Day: 10 July 2007

Deploying Directory Service Control Center in Glassfish v2…

Ludo2 Comments

Directory Server Enterprise Edition 6.1 introduced the ability to deploy the Console GUI (Directory Services Control Center alias DSCC) in any supported Application Server when installing using the Zip distribution (with Native distribution, aka Java ES installation, DSCC is deployed in Sun Web Console and already fully functional).

Note that as of today only Sun Application Server 8.2 and Tomcat 5.5 are supported.

So here’s a description on how to install DSEE 6.1, deploy DSCC in Glassfish v2 and use it to create new instances of Directory Server.

Installing DSEE 6.1

Download the DSEE 6.1 full install tar.gz file.

Expand it in a temporary directory. 

/tmp/dsee61 > ls
dsee_data    dsee_deploy  idsktune

Install DSEE. With DSEE 6.1, there is no longer the choice to install just a part of DSEE. All binaries are installed, but no service is running. It will be up to you to chose which service (DS or DPS…) to enable and configure.

The -I option prevents interaction and does an implicit approval of the license. The -N option removes the checks for cacao ports, and does not enable it, although it is configured. 

/tmp/dsee61 > dsee_deploy install -i /local/demo/dsee61 -I -N
Sun Microsystems, Inc. ("Sun") SOFTWARE LICENSE AGREEMENT ("SLA") and
ENTITLEMENT for SOFTWARE
... < Full license text here> ...
By using the --no-inter option, you have implicitly accepted the license
Checking running Directory Server instances
Checking running Directory Proxy Server instances
Unzipping sun-ldap-base.zip ...
Unzipping sun-ldap-dsrk6.zip ...
Unzipping sun-ldap-dsrk-man.zip ...
Unzipping sun-ldapcsdk-tools.zip ...
Unzipping sun-ldapcsdk-dev.zip ...
Unzipping sun-ldap-ljdk.zip ...
Unzipping sun-ldap-jre.zip ...
Unzipping sun-ldap-shared.zip ...
Unzipping sun-ldap-shared-l10n.zip ...
Unzipping sun-ldap-directory.zip ...
Unzipping sun-ldap-directory-l10n.zip ...
Unzipping sun-ldap-directory-config.zip ...
Unzipping sun-ldap-directory-man.zip ...
Unzipping sun-ldap-directory-dev.zip ...
Unzipping sun-ldap-mfwk.zip ...
Unzipping sun-ldap-cacao.zip ...
Unzipping sun-ldap-console-agent.zip ...
Unzipping sun-ldap-console-cli.zip ...
Unzipping sun-ldap-console-common.zip ...
Unzipping sun-ldap-console-var.zip ...
Unzipping sun-ldap-jdmk.zip ...
Unzipping sun-ldap-directory-client.zip ...
Unzipping sun-ldap-directory-client-l10n.zip ...
Unzipping sun-ldap-proxy.zip ...
Unzipping sun-ldap-proxy-l10n.zip ...
Unzipping sun-ldap-proxy-man.zip ...
Unzipping sun-ldap-proxy-client.zip ...
Unzipping sun-ldap-proxy-client-l10n.zip ...
Unzipping sun-ldap-console-gui.zip ...
Unzipping sun-ldap-console-gui-help.zip ...
Unzipping sun-ldap-console-gui-l10n.zip ...
Unzipping sun-ldap-console-gui-help-l10n.zip ...
Creating WAR file for Console
Configuring Cacao at /local/demo/dsee61/dsee6/cacao_2
Setting Cacao parameter jdmk-home with default value [/local/demo/dsee61/dsee6/private]
Setting Cacao parameter java-home with default value [/local/demo/dsee61/jre]
Setting Cacao parameter nss-lib-home with default value [/local/demo/dsee61/dsee6/private/lib]
Setting Cacao parameter nss-tools-home with default value [/local/demo/dsee61/dsee6/bin]
Registering console agent into cacao
Registering JESMF agent into Cacao
You can now start your Directory Server Instances
You can now start your Directory Proxy Server Instances

Configuring Glassfish v2

I installed Glassfish v2 beta 2 build (downloaded from here <https://glassfish.dev.java.net/downloads/v2-b41d.html&gt; , following the installation instructions)

Add the following lines in the {install-dir}/domains/domain1/config/server.policy file 

// Permissions for Directory Service Control Center
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/DSCC/-"
{
permission java.security.AllPermission;
};

Deploying the web application from the local directory

Once Glassfish has been installed and started, log onto the console (default is http://localhost:4848/).

DsccdeploySelect the Application / Web Applications and click the Deploy button.

Select the Location and a Local packaged file or directory. Browse the disk to locate the dscc.war file (or type the full path directly: /local/demo/dsee61/var/dscc6/dscc.war).

Set the application name to DSCC (same as in the server.policy file).

Click Ok.

Tuning and starting Cacao

Cacao is a Agent container that is available by default on Solaris systems and has been ported to all Java Enterprise System supported platforms. On Solaris or if you have multiple installations of DSEE on the same host, you need to tune Cacao and more specifically the ports it listens to. 

ludo:cacao_2 > pwd
/local/demo/dsee61/dsee6/cacao_2
ludo:cacao_2 > ./usr/sbin/cacaoadm stop
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param snmp-adaptor-port=21161
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param snmp-adaptor-trap-port=21162
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param jmxmp-connector-port=21162
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param commandstream-adaptor-port=21163
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param  rmi-registry-port=21164
ludo:cacao_2 > ./usr/sbin/cacaoadm set-param secure-webserver-port=21165
ludo:cacao_2 > ./usr/sbin/cacaoadm start

Note that you may not need to change all ports (most of them are unused), but it’s safer.

DSCC makes only use of the jmxmp-connector-port

Initializing DSCC

We’re almost done. But before using the console, it is still needed to initialize some parts of the system. 

ludo:dsee61 > pwd
/local/demo/dsee61
ludo:dsee61 > dscc6/bin/dsccsetup initialize
***
DSCC Application cannot be registered because it is not installed
***
DSCC Agent is already registered
***
Choose password for Directory Service Manager:  aPassword
Confirm password for Directory Service Manager:  aPassword
Creating DSCC registry...
DSCC Registry has been created successfully
***

Using DSCC

You can either select the Web Application and click on Launch in the Glassfish Administration GUI

Or open your browser and type the DSCC app URL : http://ludo.france:8080/dscc

Authenticate as admin and Directory Service Manager’s password (the one specified during the DSCC initialization).

And you can now create new Directory instances from the Console…

Dsccnewds Dsccnewdsdone

Or register an existing instance to DSCC Registry: 

ludo:dsee61 > dscc6/bin/dsccreg add-server /local/demo/dsee61/instances/ds1
Enter DSCC administrator's password:
/local/demo/dsee61/instances/ds1 is an instance of DS
Enter password of "cn=Directory Manager" for /local/demo/dsee61/instances/ds1:
This operation will restart /local/demo/dsee61/instances/ds1.
Do you want to continue ? (y/n) y
Connecting to /local/demo/dsee61/instances/ds1
Enabling DSCC access to /local/demo/dsee61/instances/ds1
Restarting /local/demo/dsee61/instances/ds1
Registering /local/demo/dsee61/instances/ds1 in DSCC on localhost.

Once it is registered, it can be managed with DSCC.

Technorati Tags: , , ,