Red Hat Training

A Red Hat training course is available for Red Hat Directory Server

4.2. Working with Administration Server Instances

There are two additional setup steps that can be done with the Administration Server. This first allows the Administration Server to be accessed by remote clients, so that users can install and launch the Directory Server Console and still access the remote Directory Server file, such as help files. The next allows proxy HTTP servers to be used for the Administration Server.


If you lock yourself out of the Console or Administration Server, you may have to edit the Administration Server configuration directly using LDAP. See for information on editing the Administration Server configuration.

4.2.1. Configuring IP Authorization on the Administration Server

The Directory Server Console can be launched from remote machines to access an instance of Directory Server. The client running Directory Server Console needs access to the Administration Server to access support files like the help content and documentation.
To configure the Administration Server to accept the client IP address:
  1. On the same machine on which the Administration Server is running, launch the Console.
    # redhat-idm-console
  2. In the Administration Server Console, click the Configuration tab, then click the Network tab.
  3. In the Connection Restrictions Settings section, select IP Addresses to Allow from the pull down menu.
  4. Click Edit.
  5. In the IP Addresses field, enter a wildcard to allow the Administration Server to allow all IP addresses to access it. For example, for IPv4:
    Both IPv4 and IPv6 addresses are supported.
  6. Restart the Administration Server.


Adding the client machine proxy IP address to the Administration Server creates a potential security hole.

4.2.2. Configuring Proxy Servers for the Administration Server

If there are proxies for the HTTP connections on the client machine running the Directory Server Console, the configuration must be changed in one of two ways:
  • The proxy settings must be removed from the client machine. Removing proxies on the machine running Directory Server Console allows the client to access the Administration Server directly. To remove the proxy settings, edit the proxy configuration of the browser which is used to launch the help files.
  • Add the client machine proxy IP address to Administration Server's list of acceptable IP addresses. This is described in Section 4.2.1, “Configuring IP Authorization on the Administration Server”.


Adding the client machine proxy IP address to the Administration Server creates a potential security hole.

4.2.3. Installing an Administration Server After Installing Directory Server

A Directory Server instance alone can be installed on a machine using It is possible to go back later and install an Administration Server instance using the command. For example:
When this script runs, it creates a local Administration Server if the server does not exist. The script can also register Directory Server instances with an existing Administration Server.