Configuring ITDS 6.3 in An Linux OS Clustering Environment

Configuring IBM Tivoli Directory
Server 6.3 in a Linux OS clustering

Environment for ig! "vaila#ility
$%ritten using &EL 6.' an( TDS 6.3)
Document version *.+
,eelam Solen-i
Copyright IBM Corporation, 2013 and IBM Security Systems
Configuring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iity
http())*3+i'm+com)support)Techdocs ,age 1
CO,TE,TS
Revision History.................................................................................................... 3
1. Introduction....................................................................................................... 4
2. Tivoli Directory Server Configurations for High Availaility!!!!!............. "
3. Tivoli Directory #ro$y Server !!!!!!!!!!!!!!!!!.............. %
4. Introducing to Tivoli Directory #ro$y Server in an e$isting Tivoli Security
Infor&ation and 'vent (anager environ&ent !!!!!!!!!!!!!!.. )
". Ste*s to set u* the re*lication for ac+,ends !!!!!!!!!!!!...!1-
). Resources !!!!!!!!!!!!!!!!!!!!!!!!!!!!..1.
&E.ISIO, ISTO&/
Date .ersion &evise( By Comments
2./-%/2-13 1.- 0eela&
Solen+i
1. Introduction
I1( Tivoli Directory Server 2TDS3 soft4are *rovides a reliale *latfor& for your
enter*rise security initiatives. This enter*rise identity &anage&ent soft4are fro&
Tivoli uses 5ight4eight Directory Access #rotocol 25DA#3 to *rovide a trusted
identity data infrastructure for authentication.
Tivoli Directory Server *rovides identity &anage&ent for co&*anies that 4ant to
de*loy a roust and scalale identity infrastructure. It also &aintains high
availaility 4ith &aster/suordinate and *eer,to,*eer re*lication ca*ailities and
scheduled online or offline ac+u* and re&ote restore.
This article de&onstrates the configuration of I1( Tivoli Directory Server in a
5inu$ 6S clustering environ&ent for High availaility. This docu&ent
de&onstrates the 4ay to configure the *ri&ary TDS server7 the ste*s to configure
the standy TDS server7 and the scri*ts needed y 5inu$ 6S cluster.
http())*3+i'm+com)support)Techdocs ,age -
2. Tivoli Directory Server Confgurations for
High Availability
'.* 0ro(uct levels use(
RH'5 8.2
Tivoli Directory Server 8.3
RH'5 6S cluster
In these configurations 4e have the follo4ing si&*le 6S clustering configured9
0rimary TDS ,o(e
Hostna&e9 tdsserverA
I# Address9 1.2.18).21.3
:::::::::::::::::::::::::::::::::::::::::::::
Stan(#y TDS ,o(e
Hostna&e9 tdsserver1
I# Address9 1.2.18).23.3)
:::::::::::::::::::::::::::::::::::::::::::::
Shared resources et4een the t4o servers9
&esource 1rou2 2 lda* resource grou* na&ed39 lda*;rg
Shared Storage9 /ho&e/lda*d2
Cluster I# Address9 1.2.18).23.4-
This configuration assu&es that our 5inu$ Ad&inistrators have already
configured 6S clustering for failover et4een the tdsserverA and tdsserver1
servers. They have configured a shared dis+ to failover et4een the t4o syste&s
using /ho&e/lda*d2 and configured the cluster I# address for I# failover. In
addition they have installed each syste& 4ith su**orted 6S/#roduct/Cluster
soft4are levels.
http())*3+i'm+com)support)Techdocs ,age .
2.2 Ste2s to configure 0rimary TDS server
1.Install D2 <..% 4ith =# 2 on tdsserverA and create a D2 instance na&ed as
>lda*d2> 4ith the ho&e directory as shared storage /ho&e/lda*d2.
=or installing D2 <..% *lease use the elo4 lin+.
htt*9//*ic.dhe.i&.co&/infocenter/d2lu4/v.r%/inde$.?s*@to*ic:
A2=co&.i&.d2.lu4.B.server.docA2=docA2=c---)%11.ht&l
2.3 <erify your D2 installation using the co&&and elo4.
3.3 <erify that D2 instance and D2 version 4ith the co&&and descried elo4.
http())*3+i'm+com)support)Techdocs ,age /
