There are multiple versions of the administration server (2.x and 3.x), and various SuiteSpot servers are configured using different versions. Because of the different versions, this chapter lists suggestions to follow before installing two servers that use different versions of the administration server. For a list of the servers that use the different versions of the administration server, see the printed Quick Start card that comes with SuiteSpot. If you have an individual server, check its documentation for the administration server version it uses.
http://myserver.mozilla.com:12345
Before you can get to any forms, the administration server prompts you to authenticate yourself. This means you need to type a user name and password. You set up the "superuser" user name and password when you install the first SuiteSpot server and administration server on your computer. After installation, you can use distributed administration to give multiple people access to different forms in the administration server.
The first page you see when you access the administration server is called the Server Administration page (Figure 1.2). The Server Administration page has three or four sections, depending on the servers you have installed. Figure 1.2 shows all four sections, which are described here:
The Server Administration page lets you manage your Netscape servers.
Using the Server Manager forms
As stated earlier, the collection of forms used to configure a single server is called the Server Manager. The administration server contains a Server Manager for each Netscape server installed on the computer, including one for the administration server itself.
The Server Administration page, shown in Figure 1.2, contains links to each Server Manager.
To use the Server Manager, you click a category button in the top frame (for example, Server Preferences), and then you click a link in the left frame (for example, Distributed Admin). A form appears in the remaining frame where you select options and specify values that configure the server. To submit your changes in the form, click the OK button. Click the Help button in any form to get specific directions on using that form.
To return to the Server Administration page (Figure 1.2), click the Server Administration button in the top frame of the Server Manager.
The following items are some of the new features in the 3.x version of Netscape servers:
suitespot
with system users mail
and web
.
Creating the user and group is more important on Unix systems, but you can also do this on Windows NT systems. When you create these accounts, you should create them so that no other system users or groups have write access to the files owned by the servers. In particular, you'll want to write-protect the administration server's password file located at
<server_root>/admin-serv/config/admpw
. And you should consider protecting any encryption key-pair files and certificates (in the directory <server_root>/alias
), and the local database (in the directory <server_root>/userdb
).
The 3.x administration server provides you with a link to a 2.x administration server if the 2.x server is installed on the same computer. The administration server uses the file <server_root>/admin-serv/config/sr2x
to link to the 2.x server root directory. If you installed the 2.x server in the default directory, the 3.x administration server should automatically provide the link. If it doesn't, you can edit or create the file or specify the 2.x server root directory during the installation process. The sr2x
file is a simple text file that contains the absolute path to the 2.x server root directory. For example, on NT the directory might be C:\Netscape\Servers, and on UNIX, /usr/ns-home.
<server_root>/admin-serv/config/admpw
. This is the user name (and password) you specified during installation. This user has full access to all features in the administration server and sees all forms in the administration server except the Users & Groups forms, which depend on the superuser having a valid account in an LDAP server such as Netscape Directory Server. If you use the local database, superuser will always have access to the Users & Groups forms.
Logging in as the superuser gives you full access to all the forms and servers running under the administration server. The exception to this is the Users & Groups area of the administration server. Although you have full access to the Users & Groups forms, you might not have the appropriate permissions set in the directory that allow you to manage users. This is an issue only if you are using a directory server to manage users and groups--if you are using the local directory, you automatically have full access to directory management because the local directory does not support access control lists.
If you are using a directory server to manage users and groups, then make sure
to create a user entry in your directory that corresponds to your administration
server superuser, and grant that entry full read, write, search, and compare
permissions for the directory. Netscape Directory Server version 1.02 or later
has the ability to automatically create the minimum required superuser user
name and access-control information. For more information, see the online
documentation that is available with your Netscape Directory Server.
For information on disabling distributed administrations, see Configuring distributed administration.
When distributed administration is on
If you enabled distributed administration, then you can log in as the superuser, an administrator, or an end user. The administration server identifies what type of a user you are by using the following process:
Note
Stopping the administration server
If you enable end-user access to the administration server, you should keep the administration server running as often as possible. If you don't enable end-user access, consider shutting down the administration server when you aren't using it. This minimizes chances of a break in, which could happen if someone learns any of your superuser or administrator passwords.
To shut down the administration server from the Server Manager:
UnixTo stop the administration server, go to your server root directory and type
./stop-admin
. To start the server, type ./start-admin
. If the server is already running, you can type ./restart-admin
.
NTTo stop the administration server, go to Control Panel|Services. Select the "Netscape Administration Server 3.0" service and click Stop. To restart it, click Start.
What to do next
Before you read the rest of this book, you need to install at least one of your SuiteSpot servers. The following steps offer installation guidelines to follow.