Directory Administration Server
The directory Administration Server idsdiradm enables
remote management of an instance of Directory Server. It must be installed
on the system where IBM® Security Directory
Suite is
installed and must be running continuously.
The directory Administration Server accepts requests by way of LDAP extended operations and supports starting, stopping, restarting, and status monitoring of Directory Server.
The directory Administration Server does not support any access to the configuration file or the configuration backend. However, it supports dynamic update requests. By supporting dynamic update requests, the server ensures that its in memory configuration remains in sync with the server’s configuration. For instance, if an update is made to the configuration file that impacts both the admin server and the Directory Server, the dynamic update request is sent to both the admin server and the Directory Server.
- Port 3538 for non-SSL connections
- Port 3539 for SSL connections, if SSL communication is enabled
The directory Administration Server can also be used to do root DSE searches.
To start the directory Administration Server, run the program idsdiradm from
any command prompt. See Starting an instance of the directory Administration Server.
- The Administration Server supports auditing version 3 only.
- The Administration Server auditing is enabled for all operations by default.
- If you enable SSL communication, the directory administration server must be stopped and restarted for SSL to take effect. See Using Web Administration.
- If you change the time zone on Windows system, restart the server and the Administration Server to recognize the time change. The server restart ensures that the time stamps in the Administration Server's logs match the time stamps in the server's logs.
- The Administration Server supports all read log access extended operations. The log files can be read remotely even when the directory server is not running.