Installing the server
his chapter tells you how to install the Netscape
Enterprise Server and begin configuring it for your needs.
The administration server
When you install the Netscape Enterprise Server,
the administration server is installed on the same computer. The administration
server is a web-based server containing forms you use to configure your
Netscape server products, including the Netscape Enterprise Server. With
the administration server, you can manage multiple servers from a single
interface.
During the installation of your Netscape
Enterprise Server, you select a port for the administration server. Like
any other server, the administration server listens to that port and responds
to requests sent to it.
For more information on the administration server,
see Managing Netscape Servers. For information on accessing your
Netscape Enterprise Server through the administration server, see Chapter
3, "Managing your server."
Before you begin installation
Before you install the Netscape Enterprise Server,
you should do the following:
If you need more information on accomplishing these
tasks than is included in the following sections, consult your system manager.
Make sure DNS is running
When you install the Netscape Enterprise Server,
you'll be asked for a hostname or an IP address (or multiple entries of
the same) as input strings.
-
A hostname is a name for a specific computer in the form machine.subdomain.domain.
For example, www.netscape.com is the machine www in the
subdomain netscape and domain com.
-
An Internet Protocol (IP) address is a set of numbers, separated by dots,
that specifies the actual location of a computer on the Internet (for example,
198.95.251.30).
As you prepare for installation, make sure DNS is
running properly. Otherwise, the server can't resolve (translate) hostnames
and can't connect to any remote hosts.
Create an alias for the server
If your server will run on one machine among
many in a network, you or your system administrator should set up a DNS
CNAME record or an alias (such as www) that points to the actual server
machine. Later, you can change the actual hostname or IP address of the
server machine without having to change all URLs that point to the server
machine.
For example, you might call the server my_server.my_company.com
and then use an alias like www.my_company.com.
So the URLs to documents on your server would always use the www alias
instead of my_server.
Create a user account for the server
If you don't know how to create a new user on your system,
you should consult your system manual or a Unix administrator's handbook.
You should create a Unix user account for the web
server. You probably want the server to have restricted access to your
system resources and to run under a nonprivileged system user account.
When the web server starts, it runs with this
Unix user account (you'll specify this account during installation). Any
child processes of the server are created with this account as the owner.
The account needs read permissions for the configuration files and write
permissions for the logs directory. For security reasons, the
user account shouldn't have write permissions to some of the configuration
files, though some, such as the access control files, should be group writable.
If the security of the server is compromised, no one can write to the configuration
files.
In addition, the user account you create for the
server should belong to a group that contains the server users for all
Netscape SuiteSpot servers. With a SuiteSpot group, multiple servers can
have access to shared files.
You should create a dedicated account for
the web server. You can use the account with the name nobody,
but you might not want to give the user nobody SuiteSpot group
permissions. In addition, the user nobody might not work on some
systems. Some systems assign a user ID of -2 for the user nobody.
A user ID of less than 0 generates an error during installation. Check
the /etc/passwd file to see if the uid for nobody exists,
and make sure it is greater than 0.
Note
It's strongly recommended that you use a dedicated
account for the server.
The administration server can also run with
a user account that has write permissions to the configuration files for
all installed servers. However, it's much easier to run the administration
server as root because then the administration server user can
start and stop servers with port numbers less than 1024. (Port numbers
greater than 1024 can be started by any user).
For more information about the administration
server, see Managing Netscape Servers.
Choose unique port numbers
You need two port numbers: one for the administration
server and one for the web server.
Port numbers for all network-accessible
services are maintained in the file
/etc/services. The standard web server port number is 80 and
the standard SSL-enabled web server port number is 443, but you can install
the server to any port. If you use a port other than the default port (port
80), the URL used to gain access to your home page will change. For example,
if your computer is called www.mozilla.com and you choose port
9753, your server's URL will be http://www.mozilla.com:9753/.
You should choose a random number for the
administration server to make it harder for anyone to breach your server.
When you configure your server, you use the administration server's port
number. For example, for server mozilla.com, the server's URL
could be http://www.mozilla.com:2634/.
Make sure the port you choose isn't in use.
Check the file /etc/services on the server machine to make sure
you don't assign a port number that is reserved for another service. If
you choose a port that is being used by another service, the installation
program prompts you for another port.
Note
If you choose a server port number lower than 1024,
you must be logged in as root to start the server. After the server
is bound to the port, the server changes from the root user account
to the user account you specify. If you choose a port number greater than
1024, you don't have to be the root user to start the
server.
Migrating existing server settings
Before you migrate a 2.x server to a 3.0 server you
should read the information on upgrading/migrating in Managing Netscape
Servers.
