IBM Directory Server
QuickStart

Version 5.1

First Edition (November 2002)

This edition applies to version 5, release 1, of the IBM^(R) Directory Server and to all subsequent releases and modifications until otherwise indicated in new editions.

(C) Copyright International Business Machines Corporation 1998, 2002. All rights reserved.
U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Preface

This document describes how to install IBM Directory Server version 5.1 through the InstallShield graphical user interface (GUI) using the Typical installation option, for the following platforms:

• Windows NT^(R) 4.0, Windows^(R) 2000, Windows XP. (XP is supported for the client and the Web Administration Tool only.)
• AIX^(R) 4.3.3, 5.1, and 5.2
• Linux RedHat 7.2, 7.3, Red Hat Linux Advanced Server v2.1
• Linux SuSe 7.2, 7.3, and 8.0
• Solaris 7 , 8, and 9

If you want to customize your installation or install on other platforms, do not use this document. Use the IBM Directory Server Version 5.1 Installation and Configuration Guide instead.

Note:

For more information about hardware and software requirements, including required patches and FixPaks, see the IBM Directory Server Version 5.1 Installation and Configuration Guide.

A new graphical user interface (GUI) called the Web Administration Tool is provided in this release for administering servers. The Web Administration Tool is supported on all operating system platforms supported for the client or the server. To install the Web Administration Tool to administer servers, you need the following:

• One of the following application servers:
  • embedded version of WebSphere^(R) Application Server - Express, V5.0 (Provided with IBM Directory Server)
  • Apache Tomcat 4.0.3 (Non-JVM 1.4 version), plus one of the following versions of Java^(TM):
    • IBM version 1.3.1, Service release 2 (and up for 1.3.1, but not 1.4)
    • Sun version 1.3.1_4
    • HP-UX version 1.3.1.06
• One of the following Web browsers:

  On AIX

  • Netscape version 7.0

  On Linux

  • On all Linux distributions: Netscape version 6.2.3, 7.0

  On Solaris 7, 8, or 9

  • Netscape version 6.2.3, 7.0
  • Microsoft^(R) Internet Explorer version 5.0

  On Windows NT, 2000, and XP

  • Microsoft Internet Explorer version 5.5
  • Netscape version 6.2.3, 7.0

IBM Directory Server version 5.1 requires all of these platforms to have a minimum of 256 MB of memory.

The Typical installation uses default values for the installation location and other settings.

Notes:

1. If you do not want to accept the defaults in the Typical installation, do not use this document. Follow the instructions in the IBM Directory Server Version 5.1 Installation and Configuration Guide to use non-default values.

2. To install IBM Directory Server on Linux for S/390^(R), UnitedLinux, or Hewlett-Packard platforms, see the IBM Directory Server Version 5.1 Installation and Configuration Guide.

3. If you have a previous version of IBM Directory Server or a version of SecureWay^(R) Directory installed, do not use this document. See the IBM Directory Server Version 5.1 Installation and Configuration Guide.

Contents

Preface

Installing using the InstallShield GUI

Configuring IBM Directory Server

Loading a sample database

Appendix A. Notices

Index

Installing using the InstallShield GUI

The InstallShield GUI has two installation options: Typical and Custom. This QuickStart focuses on Typical installation. For information about Custom installation, see the IBM Directory Server Version 5.1 Installation and Configuration Guide.

Typical installation uses default settings.

Note:

If you install IBM Directory Server version 5.1 and its components using the InstallShield GUI, you must uninstall IBM Directory Server, if necessary, using the InstallShield GUI. See the IBM Directory Server Version 5.1 Installation and Configuration Guide for more information.

Installing IBM Directory Server version 5.1 on Windows platforms

Use the following information to install the IBM Directory Server on Windows platforms.

Before you install on Windows: creating the DB2(R) database owner

Before you begin installation, create or be sure that you have created a user ID for the user who will own the DB2 database used to store the directory data. (You will provide this user ID during configuration.)

The user ID you specify will own the database instance where the DB2 database will exist, and the instance will be in the user's home directory. The user can be no longer than 8 characters. In addition, the user must be a member of the Administrators group.

