Show Table of Contents
Appendix G. Using the Console
G.1. Overview of the Directory Server Console
Red Hat Management Console is the user interface to manage Red Hat Directory Server and Administration Server configuration and directory information. There is a single main Console window which administers the servers (collected and identified in administration domains). The main Console allows you to open server-specific Consoles to manage the settings and information in individual instances.
This chapter provides an overview of how the Console interacts with the Directory Server and Administration Server and walks through the Console windows and options.
G.1.1. How the Console, Directory Server, and Administration Server Work Together
The Red Hat Console is an independent Java application which works in conjunction with instances of Red Hat Directory Server and Administration Server. Most server management functions are carried out in server-specific console windows for the Directory Server and Administration Server. Red Hat Console is part of a system that manages Red Hat Directory Server instances and the Administration Server and, therefore, information in the directory. Although Red Hat Directory Server, Red Hat Management Console, and Red Hat Administration Server work tightly with one another, each plays a specific role in managing servers, applications, and users.
Red Hat Management Console is the front-end management application for Red Hat Directory Server. It finds all servers and applications registered in the configuration directory, displays them in a graphical interface, and can manage and configure them. The Main Console can also search for, create, and edit user and group entries in the user directory.
Figure G.1. The Red Hat Management Console Interface
When a user logs into Red Hat Management Console, the Console connects to the Administration Server over Hypertext Transfer Protocol (HTTP). The Administration Server receives requests to administer the different Directory Server instances and performs the changes to the configuration, such as changing a port number. When a request is sent to the Red Hat Management Console to add or edit user entries, the Console sends a Lightweight Directory Access Protocol (LDAP) message directly to Directory Server to update the user directory.
Figure G.2. Simple System Using Red Hat Management Console
Red Hat Directory Server stores server and application configuration settings as well as user information. Typically, application and server configuration information is stored in one subtree of Red Hat Directory Server while user and group entries are stored in another subtree. With a large enterprise, however, configuration and user information can be stored in separate instances of Directory Server (which can be on the same host machine or on two different host machines). Figure G.2, “Simple System Using Red Hat Management Console” illustrates a relatively simple Red Hat Directory Server system. As an enterprise grows and needs change, additional hosts and Directory and Admin Servers can be added to the administration domain in the Console, so that a single Console can manage multiple Directory and Admin Servers.
Figure G.3. A More Complex System
Note
When the terms configuration directory and user directory are used in this guide, they define where the configuration information and the user information is stored, regardless of whether that is in the subtrees of a single instance of Directory Server or in two separate instances of Directory Server.
G.1.2. Red Hat Management Console Menus
There are five menu items in the top menu the Console. The options for each of these menus varies depending on the Console window open (the main Console, Directory Server Console, or Administration Server Console) and the types of objects available in that server area.
Figure G.4. Main Console Menus
G.1.3. Red Hat Management Console Tabs
There are two tabs in the main Console window:
- Servers and Applications, for managing the Directory Server and Administration Server instances
- Users and Groups, for searching for and creating user and group entries within the Directory Server
G.1.3.1. The Servers and Applications Tab
The Servers and Applications tab, by default, has a navigation tree on the left for viewing hosts and Directory and Administration Servers and a center information panel. To access the Directory Server instance, directory information, or Administration Server, open the server resource listed in the navigation tree. The information for the server instance, such as the build number and port number,
The navigation tree displays the Red Hat Directory Server topology, a hierarchical representation of all the resources (such as servers and hosts), that are registered in a configuration directory.
Figure G.5. The Servers and Applications Tab
The top of the topology is the administration domain. An administration domain is a collection of host systems and servers that share the same user directory. The server which hosts Directory Server or Administration Server instances belongs to the admin domain; that is the host.
A server group consists of all Directory Servers that are managed by a common Administration Server. A number of server groups can exist within an administration domain.
G.1.3.2. The Users and Groups Tab
The Users and Groups tab can search for user and group entries in any Directory Server administered by the Console. Any of the returned entries can be edited or deleted through this tab, assuming that the users has the proper access permissions. New entries can also be created through the Users and Groups tab.
Figure G.6. The Users and Groups Tab
Switch the directory being searched or where the entries are added through the options in the menu, as described in Section G.4.1, “Searching for Users and Groups”.
G.1.4. Server-Specific Consoles
The main Console can open into two server-specific windows to manage the Administration Server and Directory Server. These windows are opened by clicking the server name in the navigation area, and then clicking the button in the resources area.
G.1.4.1. The Directory Server Console
The Directory Server Console manages the specific Directory Server instance configuration, including the port number, TLS settings, and logging. The Directory Server Console also manages the directory information (entries) and directory operations like importing and exporting databases, creating suffixes, and extending the schema.
Figure G.7. The Directory Server Console
There are four tabs in the Directory Server Console:
- Tasks, which has shortcuts to common server operations, including starting and stopping the Directory Server instance, importing and exporting databases, and managing TLS certificates
- Configuration, which defines all of the server configuration settings, including SASL and TLS authentication, port numbers, schema, replication and synchronization, databases and suffixes, logging, and plug-ins
- Directory, which access and manages the directory information, including user entries and all group entries, including roles, classes of service, views, and groups
- Status, which monitors the server performance and displays the different monitoring and performance counters for the Directory Server and databases
Similar to the main Console, the Directory Server Console tabs have a navigation area on the left and a center panel that displays information about the active setting, entry, or database.
The procedures for using the Directory Server Console to manage the Directory Server configuration and directory entries is covered in the Red Hat Directory Server Administration Guide.
G.1.4.2. The Administration Server Console
The Administration Server itself administers the configuration of other servers, especially the configuration and user directories for the server group. The Administration Server Console manages the Administration Server settings and the settings for these two Directory Server directories; whenever the settings are changed in the Directory Server configuration, the modifications must be carried into the Administration Server configuration for the server to properly manage those servers.
Figure G.8. The Administration Server Console
The Administration Server Console is simpler than the Directory Server Console, with only two tabs:
- Tasks, which has shortcuts to common server operations, including starting and stopping the Administration Server instance, setting up logging, and managing TLS certificates
- Configuration, which defines all of the Administration Server configuration settings, including TLS authentication, port numbers, and logging, as well as the Configuration Directory Server and User Directory Server settings which the Administration Server uses to connect to the directory services
The procedures for using the Administration Server Console to manage the Administration Server configuration and associated directory services is covered in the Using the Admin Server guide.