Multiple LDAP servers can be configured. If you do this, each additional LDAP server will minimally need its own separate mount point in the DTCPARMS file. Also required is a directory entry for the new LDAP server, a new BFS file space, and appropriate permissions. The port number that additional servers will listen on can be specified as a parameter to the server or in the configuration file.
Since the LDAP server uses the byte file system, the associated shared file system server must be started before TCP/IP.
The LDAP server uses two configuration files. Samples of the two files are distributed on TCPMAINTs 591 disk. The sample files are called LDAP-DS SCONFIG and LDAP-DS SENVVAR. Copy LDAP-DS SCONFIG to TCPMAINTs 198 disk as DS CONF. This is the LDAP server’s primary configuration file. Copy LDAP-DS SENVVAR to TCPMAINTs 198 disk as DS ENVVAR. This file contains environment variables for the LDAP server.
You won’t need to change much in the DS ENVVARs file, which is primarily used to set message logging, debugging, and trace output options. The timezone for LDAP reported messages also is set in this file.
Most configuration for the LDAP server occurs in the DS CONF file. If you’re going to use a different name for this file, you will need to indicate this to the LDAP server on the PARMS tag in the DTCPARMS file.
The configuration file includes a global section and a section for each of the three database back-ends. A back-end is activated by uncommenting its associated keyword in the configuration file.
To configure the LDAP server, start by editing the DS CONF file. In the global section, set the adminDN and adminPW keywords as follows:
The cn, in LDAP terms, stands for Common Name, and is frequently used. In the LDBM section of the file, there’s a database keyword you will need to uncomment to activate the LDBM backend. Additionally, you will need to specify a suffix for the LDAP server; this identifies the LDAP server to any LDAP clients or servers with which it may communicate. For example: