NetIQ eDirectory Administration Guide

  NetIQ eDirectory Administration Guide
    Understanding NetIQ eDirectory
      Ease of Management through NetIQ iManager
      Object Classes and Properties
      Context and Naming
      Schema
      Partitions
      Replicas
      Server Synchronization in the Replica Ring
      Access to Resources
      eDirectory Rights
    Designing Your NetIQ eDirectory Network
      eDirectory Design Basics
      Designing the eDirectory Tree
      Guidelines for Partitioning Your Tree
      Guidelines for Replicating Your Tree
      Planning the User Environment
      Designing eDirectory for e-Business
      Understanding the NetIQ Certificate Server
      Synchronizing Network Time
    Managing Objects
      General Object Tasks
      Managing User Accounts
      Configuring Role-Based Services
    Managing Background Process
      Synchronization
      Configuring Background Processes
    Managing the Schema
      Extending the Schema
      Viewing the Schema
      Manually Extending the Schema
      Schema Flags Added in eDirectory 8.7 Onwards
      Using the Client to Perform Schema Operations
    Managing Partitions and Replicas
      Creating a Partition
      Merging a Partition
      Moving Partitions
      Cancelling Create or Merge Partition Operations
      Administering Replicas
      Setting Up and Managing Filtered Replicas
      Viewing Partitions and Replicas
    NetIQ eDirectory Management Utilities
      NetIQ Import Conversion Export Utility
      Index Manager
      eDirectory Service Manager
      Offline Bulkload Utility
      LDIF Files
    Monitoring eDirectory
      Using NetIQ iMonitor
      Using cn=monitor for Monitoring
      Using DSTrace
      DSTrace Messages
      iMonitor Message Filtering
      SAL Message Filtering
    SecretStore Configuration for eDirectory Server
      Linux
      Windows
    Merging NetIQ eDirectory Trees
      Merging eDirectory Trees
      Grafting a Single Server Tree
      Renaming a Tree
      Using the Client to Merge Trees
    Encrypting Data in eDirectory
      Encrypted Attributes
      Encrypted Replication
      Achieving Complete Security While Encrypting Data
    Repairing the NetIQ eDirectory Database
      Performing Basic Repair Operations
      Viewing and Configuring the Repair Log File
      Performing a Repair in NetIQ iMonitor
      Repairing Replicas
      Repairing Replica Rings
      Maintaining the Schema
      Repairing Server Network Addresses
      Performing Synchronization Operations
      DSRepair Options
      Using the Client to Repair a Database
      Graphical DS Repair Utility
    Understanding LDAP Services for NetIQ eDirectory
      Key Terms for LDAP Services
      Understanding How LDAP Works with eDirectory
      Using LDAP Tools on Linux
      Extensible Match Search Filter
      LDAP Transactions
    Configuring LDAP Services for NetIQ eDirectory
      Loading and Unloading LDAP Services for eDirectory
      Verifying That the LDAP Server Is Loaded
      Verifying That the LDAP Server Is Running
      Preventing POODLE Attack by Disabling SSLv3
      Configuring LDAP Objects
      Refreshing the LDAP Server
      Authentication and Security
      Using the LDAP Server to Search the Directory
      Configuring for Superior Referrals
      Persistent Search: Configuring for eDirectory Events
      Getting Information about the LDAP Server
      Configuring Generalized Time Support
      Configuring Permissive Modify Control
      Proxied Authorization Control
      Auditing LDAP Events
    Backing Up and Restoring NetIQ eDirectory
      Checklist for Backing Up eDirectory
      Understanding Backup and Restore Services
      Using Roll-Forward Logs
      Preparing for a Restore
      Using DSBK
      Backing Up and Restoring NICI
      Recovering the Database If Restore Verification Fails
      Scenarios for Backup and Restore
      Disaster Recovery Plan using DSBK
      LDAP-Based Backup
      eDirectory Backup with SMS
    Configuring eDirectory in Suite B Mode
      Enabling Suite B in a New Installation
      Configuring Suite B on Existing Servers
    Enabling Enhanced Background Authentication
      Enabling EBA
      Viewing Information About EBA
      Managing the EBA CA by Using iManager
      Restrictions in eDirectory Operations When EBA Is Enabled
      Backing Up an EBA Enabled Server
      Moving the EBA CA Role to a New Server
    SNMP Support for NetIQ eDirectory
      Definitions and Terminology for SNMP
      Understanding SNMP Services
      eDirectory and SNMP
      Installing and Configuring SNMP Services for eDirectory
      Monitoring eDirectory Using SNMP
      Troubleshooting
    Maintaining NetIQ eDirectory
      Advanced Referral Costing
      Keeping eDirectory Healthy
      Resources for Monitoring
      Upgrading Hardware or Replacing a Server
      Restoring eDirectory after a Hardware Failure
      Subtree Search Performance Improvement
      Container Readiness
    DHost iConsole Manager
      What is DHost?
      Running DHost iConsole
      Managing eDirectory Modules
      Querying for DHost Information
      Process Stack
    Setting the sadmin Password
    The eDirectory Management Toolbox
      Using the Command Line Client
      Using the Logger
      Using the eMBox Client for Backup and Restore
      Using NetIQ iManager for Backup and Restore
    Auditing eDirectory Events
      Auditing with Novell Audit
      Auditing with XDAS
      Journal Event Caching
      LDAP Auditing
    Understanding eDirectory’s Authentication Framework
      NMAS Functionality
      NMAS Software
      Managing Login and Post-Login Methods and Sequences
      Using NMAS to Log In to the Network
      History of NetIQ Passwords
      NMAS HOTP Based Login
      Other Administrative Tasks
      Security Considerations
    Understanding the Certificate Server
      NetIQ Certificate Server Features
      NetIQ Certificate Server Components
      Setting Up NetIQ Certificate Server
      Managing NetIQ Certificate Server
      Public Key Cryptography Basics
      Entry Rights Needed to Perform Tasks
    Managing Passwords
      Understanding Universal Password
      Password Policies
      Deploying Universal Password
      Managing Passwords by Using Password Policies
      Password Self-Service
      Enforcing Case-Sensitive Universal Passwords
      Security Considerations
      Importing Hash Based Passwords Into eDirectory
    NMAS Considerations
      Setting Up a Security Container As a Separate Partition
      Merging Trees with Multiple Security Containers
    NetIQ eDirectory Linux Commands and Usage
      General Utilities
      LDAP-Specific Commands
    Configuring OpenSLP for eDirectory
      Service Location Protocol
      SLP Fundamentals
      Configuration Parameters
    How NetIQ eDirectory Works with DNS
    Configuring GSSAPI with eDirectory
      Concepts
      How Does GSSAPI Work with eDirectory?
      Prerequisites for Configuring GSSAPI
      Configuring the SASL-GSSAPI Method
      Managing the SASL-GSSAPI Method
      Creating a Login Sequence
      How Does LDAP Use SASL-GSSAPI?
      Error Messages
      Commonly Used Terms
    Security Considerations
      LDAP Binds
      Nessus Scan Results
    Configuring the Kerberos Password Agent
      Prerequisites for Configuring Kerberos Password
      Enabling KPA Functionality for a Kerberos Realm
      Kerberos Password Agent
      Universal Password Considerations
    Mapping eDirectory Events with XDAS Events
      Mapping eDirectory Events with XDAS Events
      XDAS Events
    Troubleshooting
      Troubleshooting XDAS
      Troubleshooting SNMP
      Troubleshooting iMonitor
      Troubleshoot iManager
      Troubleshooting Obituaries
      Migrating to NetIQ eDirectory
      Troubleshooting Schema
      Troubleshooting DSRepair
      Troubleshooting Replication
      Troubleshooting Clone DIB Issues
      Troubleshooting NetIQ Public Key Infrastructure Services
      Troubleshooting Utilities on Linux
      Troubleshooting NMAS
      Accessing HTTPSTK When Directory Service Is Not Loaded
      Troubleshooting Data Encryption
      The eDirectory Management Toolbox
      Troubleshooting Issues with SASL-GSSAPI
      Managing Error Logging in eDirectory
      Miscellaneous
      Troubleshooting IPV6 Issues
      Troubleshooting EBA
    Legal Notice