This is probably a simple question, but I am new to ldap and looking for a quick answer to satisfy an audit issue.I need to set up an id to administer access instead of having multiple users login as directory manager?can this be done? How? We tried setting up a new id, but it can not see the directory servers for some reason?
We have sun one directory server 5.2
Thanks
Sure this can be done.
With DS 5.2, you just need to create specific ACI that grants your Administrators access to things they can read or write.
Note that with DS 5.2, there are things that can only be done by Directory Manager.
Directory Server 6.0 has a fully privileged Administrators group by default.
Regards,
Ludovic.
Thanks much for the responses, I will add one last question, is there a good resource to learn how to do this? Is the reference manual the best thing to use.
Conceptually I understand, but I don't know enough about the Sun directory server or any directory server for that matter to go in and actually set it up to do what I want.
Thanks
The Administration Guide is the manual that describes the procedures for settings things up and it is the one that I use most.
To start with Sun Directory Server, the Deployment Planning Guide is worth reading as well, as it introduces concepts and gives higher level pictures of the features.
The reference manual for me is more about a complete reference of commands, schema, structures...
regards,
Ludovic
we set up two new admin id's and then change the password to directory manager using ldapmodify, now directory manager and none of the admins can see anything under the domain root in the sun one console? i.e. we can't see the directory server to administer changes?
Any ideas on what we can do to get this back? should we restart the admin console?
Thanks
