. Administrator's Handbook SUSE. . Edition

MIKE LATIMER JEFFREY HARRIS

Novell PNE55I" FNovell. Published by Pearson Education,Inc. 800 East 96th Street, Indianapolis,Indiana 46240 USA

Table of Contents

PART I: Open Enterprise Server Overview

CHAPTER 1 : Introduction to Open Enterprise Server 3 Instant Access ...... 3 Why Open Enterprise Server? ...... 3 What Is Open Enterprise Server? ...... 4

CHAPTER 2: Installing OES for Linux 9 Instant Access ...... 9 Preparing to Install ...... 9 Configure Installation Source ...... 9 Installing OES Linux ...... 10 Upgrading SLES9 to OES ...... 10 Getting Ready for OES Linux ...... 10 Server Hardware Planning ...... 11 Partition Planning ...... 12 eDirectory Planning ...... 13 Network Preparation ...... 14 Installing OES Linux ...... 14 Preparing to Install OES Linux ...... 15 Installing a New OES Linux Server ...... 20 Upgrading SLES9 to OES Linux ...... 35 Common Post-Installation Tasks for OES Linux ...... 37 Verifying Your OES Linux Installation ...... 37 Post-Install OES Component Configuration ...... 38 Updating OES Linux Components Using Red-Carpet ...... 39

CHAPTER 3: Working with SUSE Linux Enterprise Server 9 41 Instant Access ...... 41 Logging in to Linux ...... 42 Local Account Files ...... 42 The Root Administrator Account ...... 45 The Login Process ...... 46 Switching Identities ...... 48

Novell Open Enterprise Server Administrator's Handbook, SUSE LINUX Edition

The Shell and the GUI ...... 50 The Shell ...... 50 The SLES Graphical Environment ...... 57 Finding Your Way ...... 66 System Filesystem ...... 66 Filesystem Permissions ...... 70 Getting Help ...... 75 Console-Based Help ...... 75 Graphical Help Systems ...... 80 Editing Text Files ...... 81 The vi Utility ...... 81

CHAPTER 4: OES Linux Clients 85 Instant Access ...... 85 The Novell Client and OES Linux ...... 85 Installing/Upgrading the Novell Client ...... 85 Configuring the Novell Client ...... 86 The NICI Client ...... 86 Integrating the LAMAS Client ...... 86 Mapping Drives to Servers with NetDrive Client . . . 87 Accessing Files Through Native Linux Methods . . . 87 Getting the Latest Client Software ...... 87 The Traditional Novell Client ...... 88 Installing the Client Software ...... 89 Removing the Client Software ...... 91 Installing from a Web Server ...... 92 Upgrading the Novell Client ...... 94 Novell Client Install Manager ...... 94 Novell Client Upgrade Agent ...... 97 Automatic Client Upgrade ...... 99 The Client Login ...... 101 LADS Tab ...... 102 Script Tab ...... 102 Dial-up Tab ...... 102 WAS Tab ...... 102 Configuring the Client ...... 104 NetIdentity ...... 106

iv

Contents

Other Novell Clients ...... 107 NICIClient ...... 108 NMAS Client ...... 108 NetDrive Client ...... 109 Accessing OES Through Native Linux Methods ...... 110 Network File System (NFS) ...... 110 Samba ...... 112

CHAPTER 5: OES Management Tools 115 Instant Access ...... 115 Welcome Pages ...... 115 ConsoleOne ...... 115 iManager ...... 116 Novell Remote Manager ...... 116 iMonitor ...... 117 Welcome Pages ...... 118 ConsoleOne ...... 119 iManager ...... 120 Installing iManager ...... 120 iManager Basics ...... 122 Role-Based Management with iManager ...... 123 Novell Remote Manager ...... 126 Accessing NRM ...... 127 NRM Basics ...... 129 imonitor ...... 131 Installing iMonitor ...... 132 iMonitor Basics ...... 134

