At work we decided to update our LDAP infrastructure. From SUN Directory Server 5.2 to 6.3(.1). The person doing this is: me.
We have some requirements for the applications we install, we want them in specific locations so that we are able to move them between servers more easily (no need to search all stuff in the entire system, just the generic location and some stuff in /etc needs to be taken care of… in the best case). SUN offers the DSEE 6.3.1 as a package or as a ZIP-distribution. I decided to download the ZIP-distribution, as this implies less stuff in non-conforming places.
The installation went OK. After the initial hurdles of searching the SMF manifest referenced in the docs (a command shall install it) but not finding them because the ZIP-distribution does not contain this functionality (I see no technical reason; I installed the manifest by hand), I had the new server up, the data imported, and a workstation configured to use this new server.
The next step was to setup a second server for multi-master replication. The docs for DSEE tell to use the web interface to configure the replication (this is preferred over the command line way). I am more a command line guy, but OK, if it is that much recommended, I decided to give it a try… and the web interface had to be installed anyway, so that the less command line affine people in our team can have a look in case it is needed.
The bad news, it was hard to get the webinterface up and running. In the package distribution all this is supposed to be very easy, but in the ZIP-distribution I stumbled over a lot of hurdles. The GUI had to be installed in the java application server by hand instead of the more automatic way when installed as a package. When following the installation procedure, the application server wants a password to start the web interface. The package version allows to register it in the solaris management interface, the ZIP-distribution does not (direct access to it works, off course). Adding a server to the directory server web interface does not work via the web interface, I had to register it on the command line. Once it is registered, not everything of the LDAP server is accessible, e.g. the error messages and similar. This may or may not be related to the fact that it is not very clear which programs/daemons/services have to run, for example do I need to use the cacaoadm of the system, or the one which comes with DSEE? In my tests it looks like they are different beasts independent from each other, but I did not try all possible combinations to see if this affects the behavior of the web interface or not.
All the problems may be documented in one or two of the DSEE documents, but at least in the installation document there is not enough documentation regarding all my questions. Seems I have to read a lot more documentation to get the web interface running… which is a shame, as the management interface which is supposed to make the administration more easy needs more documentation than the product it is supposed to manage.
Oh, yes, once I had both LDAP servers registered in the web interface, setting up the replication was very easy.