InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.11: SecureWay Directory Version 2.1

6.6.18.11: SecureWay Directory Version 2.1

Overview

Version 2.1 of the SecureWay Directory provides many new enhancements over its predecessor, eNetwork LDAP Directory Version 1.1.1, which was originally only available on AIX 4.3.1. The major enhancements include:

  • DB2 Version 5.0 as the directory data storage facility

  • Alias support

  • Improved search and ACL support

  • Support for popular Web servers

  • Significant scalability

  • Improvements to replication and performance

The IBM SecureWay Directory V2.1 includes an LDAP Version 2 server (RFC 1777,1778, 1779). It is enhanced to support aliases and IETF LDAP Version 3 extensions for SSL, referrals, replication and access control.

SSL provides encryption of data and authentication using X.509v3 public-key certificates. The server may be configured to run with or without SSL support. The server supports LDAP referrals, allowing directories to be distributed across multiple LDAP servers. Replication is supported which makes additional read-only copies of the directory available, improving performance and reliability of access to the directory information. A powerful, easy-to-manage access control model is supported. Configuration and administration of the LDAP Directory is accomplished through an improved web-based interface.

This product is available on AIX, Windows NT/Intel and Solaris platforms. It currently supports ten languages including English, French, German, Italian, Spanish and Brazilian Portuguese on AIX and NT. Catalan is also supported on AIX. It does not support DBCS languages on Solaris.

The SecureWay Directory, Version 2.1 supports up to fifteen million entries with peak sub-second response time for searches.

Performance of the Directory is improved with statement caching and optimization. Multi-threading improvements allow Directory clients to perform true multi-threaded connections and make concurrent operations with the DB2 server. The DB2 program provided with the Directory may only be used by the SecureWay Directory function.

ACL support provides role-based authorization, assigns multiple users ownership of an entry, and removes the requirement to set ACLs on every node to give users access to their own information.

The Web servers Apache, Lotus Domino Go, Netscape FastTrack, and Netscape Enterprise Web servers are supported for LDAP administration.

Directory client access is supported using LDAP or HTTP protocols. Client applications can be developed using the enhanced elements provided for supporting LDAP Version 3 protocols and APIs. Also included is the Java Naming and Directory Interface (JNDI) client API that provides Java applications with access to LDAP-enabled directories. Both clients support access to SecureWay Directories using LDAP Version 2 or Version 3. Directory client applications can be built for Windows NT, Windows 95, Solaris, and HP-UX using the IBM LDAP Client Pack, which can be ordered separately (PRPQ 5799-GAN). Also shipped with the SecureWay Directory is Directory Sample 1, a client application that creates a directory for testing LDAP. Directory Sample 1 is provided without support.

Also shipped with the SecureWay Directory is Directory Sample 1, a client application that creates a directory for testing LDAP. Directory Sample 1 is provided without support.

Standards:

  • RFC 1777 Lightweight Directory Access Protocol

  • RFC 1778 String Representation of Standard Attribute Syntaxes

  • RFC 1779 String Representation of Distinguished Names

  • RFC 1823 LDAP Application Program Interface

  • RFC 1960 A String Representation of LDAP Search Filters

Interoperability/Compatibility: The SecureWay Directory replication interoperates with the OS/390 LDAP Server.

Software requirements

The product supports three operating systems:

  • Microsoft Windows NT (3) Workstation/Server Version 4.0 with service pack 3 or later (NTFS file system is required for security support)

  • Sun Solaris Version 2.5.1 (SunOS 5.5.1) or Version 2.6 (SunOS 5.6) (4)

  • IBM AIX Version 4.2.1 with APAR IX72127; or Versions 4.3.0 and 4.3.1 with APAR IX72439, IX74821, IX75022 and PTF U457544; or Version 4.3.2 (2)

The required IBM Universal Databases are:

  • For NT, one of the following:

    • UDB V5.0 for Windows NT with fixpak US9044f

    • UDB V5.2 for Windows NT

  • For Solaris, one of the following:

    • UDB V5.0 for Solaris with fixpak U457228f

    • UDB V5.2 for Solaris

  • For AIX, one of the following:

    • UDB V5.0 for AIX with fixpak U457227f

    • UDB V5.2 for AIX

For Directory server, the requirements are:

  • One of the following installed and configured Web servers:

    • Apache 1.2.5 or later

    • Lotus Domino Go Webserver 4.6.2 or later

    • Netscape FastTrack Server, Version 2.0.1 or later

    • Netscape Enterprise Server, Version 3.5.1 or later

    • Microsoft IIS 2.0

  • Java Runtime 1.1.6

  • A minimum of 64 MB RAM

  • DB2 for AIX, Version 5.0.0.39, Workgroup Edition
Note:Lotus Domino Go Webserver 4.6.2.5 and Netscape FastTrack Version 3.0.1 are available in the AIX Version 4.2 and 4.3 Bonus Packs. DB2 for AIX, Version 5.0.0.39 is included with the IBM SecureWay Directory. DB2 fixes to upgrade from Version 5.0.0.0 can be found on the Web at URL:

http://www.software.ibm.com/data/db2/library

The Directory client requires:

  • AIX Version 4.2.1, Version 4.3, Version 4.3.1, or Version 4.3.2

  • A frame-enabled browser that supports HTML Version 3.0, or later, and a browser that supports Java Runtime 1.1.6.
Go to previous article: The demo keyring Go to next article: Administering the product messages, logs, and traces (overview)

 

 
Go to previous article: The demo keyring Go to next article: Administering the product messages, logs, and traces (overview)