8.4 Using IPv6 Addresses on the Identity Vault Server

Identity Vault supports both IPv4 and IPv6 addresses. You can enable IPv6 addresses when you install the Identity Vault. If you upgrade from a previous version, you must manually enable IPv6 addresses.

Identity Vault also supports Dual IP stack, Tunneling, and Pure IPv6 transition methods. It supports only the global IP addresses. For example:

  • [::]

  • [::1]

  • [2015::12]

  • [2015::12]:524

You must specify IPv6 addresses within square braces [ ]. To use hostname instead of an IP address, you must specify the name in the etc\hosts file and associate it with the IPv6 address.

8.4.1 Using IPv6 Addresses on Linux Servers

You can use the ndsconfig utility to create trees with an IPv6 address, add servers with IPV6 addresses to existing trees, and specify LDAP URLs for IPv6. For more information about using the utility, see Section 11.1, Modifying the eDirectory Tree and Replica Server with the ndsconfig Utility.

In addition to the ndsconfig utility, you can perform other steps to configure the Identity Vault on a Linux computer that already supports IPv6 addresses:

Enabling IPv6 Addresses on Existing or Upgraded eDirectory Servers

NOTE:You must add the IPv6 address to each configuration file, if the computer has multiple instances configured.

  1. Open the nds.conf file, located by default in the /etc/opt/novell/eDirectory/conf/ directory.

  2. In the file, add the IPv6 interface address with the port number. For example:

    n4u.server.interfaces=164.99.90.148@524,[2015::4]@524,[2015:1234:2345:3456:abcd:bcde:cdef:aaaa]@524
    http.server.interfaces=164.99.90.148@8028,[2015::4]@8028,[2015:1234:2345:3456:abcd:bcde:cdef:aaaa]@8028
    https.server.interfaces=164.99.90.148@8030,[2015::4]@8030,[2015:1234:2345:3456:abcd:bcde:cdef:aaaa]@8030

  3. Restart ndsd using the following commands:

    ndsmanage stopall
ndsmanage startall

Adding LDAP URLS for IPV6 on the LDAP Server Object

If you do not specify the LDAP URLs when you initially configure the Identity Vault, you can use the ldapconfig command or iManager to add them to the ldapInterfaces attribute.

To add LDAP URLs from the command line:

You can use either the ldapconfig set or the ldapconfig -s command. Enter text similar to the following examples:

ldapconfig set "ldapInterfaces=ldap://[2015::3]:389,ldaps://[2015::3]:636"
ldapconfig -s
"ldapInterfaces=ldap://[2015::3]:389,ldapInterfaces=ldaps://[2015::3]:636"

To add LDAP URLs in iManager:

  1. In iManager, click Roles and Tasks.

  2. Click LDAP > LDAP Options.

  3. Click View LDAP Server, and then click the name of the LDAP Server object that you want to configure.

  4. For LDAP Interfaces, click Connections, add LDAP URLS.

  5. Click Apply, and then click OK.

8.4.2 Using IPv6 Addresses on Windows Servers

To use IPv6 addresses on a Windows server, you must select the Enable IPv6 check box under IPv6 Preference during the installation. This option enables the NCP, HTTP, and HTTPS protocols for the IPv6 addresses. If you do not enable IPv6 addresses during the installation process, and then decide to use them later, you must run the setup program again. For more information, see Section 10.0, Installing the Identity Vault on a Windows Server.

You can access iMontior over IPv6 addresses using the following link: http://[2015::3]:8028/nds.