Installing on Windows

To begin installing IBM Directory Server version 5.1 on a Windows platform:

1. On the computer where you are installing the IBM Directory Server, stop any programs that are running and close all windows. If you have open windows, the initial IBM Directory Server installation window might be hidden behind other windows.
2. Log on using an Administrator ID.
3. If you are installing from a CD, insert the CD in your CD-ROM drive.

   If the CD-ROM does not automatically start the installation program, click Start->Run.

4. If you are installing locally from a CD or remotely from the network, select the drive for your CD-ROM or for the appropriate network path. If you downloaded a zip or tar file, go to the directory where you unzipped or untarred the file.
5. In the \ismp folder, double-click the setup.exe icon.

   The language window is displayed.

   Note:

   When installing on Windows, if the installation program exits without displaying the language window, it might be caused by backlevel video drivers. Update your video drivers if this happens.

6. Select the language you want to use during IBM Directory Server installation. Click OK.

   Note:

   This is the language used in the installation program, not the language used for storing data in the IBM Directory Server. You choose the language for storing data in the directory database in step 10.

   Note:

   If a previous version of IBM Directory Server or a version of SecureWay Directory is installed on your system, use the instructions in the IBM Directory Server Version 5.1 Installation and Configuration Guide. Do not use this document.

7. On the Welcome window, click Next.
8. After reading the Software license agreement, click I accept the terms in the license agreement. Click Next.
9. Any previously installed components and corresponding version levels are displayed. Click Next.
10. Select the language you want to use in IBM Directory Server 5.1. Click Next.
11. Click Typical and click Next.
12. To install to the default directory, click Next.
13. The following list is displayed:
    • Client SDK 5.1
    • Web Administration 5.1
    • Server 5.1

    Select the features you want to install and click Next.

    Notes:

    1. The Web Administration Tool is a tool for administering servers both locally and remotely. It can be installed with the server or the client, or it can be installed on a computer without the server or client.

    2. If you select to install the server, you must also select to install the client.

    3. If you select Web Administration 5.1 and embedded version of WebSphere Application Server - Express, V5.0 is not installed, it is installed for you.
14. If you selected Server 5.1 in step 13, and DB2 is not installed on your system, DB2 8.1 Enterprise Server Edition will be installed for you. You will see a window prompting you to enter a Windows user ID and password for the DB2 system ID. The user ID default is db2admin.
15. Type the password, and then type the password again for verification.
    • If you are using an existing Windows user ID, be sure the password is correct. Otherwise, DB2 does not install correctly.
    • If you do not want to use an existing user ID, DB2 creates the user ID with the password you type.

    Note:

    This user ID does not need to be the same as the user ID you created before you started installation.

16. Click Next. A window summarizing the components selected for installation and configuration is displayed.

    Note:

    Any corequisite products needed by IBM Directory Server, such as DB2, are automatically installed. These products are listed in the summary described in this step.

    If you want to change any of your selections, click Back. To begin installation, click Next.
17. After the files are installed, the Client README file opens. Read the file and click Next. If you installed the server, the Server README file opens. Read the file and click Next.
18. The restart panel is displayed. You can select to restart now or later. Click Finish.
19. If in the previous step you selected to restart your computer now, the computer starts the restart immediately.

    Note:

    If you installed the server, you must restart your system to complete the IBM Directory Server configuration and to create the DB2 database. You are unable to use the IBM Directory Server product until this is completed. After the restart, the Configuration Tool runs, prompting you for the necessary information to complete server configuration.

20. You have completed a Typical installation. Click Start->Programs->IBM Directory Server 5.1 to see a list of the installed components.

After your computer is restarted, if you installed the server, the Configuration Tool automatically runs, prompting you for the necessary information to complete configuration. To complete configuration, use the instructions in Configuring IBM Directory Server.

Verify the installation and configuration of the IBM Directory Server by loading a sample database. See Loading a sample database for instructions.

Installing IBM Directory Server version 5.1 on a UNIX(R)-based platform

Use the following information to install the IBM Directory Server on UNIX platforms.

