6.1. Working with Administration Server Instances

6.1. Working with Administration Server Instances

There are two additional setup steps that can be done with the Administration Server. This first allows the Administration Server to be accessed by remote clients, so that users can install and launch the Directory Server Console and still access the remote Directory Server file, such as help files.

NOTE

If you lock yourself out of the Console or Administration Server, you may have to edit the Administration Server configuration directly via LDAP. See http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt for information on editing the Administration Server configuration.

6.1.1. Configuring IP Authorization on the Administration Server

The Directory Server Console can be launched from remote machines to access an instance of Directory Server. The client running Directory Server Console needs access to the Administration Server to access support files like the help content and documentation.

There are six steps to configure the Administration Server to accept the client IP address:

  1. On the same machine on which the Administration Server is running launch the Console. 

    /usr/bin/redhat-idm-console

  2. In the Administration Server Console, click the Configuration tab, then click the Network tab.

  3. In the Connection Restrictions Settings section, select IP Addresses to Allow from the pull down menu.

  4. Click Edit.

  5. In the IP Addresses field, enter the following: 

    *.*.*.*

    This allows all IP addresses to access the Administration Server.

  6. Restart the Administration Server.

CAUTION

Adding the client machine proxy IP address to the Administration Server creates a potential security hole.

6.1.2. Configuring Proxy Servers for the Administration Server

If there are proxies for the HTTP connections on the client machine running the Directory Server Console, the configuration must be changed in one of two ways:

  • The proxy settings must be removed from the client machine. Removing proxies on the machine running Directory Server Console allows the client to access the Administration Server directly. To remove the proxy settings, edit the proxy configuration of the browser which is used to launch the help files.

  • Add the client machine proxy IP address to Administration Server's list of acceptable IP addresses. This is described in Section 6.1.1, “Configuring IP Authorization on the Administration Server”.

CAUTION

Adding the client machine proxy IP address to the Administration Server creates a potential security hole.


Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.