Manualshelf

Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software
71727374757677787980
1
The LDAP tools referenced in this guide are Mozilla LDAP, installed with Directory Server in the
/usr/lib/mozldap directory on Red Hat Enterprise Linux 5 i386; directories for other platforms are listed in
Section 2, “LDAP Tool Locations”. However, Red Hat Enterprise Linux systems also include LDAP tools from
OpenLDAP. It is possible to use the OpenLDAP commands as shown in the examples, but you must use the -x
argument to disable SASL and allow simple authentication.
The root suffix is automatically added to the name. For example, it the sub suffix ou=groups
is created under the dc=example,dc=com suffix, the Console automatically names it
ou=groups,dc=example,dc=com.
4. Select the Create associated database automatically checkbox to create a database at the
same time as the new sub suffix, and enter a unique name for the new database in the
Database name field, such as example2. The name can be a combination of alphanumeric
characters, dashes (-), and underscores (_). No other characters are allowed.
Deselect the checkbox to create a database for the new sub suffix later. The new sub suffix
will be disabled until a database is created.
5. Click OK.
The suffix appears automatically under its root suffix in the Data tree in the left navigation
pane.
1.1.3. Creating Root and Sub Suffixes from the Command-Line
Use the ldapmodify command-line utility to add new suffixes to the directory configuration file.
The suffix configuration information is stored in the cn=mapping tree,cn=config entry.
NOTE
Avoid creating entries under the cn=config entry in the dse.ldif file. The
cn=config entry in the simple, flat dse.ldif configuration file is not stored in the
same highly scalable database as regular entries. As a result, if many entries,
particularly entries that are likely to be updated frequently, are stored under
cn=config, performance will suffer.
1. Add a new root suffix to the configuration file using the ldapmodify utility.
1
ldapmodify -a -h example1 -p 389 -D "cn=directory manager" -w secret
ldapmodify binds to the server and prepares it to add an entry to the configuration file.
2. Create the root suffix entry. For example:
dn: cn="dc=example,dc=com",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
nsslapd-state: backend
nsslapd-backend: UserData
cn: dc=example,dc=com
Creating Suffixes
51