PART II: Open Enterprise Server Infrastructure

CHAPTER 6: SUSE Linux Enterprise Server Management 139 Instant Access ...... 139 SLES Startup Procedures ...... 140 Bootloader Configuration ...... 140 Daemon Initialization ...... 142 Summary of the SLES Startup Process ...... 146 Interacting with Processes ...... 147

Novell Open Enterprise Server Administrator's Handbook, SUSE LINUX Edition

Introduction to Linux Kernel Management ...... 150 Kernel Sources ...... 152 Working with Kernel Modules ...... 152 Managing SLES with YaST ...... 154 Software ...... 155 Hardware ...... 156 System ...... 157 Network Devices ...... 159 Network Services ...... 160 Security and Users ...... 162 Misc ...... 163 SuSEconfig ...... 164 Updating OES Linux ...... 165 Activating and Using red-carpet (Graphical) . . . . 166 Activating and Using rug (Terminal) ...... 167 Monitoring SLES with Health Monitoring Services . . . . . 168 Installing HMS ...... 169 Configuring HMS ...... 170 Troubleshooting ...... 172 System Log Files ...... 172 /proc and /sys Filesystems ...... 173 Rescue Mode ...... 173 Troubleshooting Utilities ...... 175

CHAPTER 7: Novell eDirectory Management 177 Instant Access ...... 177 Managing eDirectory Objects ...... 177 Managing Replicas and Partitions ...... 177 Using Indexes ...... 177 Merging eDirectory Trees ...... 178 Using Additional Services with eDirectory ...... 178 Troubleshooting ...... 178 What Is eDirectory? ...... 178 eDirectory Architecture ...... 179 Physical Database ...... 180 Rules Governing Data ...... 182 Organization of Data ...... 182

vi

Contents

eDirectory Tree Design ...... 184 Top of the Tree Reflects Physical Layout ...... 184 Bottom of the Tree Reflects Organizational Structure ...... 186 Organize Objects to Facilitate Access and Administration ...... 187 Partition and Replicate for Scalability and Fault Tolerance ...... 188 Managing eDirectory ...... 193 Partition Operations ...... 194 Replica Operations ...... 197 Tree Operations ...... 200 Monitoring and Maintaining eDirectory ...... 203 Using LDAP with eDirectory ...... 213 Installing LDAP Services ...... 213 Connecting via LDAP ...... 218 DNS and DHCP Services ...... 220 Installing DNS and DHCP Services ...... 220 Configuring DHCP Services ...... 223 Configuring DNS Services ...... 225

CHAPTER 8: Users and Network Security 229

Instant Access ...... 229 Creating Users and Groups ...... 229 Ensuring Login Security ...... 229 Working with eDirectory Security ...... 229 Overview of Users in OES Linux ...... 230 Native eDirectory ...... 230 LDAP ...... 230 eDirectory User-Related Objects ...... 232 The User Object ...... 233 The Group Object ...... 236 The Organizational Role ...... 237 eDirectory Authentication ...... 238 Novell Modular Authentication Service ...... 238 Installing NMAS ...... 245 eDirectory Login Controls ...... 246

Novell Open Enterprise Server Administrator's Handbook, SUSS LINUX Edition

eDirectory Authorization ...... 251 Access Control Lists ...... 251 Inheritance ...... 254 Inherited Rights Filters ...... 255 Explicit Rights ...... 257 Security Equivalence ...... 258 Effective Rights ...... 260 Role-Based Administration ...... 261 File System Authorization ...... 262 Provisioning Linux Users ...... 262 Linux User Management ...... 262 Samba User Management ...... 275

CHAPTER 9: OES Clustering Services 281 Instant Access ...... 281 Installing Novell Cluster Services ...... 281 Configuring Clusters ...... 281 Monitoring Clusters ...... 282 Clustering Benefits ...... 282 Clustering Fundamentals ...... 283 Clustering Terminology ...... 284 Master Node ...... 284 Cluster-Enabled Volume ...... 285 Cluster Resource ...... 285 Heartbeats and the Split-Brain Detector ...... 285 Fan-Out Failover ...... 286 Installing Novell Cluster Services ...... 286 Configuring the Shared Disk System ...... 287 Installing Novell Cluster Services ...... 290 Converting NetWare Clusters to Linux ...... 292 Configuring Novell Cluster Services ...... 294 IP Address/Port ...... 295 Quorum Triggers ...... 295 Notification ...... 296 Priorities ...... 297 Protocols ...... 297 Cluster Node Properties ...... 298

viii

Contents

Always-Available File Access ...... 298 Cluster-Enabling a Volume After Pool Creation . . . 299 Cluster-Enabling a Storage Pool After Creation . . . 300 Modifying Node Assignment for a Storage Pool . . . 301 Configuring Storage Pool Policies ...... 302 Always-Available Network Services ...... 303 Cluster Resource Applications ...... 303 Cluster-Enabling an Application ...... 304 Assign Nodes to the Cluster-Enabled Resource . . .305 Configure Clustered Resource Policies ...... 306 Migrating a Cluster Resource ...... 307 Configuring Load and Unload Scripts ...... 308 Understanding Resource States ...... 309

CHAPTER 10: Identity Manager Bundle Edition 313 Instant Access ...... 313 Installing Identity Manager Bundle Edition ...... 313 Configuring Identity Manager Bundle Edition . . . . 313 How Identity Manager Works ...... 314 Installing the Identity Manager Engine ...... 317 Installing Remote Loaders and Drivers ...... 318 Installing Identity Manager on a Secondary eDirectory Tree ...... 321 Configuring an Identity Manager Driver ...... 323 Identity Manager Password Synchronization ...... 325

PART III: Open Enterprise Server User Access

CHAPTER 11 : OES Linux File Storage and Management 329 Instant Access ...... 329 Managing Logical Volumes ...... 329 Managing Disk Space ...... 329 Managing Files ...... 330 NSS Directory and File Security ...... 330 Backing Up and Restoring Files ...... 330

Novell Open Enterprise Server Administrator's Handbook, SUSE LINUX Edition

Novell Storage Services ...... 330 Planning the Filesystem ...... 335 Working with NSS Volumes ...... 339 Console-Based NSS Management Utilities ...... 347 Repairing NSS Pools ...... 349 Saving Disk Space ...... 351 NSS Data Security ...... 357 Filesystem Trustee Rights ...... 357 File and Directory Attributes ...... 362 Backing Up and Restoring Files ...... 368 Planning a Backup Strategy ...... 369 Storage Management Services (SMS) ...... 372 Preparing to Back Up ...... 375

CHAPTER 12: OES Linux File Access 379 Instant Access ...... 379 Using NetStorage ...... 379 Working with NetDrive ...... 379 Synchronizing Files with Novell iFolder ...... 379 Introduction to Novell File Access ...... 380 NetStorage ...... 380 Installing NetStorage ...... 381 Configuring NetStorage ...... 383 Using NetStorage ...... 384 Novell NetDrive ...... 387 NetDrive Prerequisites ...... 387 Using NetDrive ...... 388 Adding a Site to NetDrive ...... 389 Novell iFolder ...... 390 iFolder Prerequisites ...... 392 Installing iFolder ...... 392 Configuring iFolder ...... 394 Using iFolder ...... 398 FTP Server ...... 403 Installing FTP Server ...... 404 Configuring the FTP Server ...... 405

Contents

CHAPTER 13: OES Printing Services 411 Instant Access ...... 411 Installing and Configuring PPrint ...... 411 Working with PPrint ...... 411 Defining Print Options ...... 411 Printing Jobs ...... 412 Introduction to OES Printing ...... 412 PPrint Components ...... 413 Installing PPrint ...... 415 Configuring PPrint ...... 416 Accessing PPrint Printers ...... 423 Location-Based Printing ...... 426 Printer Availability on Workstations ...... 429 Setting Up a Secure Printing Environment ...... 430 Print Access Control ...... 430 Securing PPrint with SSL ...... 433