Before you install on UNIX: creating the DB2 database owner

Before you install, create a user ID for the user who will own the DB2 database used to store the directory data. (You will provide this user ID during configuration.)

The user ID you specify will own the database instance where the DB2 database will exist, and the instance will be in the user's home directory. The user can be no longer than 8 characters. In addition:

• The user's Primary group can be any general group (such as other, dbsysadm, or db2iadm). There might be some groups that do not work correctly as the user's primary group when configuring the database. For example, if the user's primary group on Linux is users, problems might occur.
• The user root must be a member of the user's primary group. If root is not a member of this group, add root as a member of the group.
• For best results, the user's login shell should be the Korn shell script (/usr/bin/ksh).
• The user's password must be set correctly and ready to use, For example, the password cannot be expired or waiting for a first-time validation of any kind. (The best way to verify that the password is correctly set is to telnet to the same computer and successfully log in with that user ID and password.)
• The user must have a home directory and must be the owner of the home directory.
• The group ownership of the user's home directory must be the user's primary group.
• When configuring the database, it is not necessary, but only customary, to specify the home directory of the user ID as the database location. However, if you specify some other location, the user's home directory still must have 3 to 4 MB of space available. This is because DB2 creates links and adds files into the home directory of the instance owner (that is, the user) even though the database itself is elsewhere.

Installing on UNIX

To begin installing IBM Directory Server 5.1 on a UNIX-based platform:

1. Log in as root.
2. If you are installing from a CD, insert the CD in the CD-ROM drive. Go to the root directory on your CD and invoke setup. A language window is displayed.
3. Select the language you want to use during IBM Directory Server installation. Click OK.

   Note:

   This is the language used in the installation program, not the language used for storing data in the IBM Directory Server. You choose the language for storing data in the directory database in step 7.

   Note:

   If a previous version of IBM Directory Server or a version of SecureWay Directory is installed on your system, do not use this document. See the IBM Directory Server Version 5.1 Installation and Configuration Guide.

4. On the Welcome window, click Next.
5. After reading the Software license agreement, click I accept the terms in the license agreement. Click Next.
6. Any preinstalled components and corresponding version levels are displayed. Click Next.
7. Select the language you want to use in IBM Directory Server 5.1. Click Next.
8. Click Typical and click Next.
9. The following list is displayed:
   • Client SDK 5.1
   • Web Administration GUI
   • Server 5.1

   Select the features you want to install and click Next.

   Notes:

   1. If you select to install the server, you must select to install the client.

   2. The Web Administration Tool is a tool for administering servers both locally and remotely. It can be installed with the server or the client, or it can be installed on a computer without the server or client.

   3. If you select Web Administration 5.1 and embedded version of WebSphere Application Server - Express, V5.0 is not installed, it is installed for you.
10. A window summarizing the components selected for installation and configuration is displayed. If you want to change any of your selections, click Back. To begin installation, click Next.

    Note:

    Any corequisite products needed by IBM Directory Server, such as DB2, are automatically installed. These products are listed in the summary described in this step.

11. After the files are installed, the Client README file opens. Read the file and click Next. If you installed the server, the Server README is also displayed. Read the file and click Next.
12. Click Finish. You have completed a Typical installation.
13. If you installed the server, the Configuration Tool automatically runs, prompting you for the necessary information to complete configuration. To complete configuration, use the instructions in Configuring IBM Directory Server.

Verify the installation and configuration of the IBM Directory Server by loading a sample database. See Loading a sample database for instructions.

Configuring IBM Directory Server

To configure the server, you must:

1. Set the IBM Directory Server administrator DN. Use the instructions in Setting the IBM Directory Server administrator DN and password.
2. Configure the DB2 database that will be used to store the directory data. Use the instructions in Configuring a directory database.

Note:

On Windows, the Configuration Tool is launched during restart, before the system is fully operational. Either configure at that time and then exit the Configuration Tool, or cancel from the Configuration Tool. Restart will not complete until you exit the Configuration Tool. Do not minimize the Configuration Tool window during restart.

You can start the Configuration Tool at any time after restart by typing ldapxcfg at a command prompt.

