Warning Livedoc is no longer being updated and will be deprecated shortly. Please refer to https://documentation.tjhsst.edu.


Jump to: navigation, search

Sun Java System Directory Server

204 bytes added, 15:18, 14 July 2009
Intranet: Evaluation complete.
See also [[Intranet2]]. While Intranet currently uses [[OpenLDAP]], Sun Directory Server is being considered has also been evaluated for Intranet use. The notes below reflect what has been found so far in that considering process; however, they should be considered out-of-date.
Since there isn't really an Intranet2 functional article, here's a short blurb on the role of LDAP: LDAP is used to store student information. In Intranet 1, MySQL was used exclusively for this purpose, but now LDAP is used for most static student information, including biographical information, class schedule, and contact information. Eighth period, Intranet groups, polls, and several other services are still managed through MySQL since it is better for things that are more likely to change. Access controls are also applied using LDAP and not using Intranet. In this way, by having the Intranet LDAP server run by a staff member, students are not necessarily able to easily access private student information even while retaining administrative privileges over other components of Intranet.
*There is no Sun LDAP instance for testing use with I2 at this time. There was at one point, running DSEE 6.1 on chuku, prior to the "students can see other students private data?" debacle.
*The manager DN for I2 LDAP is "cn=Manager,dc=tjhsst,dc=edu"; if importing from an LDIF, take out the entry from the file since this DN is managed privately.
*Most files referenced below are located in the ds directory /i2 subdirectory on the Sun admin volume.*Anywhere below that it says "ldapadd this", the basic command to use is: <code>ldapadd -h chuku hostname -D "cn=manager,dc=tjhsst,dc=edu" -Wxc -f {filename}</code>. The "-c" argument is recommended so ldapadd will continue trying to add the rest of the LDIF even if it encounters an error with one of the entries in the middle.*The following items are not listed in any particular order, and may be incomplete. ===Schema===*There's a 99iodine_schema.ldif file that works with Sun Directory Server. It was converted from the OpenLDAP by some combination of scripts and temporary files, currently located at sun/ds/schema_convert.Among other things:*Sun DSEE 6.3.1 doesn't have alias support for objectClasses, but does for attribute names.*Sun DSEE 6.3.1 doesn't have support for numericStringSyntax (RFC 2252).
WARNING: ACIs haven't really been worked out yet; the acis.ldif file doesn't have everything that it should for Intranet.
*Delete all of the default ACIs.
*ldapadd the acisacis_full.ldif or the acis_condensed.ldif file.

Navigation menu