PART IV: Open Enterprise Server Web Services

CHAPTER 14: OES Foundations 437 Instant Access ...... 437 Installing Apache Web Server and Tomcat Servlet Engine ...... 437 Managing Apache Web Server ...... 437 Managing Tomcat Servlet Engine ...... 438 Apache Web Server ...... 438 Installing Apache Web Server ...... 440 Apache Web Server Configuration ...... 441 Storing Web Content ...... 443 Hosting Multiple Websites ...... 446 Apache Modules ...... 448 Adding Content to Your Website ...... 449 Publishing Content to a Website ...... 450 Apache Web Server Management ...... 451

Novell Open Enterprise Server Administrator's Handbook, SUSE LINUX Edition

Tomcat Servlet Engine ...... 456 Installing and Configuring Tomcat ...... 456 Managing Tomcat ...... 457 Tomcat Log Files ...... 457

CHAPTER 15: OES Web Services 459 Instant Access ...... 459 Using Virtual Office ...... 459 Working with Novell QuickFinder ...... 459 Working with eGuide ...... 460 Novell Virtual Office ...... 460 Installing Virtual Office ...... 461 Preparing Virtual Office for Use ...... 463 Virtual Teams ...... 468 Novell QuickFinder ...... 471 QuickFinder Capabilities ...... 471 Installing QuickFinder ...... 472 QuickFinder Basics ...... 474 Testing QuickFinder ...... 474 Working with QuickFinder ...... 475 Managing QuickFinder ...... 480 Managing Search Sites ...... 484 Novell eGuide ...... 493 Installing eGuide ...... 494 Configuring eGuide ...... 495 Using eGuide ...... 498 Additional OES Linux Web Services ...... 499 MySQL ...... 499 Perl and PHP Scripting Support ...... 499

PART V: Appendixes

APPENDIX A: The Most Essential Linux Commands 503 Getting Help ...... 504 File Management ...... 505

Contents

Permissions and Identity ...... 506 Viewing Files ...... 507 Text Processing ...... 508 Finding Files and Text ...... 508 Regular Expressions ...... 510 Environmental Commands ...... 512 Working with Processes ...... 512 Troubleshooting Tools ...... 514 Compression Utilities ...... 515 Networking Utilities ...... 516 Working with Filesystems ...... 517 System Shutdown and Restart ...... 519

APPENDIX B: eDirectory Reference Materials 521 eDirectory Background Processes ...... 521 Database Initialization ...... 522 Flat Cleaner ...... 522 janitor ...... 523 Replica Sync ...... 523 Replica Purger ...... 524 Limber ...... 524 Backlinker ...... 525 Schema Sync ...... 525 Time Sync ...... 525 DSTrace with MMonitor ...... 526 Repairing eDirectory with DSRepai r ...... 532 Unattended Full Repair (ndsrepair U) ...... 533 DSRepai r Monitor Operations ...... 535 DSRepai r Repair Operations ...... 536 DSRepai r Advanced Options ...... 545 eDirectory Errors ...... 547 eDirectory Agent Errors ...... 547 Errors ...... 547 Client Errors ...... 548 Other eDirectory Errors ...... 548

AH

APPENDIX C: Where to Go for More Information 549 General Novell Product Information ...... 549 Novell on the Internet ...... 550 Novell Cool Solutions ...... 550 Novell AppNotes ...... 551 Novell Connection ...... 551 Novell Technical Support ...... 551 Novell Ngage ...... 552 DeveloperNet: Novell's Developer Support ...... 552 Novell Training Classes and Certification ...... 553 Advanced Technical Training ...... 555 Novell Users International ...... 555 Network Professional Association ...... 556