Preface

This guide shows you how to configure, maintain, and troubleshoot OpenDJ directory services. OpenDJ directory services allow applications to access directory data:

  • Over Lightweight Directory Access Protocol (LDAP)

  • Using Directory Services Markup Language (DSML)

  • Over Hypertext Transfer Protocol (HTTP) by using HTTP methods in the Representational State Transfer (REST) style

In reading and following the instructions in this guide, you will learn how to:

  • Use OpenDJ administration tools

  • Manage OpenDJ server processes

  • Import, export, backup, and restore directory data

  • Configure OpenDJ server connection handlers for all supported protocols

  • Configure administrative privileges and fine-grained access control

  • Index directory data, manage schemas for directory data, and enforce uniqueness of directory data attribute values

  • Configure data replication between OpenDJ directory servers

  • Implement password policies, pass-through authentication to another directory, password synchronization with Samba, account lockout, and account status notification

  • Set resource limits to prevent unfair use of directory server resources

  • Monitor directory servers through logs and alerts and over JMX

  • Tune directory servers for best performance

  • Secure directory server deployments

  • Change directory server key pairs and public key certificates

  • Move a directory server to a different system

  • Troubleshoot directory server issues

Using This Guide

This guide is intended for system administrators who build, deploy, and maintain OpenDJ directory services for their organizations. This guide starts with an introduction to directory services. The rest of this guide is written with the assumption that you have basic familiarity with the following topics:

  • The client-server model of distributed computing

  • Lightweight Directory Access Protocol (LDAP), including how clients and servers exchange messages

  • Managing Java-based services on operating systems and application servers

  • Using command-line tools and reading command-line examples written for UNIX/Linux systems

  • Configuring network connections on operating systems

  • Managing Public Key Infrastructure (PKI) used to establish secure connections

Depending on the features you use, you should also have basic familiarity with the following topics:

  • Directory Services Markup Language (DSML), including how clients and servers exchange messages

  • Hypertext Transfer Protocol (HTTP), including how clients and servers exchange messages

  • Java Management Extensions (JMX) for monitoring services

  • Simple Network Management Protocol (SNMP) for monitoring services

Formatting Conventions

Most examples in the documentation are created in GNU/Linux or Mac OS X operating environments. If distinctions are necessary between operating environments, examples are labeled with the operating environment name in parentheses. To avoid repetition file system directory names are often given only in UNIX format as in /path/to/server , even if the text applies to C:\path\to\server as well. Absolute path names usually begin with the placeholder /path/to/ . This path might translate to /opt/ , C:\Program Files\ , or somewhere else on your system. Command-line, terminal sessions are formatted as follows:

$ echo $JAVA_HOME
/path/to/jdk

Command output is sometimes formatted for narrower, more readable output even though formatting parameters are not shown in the command. Program listings are formatted as follows:

class Test {
    public static void main(String [] args)  {
        System.out.println("This is a program listing.");
    }
}

Accessing Documentation Online

Open Identity Platform Community publishes comprehensive documentation online:

  • The Open Identity Platform Community Documentation offers a large and increasing number of up-to-date, practical articles that help you deploy and manage Open Identity Platform software.

  • Open Identity Platform product documentation, such as this document, aims to be technically accurate and complete with respect to the software documented. It is visible to everyone and covers all product features and examples of how to use them.

Joining the Open Identity Platform Community

Visit the community resource center where you can find information about each project, download nightly builds, browse the resource catalog, ask and answer questions on the forums, find community events near you, and of course get the source code as well.

Getting Support and the Contacting Open Identity Platform Community

Open Identity Platform Community Approved Vendors provide support services, professional services, trainings, and partner services to assist you in setting up and maintaining your deployments.