Use the administration server to migrate
settings from a previous version of the server. For more information, see
"Migrating a server from a previous version"
on page 46.
Copy any documents that you still want to
use from your 2.0 document directory to your new 3.0 document directory.
Installation instructions
The following sections describe the installation
of the Netscape Enterprise Server.
Warning
You must install your version 3.0 servers in a separate server
root directory from the server root that contains your 2.x servers.
Before installing the Netscape Enterprise Server,
install Netscape Navigator 3.0 (or later) or Netscape Navigator Gold. You
need one of these applications installed to configure your server. Both
applications are available for downloading from http://home.netscape.com;
Navigator Gold is included with Netscape Enterprise Server.
Logging in as the correct user
Before you install the server, you must log in as
root, unless you meet both these conditions:
-
You plan to install the server on a port greater than 1024.
-
The location where you plan to install the server (the server root directory)
is writable with your current login status.
If you meet these conditions, you should log in with
the user account that the administration server will use.
Unpacking the files
To get the Netscape Enterprise Server files and unpack
them, follow these steps:
-
Put the Netscape Enterprise Server CD-ROM in the drive and change to the
directory on the CD-ROM labeled with the Unix operating system that your
computer uses (for example, type cd solaris).
-
Type cd entprise to change to the installation directory.
-
Copy the entprise.tar file from the CD-ROM directory to your home
directory or another directory. This directory should not be the
directory where you plan to install the server. The installation program
needs about 100 MB of disk space. Copying the file may take a little time.
-
Change to the directory where you copied the .tar file.
-
Unpack the .tar file by typing tar xvof entprise.tar.
This command unpacks the server files and creates a temporary directory
structure under the current directory. Unpacking the file may take a little
time.
-
Type cd enterprise-30-export-us (for the export version) or enterprise-30-domestic-us
(for the U.S. version) to change to the new directory. This directory contains
a README text file that has up-to-date information about the Netscape Enterprise
Server. You should read this file before continuing.
Running ns-setup
To run ns-setup, follow these steps:
-
Type ./ns-setup to start the server installation. If you aren't
logged in as the root user (superuser), or if you don't have sufficient
write permissions, you'll get one or more error messages.
-
Choose whether you accept the software license agreement by typing yes
to accept, or no to decline.
-
Type a server root directory or accept the default. This is the directory
where the server files and directory structure will be installed. The
program extracts the server files for the administration server and the
Netscape Enterprise Server from the .tar files. This may take
a little time.
-
If you already have a version of the administration server installed, you
are asked if you want to configure the server. Type yes to continue.
Type no or press Enter to use the existing configuration.
-
Type the machine name or accept the default.
-
Type the administration server port number or accept the randomly generated
default. Make sure you remember the port number for the administration
server.
-
Type the administration server user. In many cases this user is root.
-
Type the user name and group that the Netscape Enterprise Server will run
as. This user should be different from the administration server user.
The user should belong to the group that has access privileges for SuiteSpot
servers.
-
If you have existing installations of Netscape servers that use the previous
version of the administration server, enter the path to them here. Or,
if you are planning to install a server that uses the older administration
server, enter the path to where you are planning to install it. If you
change your mind about the pathname, you need to edit the file server_root/admin-serv/config/sr2x
to include the new path.
-
If you are using an LDAP-based directory server, type yes. If
not, type no. If you are answered yes,
type the LDAP server URL with the correct SSL information, server name,
server port, and distinguished name (DN).
-
Type the administration server access User name and password. (You will
be asked to type your password twice for verification.) If
you are using LDAP-based authentication, you must make sure that this user
has access permissions to the LDAP server to perform user/group management
tasks.
-
The installation program writes the parameters in the administration server
configuration files and starts the administration server. Press any key
to continue with the installation.
You are now ready to configure your new server. You
will be prompted for the name of your network client. The default is Netscape
Navigator. If you want, you can launch the client and begin configuring
your Netscape Enterprise Server immediately.
Note
Netscape recommends that you configure your server immediately
after installation.
Configuring your new Netscape Enterprise Server
To complete the installation, you must configure
your server using the administration server's Server Administration page.
After the installation program writes the configuration files to the disk,
the administration server starts and this page is displayed.
If you don't understand a setting, you can use the default
value and later change it via the Server Manager forms.
The configuration HTML form collects data used to generate
the configuration files magnus.conf and obj.conf. The
server uses these files to control how it works. For complete documentation,
see the NSAPI Programmer's Guide on the Netscape DevEdge web site
at
http://developer.netscape.com/library/documentation/.
