Creating a proxy server instance with custom settings

Edit online

Use Instance Administration Server to create a proxy server instance with custom values as per your requirement.

To create a proxy server instance, you must complete the following tasks:
  1. Start Instance Administration Tool. See Starting Instance Administration Tool.
  2. Click Create an instance.
  3. In the Create or migrate panel of the Create new directory server instance window, complete the following steps to create a proxy server instance:
    1. Click Create a new directory server instance.
    2. Click Set up as proxy.
  4. Click Next.
  5. In theInstance details panel of the Create new directory server instance window, specify the following values:
    1. From the User name list, select the user name that owns the instance.
      The instance is assigned the same name as the user name.
    2. If you want to associate a new user account with the instance, click Create user.
      In the Create new user for directory server instance window, complete the following steps:
      1. In the User Name field, enter the user name.
      2. In the Password field, enter a password for the user account.
      3. In the Confirm password field, enter the password for the user account.
      4. In the Home directory field, enter the home directory to configure for the user account. You can click Browse and specify the home directory.
      5. In the Primary group field, enter the primary group name of the user.
      6. To create the user account, click Create.
    3. To modify an existing user account, select the user name from the User name list and click Edit user.
      In the Edit the user for directory server instance window, complete the following steps:
      1. The User Name field is populated with the user name.
      2. In the Password field, enter a password for the user account.
      3. In the Confirm password field, enter the password for the user account.
      4. In the Home directory field, enter the home directory to configure for the user account. You can click Browse and specify the home directory.
      5. In the Primary group field, enter the primary group name of the user.
      6. To edit the user account, click Edit.
      7. In the Edit the user for directory server instance confirmation window, click Yes.
  6. In the Instance location field, enter the location of the proxy server instance. You can click Browse and specify the instance home directory.
    The location must contain at least 30 MB of free disk space.
    On Windows systems, the location is a disk drive, such as C:. The directory instance files are stored in the \idsslapd-instance_name directory on the disk drive you specify. The instance_name variable is the name of the proxy server instance.
    On AIX® and Linux® systems, the home directory of the proxy server instance owner is the default instance location, but you can specify a different path.
  7. In the Encryption seed string field, enter the encryption seed for the instance.
    Remember: You must remember the encryption seed of the instance, since it might be required for other configuration tasks.
    The encryption seed must contain only printable ISO-8859-1 ASCII characters with values in the range of 33 to 126. The encryption seed must contain a minimum of 12 and a maximum of 1016 characters. For information about the characters to use, see ASCII characters from 33 to 126. The directory server uses the encryption seed to generate a set of Advanced Encryption Standard (AES) secret key values. The key stash file of a directory server instance store the key values, and are used to encrypt and decrypt password and attributes.
  8. In the Confirm encryption seed field, enter the encryption seed for the instance.
  9. If you want to provide an encryption salt value, click Use encryption salt value.
    1. In the Encryption salt string field, enter an encryption salt value for the instance.
      The encryption salt must contain only printable ISO-8859-1 ASCII characters with values in the range of 33 to 126. The encryption salt must contain 12 characters. For information about the characters to use, see ASCII characters from 33 to 126.
    2. In the Confirm encryption salt field, enter the encryption salt value for the instance.
  10. Optional: In the Instance description field, a description of the instance.
    The description helps in identifying the instance.
  11. Click Next.
  12. In the TCP/IP settings for multihomed hosts panel, select one of the following options:
    • If you want the instance to listen on all IP addresses, select Listen on all configured IP addresses.
    • If you want the instance to listen on a particular set of IP addresses that are configured on the computer, complete the following steps:
      1. Clear Listen on all configured IP addresses.
      2. From the Select the specific IP addresses to listen on list, select the IP address or addresses that you want the instance to listen on.
  13. Click Next.
  14. In the TCP/IP port settings panel, specify the following values:
    Note: You must assign a unique port numbers to the directory server ports and must not conflict with existing ports that are in use on the computer. ON AIX and Linux systems, port numbers in the range of 1 - 1000 can be used only by root.
    1. In the Server port field, enter the port number that you want the server to use as its unsecured port. The number must be in range of 1 - 65535.
    2. In the Server secure port field, enter the port number that you want the server to use as its secured port. The number must be in the range of 1 - 65535.
    3. In the Administration server port field, enter the port number that you want the administration server to use as its unsecured port. The number must be in the range of 1 - 65535.
    4. In the Administration server secure port field, enter the port number that you want the administration server to use as its secured port. The number must be in the range of 1 - 65535.
    5. Click Next.
  15. In the Optional steps panel, complete the following steps:
    1. To configure the administrator DN and password for the instance, select Configure administrator DN and password.
      You must set the administrator DN and password for a proxy server instance.
    2. Click Next.
  16. In the Configure administrator DN and password panel, complete the following steps:
    1. In the Administrator DN field, enter a valid DN or accept the default DN, cn=root.
      The administrator DN value is not case-sensitive. The administrator DN user has full access to all data in the instance.
    2. In the Administrator Password field, enter the password for the administrator DN.
      Passwords are case-sensitive. Double byte character set (DBCS) characters in the password are not valid.
    3. In the Confirm password field, enter the password for the administrator DN.
      You must remember the password for future reference.
    4. Click Next.
  17. In the Verify settings panel, verify the summary that is generated.
  18. To start the proxy server instance creation, click Finish.
  19. In the Results window, verify the log messages that are generated for the instance creation operations.
  20. To close the Results window, click Close.
  21. To close Instance Administration Tool, click Close.
Instance Administration Tool creates a proxy server instance on the computer.
You must start the administration server and theibmslapd process in configuration only mode and configure back-end servers. See the Administering section in the IBM® Security Verify Directory documentation.