Setting the IBM Directory Server administrator DN and password

To set the IBM Directory Server administrator DN and password:

1. In the IBM Directory Server Configuration Tool window, click Administrator DN/password in the task list on the left.
2. In the Administrator DN/password window on the right, type a valid DN (or accept the default DN) in the Administrator DN field.

   The IBM Directory Server administrator DN is the DN used by the administrator of the directory. This is the one user who has full access to all data in the directory.

   The default DN is cn=root. DNs are not case-sensitive. If you are unfamiliar with X.500 format, or if for any other reason you do not want to define a new DN, accept the default DN.

3. Type the password for the Administrator DN in the Administrator Password field. You must define a password. Passwords are case-sensitive.

   Record the password for future reference.

4. Retype the password in the Confirm password field.
5. Click OK.

Configuring a directory database

When you configure the database, the Configuration Tool adds information about the database that will be used to store directory data to the configuration file (ibmslapd.conf). In addition, if the database does not already exist, the Configuration Tool creates the database.

Note:

Before configuring the database, be sure that the environment variable DB2COMM is not set.

To configure the directory database:

1. In the Configuration Tool, click Configure database in the task list on the left.
2. The Configuration Tool attempts to determine whether you already have a database. If you have a database already configured (that is, the information for the database is in the configuration file), the Configuration Tool prompts you for information about what you want to do. For example, if the database is configured but cannot be found on the system, you might choose to create a database using the name specified in the configuration file. Use the information shown in the windows that are displayed to configure the database.

   Depending on whether or not you already have a database, some or all of the following windows are displayed.

3. If a window is displayed requesting a user ID and password:
   1. Type a user ID in the User ID field. This user ID must already exist before you can configure the database. (In previous releases, the user ID was created if it did not exist, but this is no longer true.) This is the user ID you created before installation. (See Before you install on Windows: creating the DB2(R) database owner or Before you install on UNIX: creating the DB2 database owner.) The user ID you specify will own the database instance where the DB2 database will exist, and the instance will be in the user's home directory.
   2. Type a password for the user in the Password field. Passwords are case-sensitive.
   3. Click Next.
4. If a window is displayed requesting the database name:
   1. Type the name you want to give the DB2 database. The name can be from 1 to 8 characters long. The database will be created in an instance with the same name as the user ID.
   2. Click Next.
5. If a window is displayed requesting the database location:
   1. Type the location for the database in the Database location field. For Windows platforms, this must be a drive letter. For non-Windows platforms, the location must be a directory name, such as /home/ldapdb2.

      Be sure that you have at least 80 MB of free hard disk space in the location you specify and that additional disk space is available to accommodate growth as new entries are added to the directory.

   2. Click Next.
6. If a window is displayed requesting you to choose a character set:
   1. Click the type of database you want to create. You can create a UCS Transformation Format (UTF-8) database, in which LDAP clients can store UTF-8 character data, or a local code page database, which is a database in the local code page.
   2. Click Next.
7. In the verification window, information is displayed about the configuration options you specified. To return to an earlier window and change information, click Back. To begin configuration, click Finish.
8. The completion window is displayed. Click Close.

Optionally, you can verify the installation and configuration by loading the sample database. See Loading a sample database for instructions.

Loading a sample database

The following information enables you to load a sample database and start the server.

1. In the Configuration Tool, click Manage suffixes in the task list on the left.
2. In the Manage suffixes window, in the SuffixDN field, type o=ibm,c=us. This is the suffix DN that will hold the sample data. Because the sample data is part of the suffix o=ibm,c=us, this is the suffix DN you must add.
3. Click Add.
4. Click OK.

   Note:

   When you click Add, the suffix is added to the list in the Current suffix DNs box; however, the suffix is not actually added until you click OK.

5. In the Configuration Tool, click Import LDIF data in the task list on the left.
6. In the Import LDIF data window on the right, in the Path and LDIF file name field, type one of the following:
   • install_dir\examples\sample.ldif on Windows systems
   • install_dir/examples/sample.ldif on UNIX systems
   Alternatively, you can click Browse to locate the file. install_dir is the directory where you installed IBM Directory Server.
7. Click Standard import.
8. Click Import.
9. After processing is complete, go to a command prompt and type ibmslapd to start the server.