The last step of running ns-setup started
your network client. If your client isn't running, start it. Type the URL
for your server's administration server, using the following format:
http://system_name:admin_port/
Here system_name represents
the name you entered for your system's full name during installation and
admin_port is the administration port you specified (for
example, http://server1.mozilla.com:54321/).
To configure your web server follow these
steps:
-
From the Server Administration page, click Create New Netscape Enterprise
Server.
-
Type the server name. The default is the current server name, but you can
enter another server name if you want. Users will use this name when they
access your server. Include your machine and domain name. If your system
administrator has set up a DNS alias for your server, enter the alias here.
If not, use the machine's name combined with your domain name as the server's
name.
-
Type the IP address your server should listen to (the bind address). Leave
this field blank if you're not planning to have your system answer to different
IP addresses.
If you want your system to answer to multiple
addresses, you need to configure your system to listen to multiple IP addresses.
For more information on having your server answer multiple IP addresses,
see "Setting up multiple servers" on page
44.
-
Type the port number of your server. This number can be any number from
1 to 65535. Keep the following in mind when choosing a port number:
-
The standard HTTP port number is 80; the standard HTTPS port number is
443.
-
If you use a port other than the default port (port 80), the URL used to
gain access to your home page will change. For example, if your computer
is called www.mozilla.com and you choose port 9753, your server's
URL will be http://www.mozilla.com:9753/.
-
To use a port number lower than 1024, you must start all processes as root
(superuser).
-
Make sure the port you choose isn't already in use or reserved for another
service. Look at the file /etc/services on the server computer
to make sure you don't assign a port number that is reserved for another
service.
-
If you activate security features on your server, the default HTTPS port
is 443. Before security features are active, you can access your server
by using a URL of http://your_server.domain.dom:443/.
-
Type the server identification that the administration server will use
for your server. The server identification should contain no spaces or
slashes.
This identification will also be used as the
name for the directory in your server root where configuration files are
stored. The following are some examples:
mozilla-unsecure
mozilla-secure
unsecure_test_area
-
Type the user name you want the server to run as. The server user should
only have restricted access to your system resources. You might need to
start the server as the root user (superuser), but you probably don't want
the server running as root. The server will automatically change its user
name after startup to the Unix user you enter here.
You can often use a user named nobody
in this situation. On some systems, however, nobody isn't a valid
user name. Also, the server user should have group access to certain files
used by all Netscape SuiteSpot servers. You might not want to give the
user nobody group access to those files. If you do not use nobody,
create a new Unix user for the server. If you are unfamiliar with creating
Unix users, see your system administrator or your system documentation.
-
Type the Message Transfer Agent (MTA) host. You must enter a valid MTA
host if you want to use the agent email function.
-
Type the Network News Transfer Protocol (NNTP) host. You must enter a valid
NNTP host if you want to use agents with the capability to post to news.
-
Specify when you want the server to resolve IP addresses to hostnames.
When an HTTP client connects to your server, it knows the client's IP address
but not its hostname (for example, it doesn't know that the hostname for
198.95.251.30 is www.netscape.com). If your server responds to
many requests per day, stopping hostname resolution can reduce the load
on your DNS or NIS server.
You have three choices: you can choose to have
hostnames resolved always, you can choose to have them resolved only for
access control and CGI, or you can choose never to have hostnames resolved.
Choose one of these options by clicking the radio button next to it.
-
Type the server's document root directory. This directory will contain
most of your server documents. If the directory you enter doesn't exist,
the software will create it.
By creating a document root for all of your documents,
you place all of your documents in one location, and the server handles
the URLs. Any request for a document is automatically redirected to the
document root you enter here. Because full file system pathnames are neither
used nor displayed on any client's network navigator, your file system
is safe, and users won't be able to get information about the rest of your
system.
-
Click OK.
If the configuration was successful, you will see
a page showing your new server's name, the port it listens to, and the
primary document directory. From this page, you can configure your server
further, register your server for technical support, install another server,
or return to the Server Administration page. Clicking on the "Configure
your server further" link will take you to the Server Manager, where you
can configure your server. For more information about the Server Manager,
see "Using the Server Manager" on page 48.
What the installation process does
The installation process places all the files under
the server root directory that you specified during installation.
The following files are created under the
server root directory:
-
start-admin is the script that starts the Server Manager. The
Server Manager lets you configure all servers installed in the server root
directory.
-
stop-admin is the script that stops the Server Manager.
-
restart-admin is the script that restarts the Server Manager.
The following directories are created under the server
root directory.
