·¹Áö½ºÆ®¸® ¹öÀüÀ» µÎ ¹ø ¼öÁ¤ÇÏ´Â °ÍÀº ÀϹÝÀûÀÎ »óȲÀÌ ¾Æ´Ï¾ú½À´Ï´Ù. DCE 3.2¿¡¼­ LDAP ±â´ÉÀ» »ç¿ëÇϱâ À§ÇØ ÀÌÁÖÇÒ °æ¿ì, ¼¿ ·¹Áö½ºÆ®¸® ¹öÀüÀÌ ¾ÆÁ÷ secd.dce.1.2.2a°¡ ¾Æ´Ï¸é(°ø¿ë Å°ÀÇ °æ¿ì), ÃÖ¼ÒÇÑ µÎ ¹øÀº ·¹Áö½ºÆ®¸® ¹öÀüÀ» ¼öÁ¤ÇØ¾ß ÇÕ´Ï´Ù. secd.dce.1.2.2 to secd.dce.1.2.2a ¹× secd.dce.1.2.2a to secd.dce.1.3¿¡¼­ ¹öÀü ¼öÁ¤ DCE´Â ÇÑ ¹ø¿¡ µÎ °³ ÀÌ»óÀÇ ¹öÀüÀÌ À̵¿ÇÏ´Â °ÍÀ» Áö¿øÇÏÁö ¾ÊÀ¸¹Ç·Î, ¶Ç ´Ù¸¥ ¹öÀü¿¡ ´ëÇÑ º¯°æÀ» ÃʱâÈ­Çϱâ Àü¿¡ ÇϳªÀÇ ¹öÀü¿¡ ´ëÇÑ º¯°æÀ» ¿ÏÀüÈ÷ ¼öÇàÇÒ ¼ö ÀÖ´Â ½Ã°£ÀÌ ÇÊ¿äÇÕ´Ï´Ù. º¸¾È º¹Á¦º»Àº µÎ ¹ø°°¡ ½ÃÀ۵DZâ Àü¿¡ ÀüÆĸ¦ »ç¿ëÇÏ¿© ù ¹ø° ¹öÀü º¯°æÀ» ó¸®ÇØ¾ß ÇÕ´Ï´Ù. ±×·¸Áö ¾ÊÀ¸¸é º¸¾È º¹Á¦º»ÀÌ ÇÑ ¹ø¿¡ ¿©·¯ ¹öÀü¿¡ ÀÇÇØ ¹öÀüÀÌ º¯°æµÊÀ» Ç¥½ÃÇÏ´Â ¿À·ù¸¦ ¸®ÅÏÇÕ´Ï´Ù. ·¹Áö½ºÆ®¸® ¹öÀüÀ» º¯°æÇϱâ Àü¿¡, ºÎ¼Ó ¸í·É lr -all°ú ÇÔ²² sec_adminÀ» »ç¿ëÇÏ¿© ¸ðµç º¸¾È º¹Á¦º» ÀÏ·Ã ¹øÈ£°¡ ÃÖ±Ù ¹øÈ£ÀÎÁö °ËÁõÇϽʽÿÀ. ¸ðµç ÀÏ·Ã ¹øÈ£°¡ ÀÏÄ¡Çϸé, ·¹Áö½ºÆ®¸® ¹öÀüÀÌ ¾ÈÀüÇÏ°Ô º¯°æµÉ ¼ö ÀÖ½À´Ï´Ù. ÀÌ·¯ÇÑ È®ÀÎÀº °¢°¢ÀÇ "dcecp -c registry modify -version" ¸í·É ÀÌÀü¿¡ ¼öÇàÇϽʽÿÀ. "dcecp -c registry modify -version" ¸í·ÉÀº sec_rgy_wait_until_consistent¸¦ »ç¿ëÇÏ¿© ÀÌ·¯ÇÑ È®ÀÎÀ» ÀÚü·Î ½ÃµµÇÕ´Ï´Ù. ÀÌ ¸í·ÉÀº ¹öÀü °»½ÅÀ» ó¸®Çϱâ Àü¿¡ º¹Á¦º»¿¡ ¸ðµç °»½Å»çÇ×ÀÌ Àû¿ëµÉ ¶§±îÁö ¸¶½ºÅÍ°¡ ´ë±âÇϵµ·Ï °­¿äÇÕ´Ï´Ù. º¸¾È º¹Á¦º»ÀÇ ÀϺΰ¡ ÃÖ±Ù °ÍÀÌ ¾Æ´Ï¸é, ´ÙÀ½ ¸Þ½ÃÁö°¡ Ç¥½ÃµË´Ï´Ù. "sec_rgy_wait_until_consistent"°¡ ¿Ï·áµÉ ¶§±îÁö ÃÖ´ë 600ÃʱîÁö ±â´Ù¸®½Ê½Ã¿À. ÀÌ ¸Þ½ÃÁö´Â dcecp°¡ sec_rgy_wait_until_consistent ¸®ÅÏÀ» À§ÇØ 15ÃÊ ÀÌ»óÀ» ±â´Ù·Á¾ß ÇÒ °æ¿ì¿¡ Ç¥½ÃµË´Ï´Ù. sec_rgy_wait_until_consistent API°¡ ¸®ÅϵÇÁö ¾ÊÀ¸¸é 10ºÐ ÈÄ¿¡ dcecp°¡ ½Ã°£Á¾·áµË´Ï´Ù. ÀÌ·¯ÇÑ »óȲÀÌ ¹ß»ýÇϸé, ´ÙÀ½ ¸Þ½ÃÁö°¡ Ç¥½ÃµË´Ï´Ù. 0x11315bbd ¼ÒÇÁÆ®¿þ¾î°¡ "sec_rgy_wait_until_consistent" ¿Ï·á¸¦ ±â´Ù¸®´Â Áß¿¡ ½Ã°£Á¾·áµÇ¾ú½À´Ï´Ù. ¹öÀü = secd.dce.1.2.2a ·¹Áö½ºÆ®¸® ¹öÀüÀÌ °»½ÅµÇ±â ÀüÈÄ¿¡ sec_rgy_wait_until_consistent¿¡¼­ dcecp°¡ ½Ã°£Á¾·áµÇ¾ú´ÂÁö ¾Ë ¼ö ÀÖµµ·Ï ÇöÀç ·¹Áö½ºÆ®¸® ¹öÀüÀÌ Ç¥½ÃµË´Ï´Ù. Ç¥½ÃµÇ´Â ¹öÀüÀÌ ¿øÇÏ´Â ¹öÀüÀÌ ¾Æ´Ï¸é, ¸î ºÐ µ¿¾È ±â´Ù·È´Ù°¡ ´Ù½Ã ·¹Áö½ºÆ®¸®¸¦ ¼öÁ¤Çϵµ·Ï ÇϽʽÿÀ. ´ëºÎºÐÀÇ °æ¿ì "dcecp -c registry modify -version" ¸í·ÉÀº ¹öÀü °»½ÅÀÌ ¸ðµç º¸¾È º¹Á¦º»¿¡ ÀüÆĵǵµ·Ï ±â´Ù¸³´Ï´Ù. dcecp°¡ ÀϺΠº¸¾È º¹Á¦º»¿¡¼­ ¸ðµç °»½Å»çÇ×ÀÌ È®º¸µÇÁö ¸øÇßÀ½À» °¨Áö ¸øÇÏ´Â °æ¿ì°¡ ÀÖ½À´Ï´Ù. ¿¹¸¦ µé¾î, ¸¶½ºÅÍ º¸¾È ¼­¹ö°¡ °»½ÅÀ» ³Ö¾úÁö¸¸ º¹Á¦º»ÀÌ Ã³¸®ÇÏÁö ¸øÇ߰ųª º¹Á¦º»ÀÌ ÇöÀç ½ÇÇà Áß »óÅ°¡ ¾Æ´Ò °æ¿ì¿¡ ±×·¸½À´Ï´Ù. ¸ðµç º¸¾È º¹Á¦º»ÀÌ ÃֽŠ¹öÀüÀÌ µÇ±â Àü¿¡ ·¹Áö½ºÆ®¸® ¹öÀüÀ» °»½ÅÇϸé, ÀϺΠº¹Á¦º»¿¡¼­ ¹öÀü ¿À·ù°¡ º¸°íµÉ ¼ö ÀÖ½À´Ï´Ù. ¿À·ù¸¦ º¸°íÇÏ´Â º¸¾È º¹Á¦º» ¼­¹ö°¡ ·¹°Å½Ã º¸¾È º¹Á¦º»À̸é, ±× º¹Á¦º»À» ´Ù½Ã ±¸¼ºÇØ¾ß ÇÕ´Ï´Ù. ¿À·ù¸¦ º¸°íÇÏ´Â º¸¾È º¹Á¦º» ¼­¹ö°¡ LDAP º¸¾È º¹Á¦º»À̸é, ¿À·ù°¡ ¾ø´Â LDAP ½½·¡ÀÌºê ¶Ç´Â ÀÌÁÖ ½½·¡À̺꿡¼­ /opt/dcelocal/var/security/rgy_data/master_info ÆÄÀÏÀ» º¹»çÇϽʽÿÀ. ¿À·ù°¡ ¹ß»ýÇϸé master_info ÆÄÀÏÀÇ ¿ø·¡ ¹öÀüÀ» ÀúÀåÇϽʽÿÀ. ==================================================== 7.0 ÀÌÁÖ °í·Á»çÇ× ¹× °¡´ÉÇÑ ¿À·ù »óȲ ==================================================== 7.1 ·¹Áö½ºÆ®¸® ÀÌÁÖ ½Ã ÀϺΠ¿ÏÀüÇÑ ¸Å°³º¯¼ö ÇÊ¿ä "dcecp -c registry migrate" ¸í·É¿¡¼­ -dce_master_key ¹× -keyring ¸Å°³º¯¼ö¿¡ ¿ÏÀüÇÑ °æ·Î À̸§ÀÌ ÇÊ¿äÇÕ´Ï´Ù. ¸Å°³º¯¼ö Áß Çϳª¿¡ ´ëÇØ ¿ÏÀüÇÏÁö ¾ÊÀº °æ·Î À̸§ÀÌ Á¦°øµÇ¸é, ´ÙÀ½ ¸Þ½ÃÁö°¡ Ç¥½ÃµË´Ï´Ù.