-.3 =ollo4 the sa&e *rocedure to install D2 ..% on tdserver1 7 ut donCt create
D2 instance at this ti&e.
,ote3 /ou nee( to create similar users an( grou2s $4it! same 5ID6s an(
15ID6s) on secon(ary TDS server i.e t(sserverB
Creation of 5sers 37
useradd ,& ,g idslda* ,d /ho&e/lda*d2 ,s /in/+sh ,* *ass4-rd lda*d2
useradd ,& ,g idslda* ,d /ho&e/idslda* ,s /in/+sh ,* *ass4-rd idslda*
useradd ,& ,g dasad&1 ,d /ho&e/dasusr1 ,s /in/+sh ,* *ass4-rd dasusr1
useradd ,& ,g d2fad&1 ,d /ho&e/d2fenc1 ,s /in/+sh ,* *ass4-rd d2fenc1
Creation of 1rou2s 37
DrootEid&d$l43tenoi FGH grou*add d2fad&1
DrootEid&d$l43tenoi FGH grou*add d2iad&1
DrootEid&d$l43tenoi FGH grou*add dasad&1
DrootEid&d$l43tenoi FGH grou*add idslda*
".3 Chec+ the elo4 files on oth the TDS servers 2tdsserverA and tdsserver13
are si&ilar.
.i 8etc8grou2
idslda*9$9"--9root7lda*d2
dasad&19$91-19lda*d2
d2iad&19$91-29root
d2fad&19$91-39
.i 8etc82ass4(
dasusr19$9"--91-199/ho&e/dasusr19/in/+sh
lda*d29$9"-191-299/ho&e/lda*d29/in/+sh
d2fenc19$9"-291-399/ho&e/d2fenc19/in/+sh
idslda*9$9"-39"--99/ho&e/idslda*9/in/+sh
8.3 Install Tivoli Directory Server on *ri&ary server using 5inu$ utilities7 follo4 the
elo4 lin+ .
htt*9//*ic.dhe.i&.co&/infocenter/tivihel*/v2r1/inde$.?s*@to*ic:
A2=co&.i&.I1(DS.docA2=install%).ht&I*athA3D)311-1
%.3 1efore running instance creation utility 4e have to &a+e sure all lda* related
lin+s are u*dated to use the ITDS 8.3 version. To do this run
c(8o2t8IBM8l(a28.6.38#in8
./idslin+ ,i ,g ,l 84 ,s fullsrv
).3 Creating our ITDS instance.
0ote9 In this case 4e assu&e that the shared storage 2/ho&e/lda*d23 is
&ounted and active on *ri&ary server tdsserverA and that 4e are naturally
running on the #ri&ary 0ode as the root user.
#er&issions on ho&e directory9,
Run this co&&and to create the TDS instance
9 i(sicrt 7I l(a2(#' 7e *'3:;6<=>+*' 7t l(a2(#' 7l 8!ome8l(a2(#'
..3 Configuring the ITDS 8.3 instance dataase
1y creating the instance 4e no4 have a location and user in 4hich to configure
the d2 dataase 4hich 4ill store our ITDS 8.3 data. To configure the dataase
run the follo4ing co&&and9
9 i(scfg(# 7I l(a2(#' 7a l(a2(#' 74 2ass4+r( 7t t(s(# 7l 8!ome8l(a2(#'
1-.3 Jetting the *ri&ary TDS instance ready
At this stage 4e need to *re*are the instance for *roduction7 *lease set the
Ad&in D0 and #ass4ord9,
9 i(s(n24 7I l(a2(#' 7u cn?root 72 2ass4+r(
0e$t set the *roduction suffi$. In this e$a&*le o:i& suffi$ is used for the to* of
the tree.
9 i(scfgsuf 7I l(a2(#' 7s o?i#m
11.3 Testing functionality of TDS *ri&ary server on tdserverA
i(ssla2( 7I l(a2(#' $TDS start comman()
12.3 <erifying TDS *ri&ary server on tdserverA
i(sl(a2searc! 7D cn?root 74 2ass4+r( 7s #ase o#@ectclass?A Bgre2 config
This search should return9
i&,configurationna&ingconte$t:C0:C60=IJKRATI60
i&,sla*disconfiguration&ode:C"LSE
,ote3 If i&,sla*disconfiguration&ode is set to TRK' you &ust sto*7 there is
so&e configuration *role& that has *revented the directory server fro& starting
u* cleanly and the ne$t ste*s in this docu&ent 4ill not a**ly.
13.3 #re*aring secondary TDS server on tdsserver1
At this *oint the configuration of tdsserverA is co&*lete7 ut ne$t 4e 4ill ta+e a
cou*le of &o&ents to *re*are so&e of the ite&s 4e 4ill need for the
configuration of tdsserver1 2or the standy node3. This infor&ation 4ill need to
e gathered fro& tdsserverA *rior to eginning the configuration of tdsserver1
'.3 Ste2s to get DB' 4or-ing correctly on t(sserverB
1.3 6*en the /etc/services file on tdsserverA and chec+ for *ort infor&ation of
D2 instance.
cat 8etc8services B gre2 l(a2
d2c;lda*d2 "---1/tc*
d2c;lda*d2i "---2/tc*