   Messages are displayed while the server is starting. The following message is displayed if the server starts successfully:

   IBM Directory, Version 5.1 Server started.
   

   If the message is not displayed, or if you have problems installing or configuring the IBM Directory Server version 5.1 product, refer to the IBM Directory Server Version 5.1 Installation and Configuration Guide.

You have verified that the sample database is loaded correctly and that the installation is successful.

Use the instructions in Starting the Web Administration Tool to start the Web Administration Tool if you installed it. See the IBM Directory Server version 5.1 Administration Guide for information about using the Web Administration Tool and using the server.

Starting the Web Administration Tool

To start the Web Administration Tool:

1. Start the application server as follows:

   On Windows platforms:

   1. Go to the install_dir\ldap\appsrv\bin directory.
   2. At a command prompt, type startServer.bat server1.

   On UNIX platforms:

   1. Go to the install_dir/ldap/appsrv/bin directory. (On Solaris, go to the opt/ibmldapc/appsrv/bin directory.)
   2. At a command prompt, type startServer.sh server1.

2. From a Web browser, type the following address: http://localhost:9080/IDSWebApp/IDSjsp/Login.jsp

   The IBM Directory Server Web Administration login page window is displayed.

   Note:

   This address works only if you are running the browser on the computer on which the Web Administration Tool is installed. If the Web Administration Tool is installed on a different computer, replace localhost with the hostname of the computer where the Web Administration Tool is installed.

   For information about using the Web Administration Tool, see the IBM Directory Server version 5.1 Administration Guide.

Appendix A. Notices

This information was developed for products and services offered in the U.S.A. IBM might not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:

For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:

The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the information. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this information at any time without notice.

Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.

IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:

Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.

The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us.

Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.

All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only.

All IBM prices shown are IBM's suggested retail prices, are current and are subject to change without notice. Dealer prices may vary.

Trademarks

The following terms are trademarks of International Business Machines Corporation in the United States, or other countries, or both:
AIX
DB2
IBM
S/390
SecureWay
WebSphere

Windows and Windows NT are registered trademarks of Microsoft Corporation.

UNIX is a registered trademark of The Open Group in the United States and other countries.

Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.

Other company, product, and service names may be trademarks or service marks of others.

Index

• administrator DN, configuring (133)
• administrator DN password, configuring (134)

• browsers, supported (104)

• Configuration Tool
  • starting (129)
  • using (127)
• configuring
  • administrator DN password (132)
  • directory database (135)
  • IBM Directory Server (125)
  • IBM Directory Server administrator DN (131)
  • ldapxcfg (128)

• database owner, creating
  • on UNIX (120)
  • on Windows (113)
• directory database
  • configuration (136)
  • creating (137)

• IBM Directory Server
  • configuration (126)
• installation steps
  • on UNIX platforms (123)
  • on Windows platforms (116)
• installing
  • InstallShield GUI (107)
  • on UNIX-based platform (118)
  • on Windows platforms (111)
  • typical (108)
• InstallShield GUI installation (110)

• Konqueror (103)

• ldapxcfg (130)
• loading sample database (139)

• memory requirements (106)
• Microsoft Internet Explorer (102)

• Netscape (100), (101)

• operating system platforms, supported (90)

• platforms, supported (91)

• sample database, loading (138)
• starting Web Administration Tool (142)
• system requirements
  • Web Administration Tool (94)
  • Web browser (96)

• troubleshooting (140)
• typical installation (109)

• UNIX
  • creating database owner (122)
  • installation steps (124)
  • InstallShield GUI installation (119)
  • supported platforms (93)
• user ID, creating
  • on UNIX (121)
  • on Windows (114)

• Web Administration Tool
  • starting (141)
  • system requirements (95)
• Web browsers
  • Konqueror (99)
  • Microsoft Internet Explorer (98)
  • Netscape (97)
  • supported (105)
• Windows
  • creating database owner (115)
  • installation steps (117)
  • InstallShield GUI installation (112)
  • supported platforms (92)