Users and groups that are associated with a directory server instance

Edit online

To create a directory server instance or a proxy server instance, you must create user and group with the required permissions.

If you want to create an instance on your computer, you must associate the instance with a system user ID. This user ID is the owner of the directory server instance. If a system user ID does not exist for an instance, you must create a user ID on the computer. To create a user ID for the directory server instance owner, database instance owner, and database owner, you must follow the naming rules. For more information about the naming rules, see Naming rules.

For a full directory server, you must also associate system user IDs as the owners of the database instance and the database. You can use the same user ID for all three roles. If you use the same user ID, the directory server instance, database instance, and database owner all contain the same owner name.

If you use Instance Administration Tool to create a directory server instance, you can create the directory server instance owner user ID with the tool. You can also use the idsadduser command to create the directory server instance owner user ID. The command creates a user ID that meets all the requirements.

The user ID that you associate with the directory server instance owner, database instance owner, and database owner contain the following roles:

Directory server instance owner: A system user ID must exist on the computer that serves as the directory server instance owner. The user ID for the directory server instance owner is also the name of the directory server instance. This user is assigned the authority to manage the directory server instance.; On Windows, a member of the Administrators group also has the authority to manage the directory server instance. On AIX® and Linux®, the primary group of the directory server instance owner also contains the authority to manage the directory server instance.
Note: On AIX and Linux , the instance owner names are case-sensitive. You must always specify the directory server instance name and owner exactly as the user ID is specified. The following example shows two different owner names, JoeSmith and joesmith.
Database instance owner: The user ID that serves as database instance owner owns the database instance that is configured for a directory server instance. The database instance name and the database instance owner name are the same. This user manages the database instance. The directory server instance owner can also manage the database instance. By default, this user ID is the same as the user ID that owns directory server instance.
Database owner: This user ID owns the database that is used by the directory server instance to store the directory data. The database is stored in the database instance that is owned by the database instance owner. The directory server instance uses the database owner user ID and the password to connect to the database.