D12;lda*d2 8----/tc*
D12;lda*d2;1 8---1/tc*
D12;lda*d2;2 8---2/tc*
D12;lda*d2;'0D 8---3/tc*
lda*d2svcids 3%88/tc*
lda*d2svcidsi 3.--/tc*
2.3 Co*y the aove entries fro& tdsserverA /etc/services file and *aste it on
tdsserver1 /etc/services file and save it .
D12 relies on a file called (#'no(es.cfg to tell it 4hich syste& hostna&e the
dataase is located on. If 4e loo+ at this file directly after failover on tdsserver1
4e see that it is *ointing to tdsserverA.
9 cat 8!ome8l(a2(#'8sDlli#8(#'no(es.cfg
At this ti&e ho4ever7 4e are running on tdsserver1 so this file 4ill need to e
u*dated to reflect that change. Le 4ill eventually scri*t this into the cluster scri*t7
ut for no4 I a& ?ust going to &anually u*date the d2nodes.cfg ased on the
value returned fro& the co&&and.
3.3 Try Starting D2 server instance on tdsserver17 your dataase instance
should start successfully.
4.3 Install TDS *ac+ages on tdsserver1 as e$*lained in Ste* 8 and create the
TDS instance as defined in ste*) 7 ut donCt configure the dataase since D2 is
configured on shared storage.
".3 In addition 4e need to get the ad&in dae&on line for the TDS instance
fro& /etc/initta file fro& tdsserverA.
9 cat 8etc8initta#
and co*y the line9
ids-9234"9once9/o*t/i&/lda*/<8.3/sin/i&dirad& ,I lda*d2 M /dev/null 2MI1
HAutostart I1( 5DA# Ad&in Dae&on Instance
into a file /etc/initta on tdsserver1.
8.3 There is an additional file 4e are going to need fro& tdsserverA on tdsserver1
to assist 4ith the configuration on that syste&. #lease run9
Co2y 8o2t8i#m8l(a28i(sinstinfo8i(sinstances.l(if from t(sserver" to
t(sserverB on same location.
%.3 To verify that secondary server i.e tdsserver1 has TDS instance configured
no4
DrootEid&a*$l-8)*rnoi idsinstinfoGH idsilist ,a
Directory server instance2s39
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Instance 19
0a&e9 lda*d2
<ersion9 8.3
5ocation9 /ho&e/lda*d2
Descri*tion9 I1( Tivoli Directory Server Instance <8.3
I# Addresses9 All availale
#ort9 3).
Secure #ort9 838
Ad&in Server #ort9 3"3)
Ad&in Server Secure #ort9 3"3.
Ty*e9 Directory Server
).3 Start the TDS instance on tdsserver17 it should start successfully.
3. OS Clustering Scri2t for TDS
34)'in)'ash
3
3 )etc)init+d)i'msapd
3
3 IBM Tivoi init script
3
3 ch5config( 3-. 00 20
3
3 description( IBM Tivoi init script
3 Source function i'rary+
+ )etc)init+d)functions
start67 8
echo 9n :Starting i'msapd( :
daemon 99chec5 i'msapd )opt)i'm)dap);/+3)s'in)sapd
i'mdiradm
<%T;=">?@
touch )var)oc5)su'sys)i'msapd
return ?<%T;="
A
status67 8
echo 9n :Status of "!=, Server( :
i'mdirct 9! cn>root 9* pass*0rd status
<%T;=">?@
return ?<%T;="
A
stop67 8
echo 9n :Shutting do*n i'msapd( :
)opt)i'm)dap);/+3)s'in)sapd 95
i'mdiradm 95
<%T;=">?@
rm 9f )var)oc5)su'sys)i'msapd
return ?<%T;="
A
case :?1: in
start7
start
BB
status7
status
BB
stop7
stop
BB
restart7
stop
start
BB
C7
echo :Dsage( i'msapd 8startEstopEstatusEreoadErestartFEpro'eG:
e#it 1
BB
esac
e#it ?@
Chec+ and validate the TDS failover y shutting do4n one server fro& the cluster
and then vice versa.
http())*3+i'm+com)support)Techdocs ,age 1-
:. &esources
Tivoli Directory Server #roduct site
Tivoli Directory Server Infor&ation Center.
Configuring ITDS 8.1 in HAC(# environ&ent
RH'5 8 Cluster Ad&inistration
http())*3+i'm+com)support)Techdocs ,age 1.

Configuring ITDS 6.3 in An Linux OS Clustering Environment

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Configuring ITDS 6.3 in An Linux OS Clustering Environment

Încărcat de

Drepturi de autor:

Formate disponibile

Configuring IBM Tivoli Directory

Server 6.3 in a Linux OS clustering

S-ar putea să vă placă și