Setting Up eDirectory

The Novell eDirectory^TM system requires a DirXML driver to be installed and configured on each tree for which you will synchronize data. In Installing the Novell DirXML Starter Pack, you should have installed the first DirXML driver for eDirectory. You will configure that driver later in this chapter.

This section explains how to install and configure the second DirXML driver for eDirectory.

To set up synchronization for the second eDirectory tree, complete each of the following sections:

• Prerequisites
• Collecting Configuration Information
• Installing DirXML and the DirXML Driver for eDirectory on Tree 1
• Configuring the DirXML Driver for eDirectory

Prerequisites

• JVM* 1.4

  You can download JVM 1.4. on Novell Software Downloads. The ConsoleOne^® DirXML snap-ins require this version.

• NICI 2.4 or later

  You can download NICI 2.4 or later from Novell Software Downloads.

• Novell eDirectory 8.6.2 or later

  You can download eDirectory 8.6.2 or later from Novell Software Downloads.

• If you plan to use ConsoleOne, ConsoleOne 1.3.3 or later

  You can install ConsoleOne 1.3.3 or later and the latest ConsoleOne DirXML snap-ins at the root of the product CD or from Novell Software Downloads.

  NOTE:  If you are managing DirXML on an eDirectory 8.6.x system, you should use ConsoleOne 1.3.3. There are DClient issues specific to this version of eDirectory.

  If you want to manage DirXML using ConsoleOne 1.3.4 and eDirectory 8.6.x, you should install ConsoleOne on a system where eDirectory is not installed.

Collecting Configuration Information

You'll need to provide a number of system-specific details when you install and configure the DirXML driver for eDirectory. Some of these details can be collected before you complete the following procedures, and others will be defined during the process.

• Required Driver Configuration Information for eDirectory provides you with a place to record configuration data for later use.
• eDirectory Configuration Form is provided for reference; it shows the eDirectory configuration form as it appears in iManager. You will see this form when you configure the DirXML drivers.

During the configuration process, you will need to provide the container names for placement of synchronized objects. For more information about eDirectory placement options, see Default Driver Settings for eDirectory.

Required Driver Configuration Information for eDirectory

IMPORTANT:  The data you supply during configuration is used to build DirXML rules. Often, case is significant to a rule. Mirror case when entering the requested data.

Figure 16
eDirectory Configuration Form

Installing DirXML and the DirXML Driver for eDirectory on Tree 1

1. At the server for your first tree, insert the DirXML CD into the CD drive. Run the installation program.

2. Read the license agreement; if you agree to the terms, click I Accept.

3. On the Components page, select the following items, then click Next.

   • DirXML Engine and Drivers
   • Driver Preconfiguration Files

4. In the Schema Extension page, specify the following:

   • User Name: Specify the context of a user who has rights to extend the schema, for example, CN=admin.O=hq.

   • User Password: Specify the password for the admin or equivalent user you specified.

5. Select the DirXML Driver for eDirectory, then click Next.

6. Select the driver configuration (XML files) for eDirectory, then click Next.

7. Read the Summary page, then click Finish.

   The file copy might take a few minutes.

8. After the installation completes and displays the Installation Complete dialog box, click Close.

9. Continue with the next section, Configuring the DirXML Driver for eDirectory.

Configuring the DirXML Driver for eDirectory

This section explains how to configure the eDirectory driver for the first tree. Configuring the eDirectory driver for the second tree, along with the drivers for Active Directory and NT, is explained in Configuring the DirXML Drivers.

1. From your administrative workstation, launch iManager by going to http://serveripaddress/nps/iManager.html.

   IMPORTANT:  This URL is case sensitive.

2. Authenticate to the first tree.

3. Click DirXML Management > Create Driver.

4. Mark In a New Driver Set, then click Next.

5. Specify a driver set name, browse to the context where you want the driver set object to be created, then browse to the server object representing the server where you installed DirXML.

6. Leave Create a New Partition checked, then click Next.

7. Mark Import a Preconfigured Driver from the Server, select eDir-Driver.xml, then click Next.

8. Using the configuration information you collected earlier, fill in the prompts for information required by the driver.

9. Click Define Security Equivalence, add Admin, then click OK.

   Drivers need rights to read and update data in eDirectory. Assigning a security equivalent is a quick way to provide necessary rights assignments. This option does not provide access to data in the other eDirectory tree.

10. Click Exclude Administrative Roles, add Admin, click OK, then click Next.

    These objects will not be replicated to the other eDirectory tree. We recommend that you add all objects that represent an administrative role (for example, the Admin object) to this list. These objects typically have no function outside of the directory tree that they were created in. Maintaining these objects in only one directory prevents potentially disruptive changes, such as access control or password changes, from causing problems.

11. Click Finish with Overview.

12. The eDirectory driver for Tree 1 is prepared to synchronize data. Complete preparation of other participating systems, then proceed to Configuring the DirXML Drivers.