Appendix E. Managing the Administration Server

E.1. Introduction to Red Hat Administration Server

Identity management and directory services with Red Hat Directory Server use three components, working in tandem:
  • A Java-based management console
  • An administration server which also functions as a web server
  • An LDAP directory server
Interactions between the Console, Administration Server and Directory Server

Figure E.1. Interactions between the Console, Administration Server and Directory Server

The Administration Server processes configuration requests for Directory Server instances and performs many common server tasks, such as stopping and starting server instances. Directory services are usually divided into two categories: configuration databases which store the Console and Administration Server settings and some Directory Server configuration and user databases which contain user and group information. These databases can be kept in the same Directory Server instance, but it is also possible to break these services into separate Directory Server instances. In that case, a Directory Server instance's configuration are stored in a separate Directory Server, called the Configuration Directory Server, and user data is stored in the User Directory Server. Because the Administration Server processes server configuration requests for Red Hat Directory Server, the Configuration Directory Server and User Directory Server instances are both defined in the Administration Server configuration.
As a web server, the Administration Server provides all of the online functions of the Directory Server, including handling connections to the Console and hosting web applications such as Admin Express. Clients connect to the Administration Server both over secure and standard connections, since the Administration Server supports both HTTP or HTTPS, if TLS is enabled.
When Red Hat Directory Server or Red Hat Certificate System (which depends on Red Hat Directory Server) is installed, then the Administration Server is automatically installed and configured as well. There can be multiple Directory Server instances and multiple Certificate System subsystems on a single machine, and all use the same instance of Administration Server.
There can be only one Administration Server per machine. This single Administration Server instance can handle multiple instances of Directory Server and other clients which can use the Administration Server, like Red Hat Certificate System.
When the Console is opened to manage an instance of Directory Server or Certificate System, even if the Console is on a different machine than the server instance being managed, it contacts the local Administration Server instance to perform the requested tasks. For example, Administration Server can execute programs to modify the server and application settings that are stored in the configuration directory or to change the port number that a server listens to.
The Administration Server itself can be managed through its own Java-based interface, by editing its configuration files, or through command-line tools.