-
admin-serv contains administration server directories:
-
config contains the administration server's configuration files.
-
logs contains the administration server's log files.
-
adminacl contains the files that store access control configuration
information for the administration server.
-
authdb contains user databases in the 2.x format, if you have
any. Databases for the current release are in the userdb directory.
-
alias contains the key and certificate files for all Netscape
servers.
-
bin contains the binary files for the server, such as the
actual server, the administration forms, and so on.
-
docs is the server's default primary document directory, where
your server's content files are usually kept. If you are migrating settings
from an existing server, this directory doesn't appear until you finish
the migration process.
-
extras contains a log analysis tool.
-
The flexanlg directory contains a command-line log analyzer. This
log analyzer analyzes files in flexlog format.
-
The log_anly directory contains the log analysis tool that runs
through the Server Manager. This log analyzer analyzes files in common
log format only.
-
httpacl contains the files that store access control configuration
information in the generated.server-identifier.acl and
genwork.server-identifier.acl files. The file generated.server-identifier.acl
contains changes you make using the Server Manager access control forms
after saving your changes; genwork.server-identifier.acl
contains your changes before you save your changes. In addition,
this directory contains the agents.acl file, which contains the
access control configuration information for agents.
-
https-identifier are the directories for
each server you have installed on the machine. Each server directory has
the following subdirectories and files:
-
This directory contains shell scripts to start, stop, and restart the server
and a script to rotate log files.
-
agents-db contains files used by agents.
-
catalog contains files used by the auto-catalog feature.
-
config contains the server's configuration files: agent.conf,
csid.conf, filter.conf, magnus.conf, magnus.conf.clfilter,
mime.types, obj.conf, obj.conf.clfilter, process.conf
rdm.conf, robot.conf, webpub.conf, and webpub.conf.clfilter.
Working copies are kept here. For complete information on magnus.conf
and obj.conf, see the NSAPI Programmer's Guide on the DevEdge
site at
http://developer.netscape.com/library/documentation/.
-
conf_bk contains backup copies of the server's configuration files.
-
db contains the RDM (Resource Description Messaging) schema used
by the auto catalog feature.
-
logs contains any agent, error, and access log files.
-
include contains header files.
-
install contains files needed for migrating server settings
and default configuration files needed for backward compatibility.
-
js contains the Application Manager and the samples for server-side
JavaScript.
-
lib contains shared libraries.
-
manual contains the online manuals for the product.
-
ns-icons contains icons for FTP listings and Gopher menus used
in "fancy" indexing lists. For more information about fancy indexing lists,
see "Configuring document preferences" on
page 57.
-
nsapi contains header files and example code for creating your
own functions using NSAPI. For more information, see Netscape's DevEdge
online documentation web site at
http://developer.netscape.com/library/documentation/index.html.
-
plugins contains directories for Java, agents, search, and other
plugins.
-
userdb contains user databases and related information.
-
wai contains information and sample code for using the Web Application
Interface (WAI).
Troubleshooting installation
This section describes the most common installation
problems and explains how to solve them.
I accidentally denied all access to the Server
Manager forms.
Log in to the system as root or with the server's user account.
In the admin-serv/config directory, edit the ns-admin.conf
file. There's a line for allowed hosts or allowed addresses. Use wildcard
patterns, or modify the lines to include your host and address, save the
file, and then restart the administration server.
Clients can't locate the server.
First, try using the hostname. If that doesn't work, use the fully
qualified name (such as www.domain.com), and make sure the server is listed
in DNS. If that doesn't work, use the IP address.
The port is in use.
Most likely, you didn't shut down a server before you migrated the
settings. Shut down the old server, then manually start the new one.
The port might also be used by another installed
server. Make sure the port you've chosen isn't already being used by another
server.
The server is slow and transfers take too long.
If you log accesses through SYSLOG, you might encounter reduced
performance. Switch to using the server's error log files instead.
The server machine might need more RAM. Also,
other applications running on the computer might be using CPU cycles, degrading
server performance.
I've forgotten the administration user name
and password.
In the admin-serv/config directory in your server root directory,
edit the admpw text file, which contains a line of text similar
to the following:
admin:lnOVeixulqkmU
The text before the colon is the administration
user name (in this case, admin); the text following the colon
is the password, which is encrypted.
Delete everything after the colon and save the
file. Shut down the administration server, and restart it. When prompted
for the administration password, leave the password field blank. You should
be able to access the administration server now. Be sure to create a new
password for the administration server. For more information on creating
a new password for the administration server, see Managing Netscape
Servers.
Copyright 1997 Netscape Communications Corporation.
All rights reserved.