8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
1/15
Configuring IBM Tivoli Directory
Server 6.3 in a Linux OS clusteringEnvironment for ig! "vaila#ility$%ritten using &EL 6.' an( TDS 6.3)
Document version *.+
,eelam Solen-i
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 1
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
2/15
CO,TE,TS
Revision History.................................................................................................... 3
1. Introduction....................................................................................................... 4
2. Tivoli Directory Server Configurations for High Availaility!!!!!............. "
3. Tivoli Directory #ro$y Server !!!!!!!!!!!!!!!!!.............. %
4. Introducing to Tivoli Directory #ro$y Server in an e$isting Tivoli Security
Infor&ation and 'vent (anager environ&ent !!!!!!!!!!!!!!.. )
". Ste*s to set u* the re*lication for ac+,ends !!!!!!!!!!!!...!1-
). Resources !!!!!!!!!!!!!!!!!!!!!!!!!!!!..1
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 2
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
3/15
&EISIO, ISTO&/
Date ersion &evise( By Comments
2/-%/2-13 1.- 0eela&Solen+i
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 3
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
4/15
1. IntroductionI( Tivoli Directory Server TDS softare *rovides a reliale *latfor& for yourenter*rise security initiatives. This enter*rise identity &anage&ent softare fro&Tivoli uses 5ighteight Directory Access #rotocol 5DA# to *rovide a trusted
identity data infrastructure for authentication.Tivoli Directory Server *rovides identity &anage&ent for co&*anies that ant tode*loy a roust and scalale identity infrastructure. It also &aintains highavailaility ith &aster/suordinate and *eer,to,*eer re*lication ca*ailities andscheduled online or offline ac+u* and re&ote restore.
This article de&onstrates the configuration of I( Tivoli Directory Server in a5inu$ 6S clustering environ&ent for High availaility. This docu&entde&onstrates the ay to configure the *ri&ary TDS server7 the ste*s to configurethe standy TDS server7 and the scri*ts needed y 5inu$ 6S cluster.
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age -
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
5/15
2. Tivoli Directory Server Confgurations orHigh Availability
'.* 0ro(uct levels use(
RH'5 8.2Tivoli Directory Server 8.3RH'5 6S cluster
In these configurations e have the folloing si&*le 6S clustering configured9
0rimary TDS ,o(eHostna&e9 tdsserverAI# Address9 12.18).21.3:::::::::::::::::::::::::::::::::::::::::::::
Stan(#y TDS ,o(eHostna&e9 tdsserverI# Address9 12.18).23.3):::::::::::::::::::::::::::::::::::::::::::::Shared resources eteen the to servers9&esource 1rou2 lda* resource grou* na&ed9 lda*;rgShared Storage9 /ho&e/lda*d2Cluster I# Address9 12.18).23.4-
This configuration assu&es that our 5inu$ Ad&inistrators have already
configured 6S clustering for failover eteen the tdsserverA and tdsserver
servers. They have configured a shared dis+ to failover eteen the to syste&s
using /ho&e/lda*d2 and configured the cluster I# address for I# failover. In
addition they have installed each syste& ith su**orted 6S/#roduct/Cluster
softare levels.
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age .
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
6/15
2.2 Ste2s to configure 0rimary TDS server
1.Install D2 lda*d2> ith the ho&e directory as shared storage /ho&e/lda*d2.
=or installing D2
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
7/15
-. =ollo the sa&e *rocedure to install D2 .% on tdserver 7 ut dont createD2 instance at this ti&e.
,ote /ou nee( to create similar users an( grou2s $4it! same 5IDs an(
15IDs) on secon(ary TDS server i.e t(sserverB
Creation of 5sers 7
useradd ,& ,g idslda* ,d /ho&e/lda*d2 ,s /in/+sh ,* *ass-rd lda*d2useradd ,& ,g idslda* ,d /ho&e/idslda* ,s /in/+sh ,* *ass-rd idslda*useradd ,& ,g dasad&1 ,d /ho&e/dasusr1 ,s /in/+sh ,* *ass-rd dasusr1useradd ,& ,g d2fad&1 ,d /ho&e/d2fenc1 ,s /in/+sh ,* *ass-rd d2fenc1
Creation of 1rou2s 7
rootEid&d$l43tenoi FG grou*add d2fad&1
rootEid&d$l43tenoi FG grou*add d2iad&1rootEid&d$l43tenoi FG grou*add dasad&1rootEid&d$l43tenoi FG grou*add idslda*
". Chec+ the elo files on oth the TDS servers tdsserverA and tdsserverare si&ilar.
i 8etc8grou2idslda*9$9"--9root7lda*d2dasad&19$91-19lda*d2
d2iad&19$91-29rootd2fad&19$91-39
i 8etc82ass4(dasusr19$9"--91-199/ho&e/dasusr19/in/+shlda*d29$9"-191-299/ho&e/lda*d29/in/+shd2fenc19$9"-291-399/ho&e/d2fenc19/in/+shidslda*9$9"-39"--99/ho&e/idslda*9/in/+sh
8. Install Tivoli Directory Server on *ri&ary server using 5inu$ utilities7 follo the
elo lin+ .htt*9//*ic.dhe.i&.co&/infocenter/tivihel*/v2r1/inde$.?s*@to*ic:
2=co&.i&.I(DS.doc2=install%).ht&*ath3D)311-1
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age
http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.IBMDS.doc%2Finstall78.htm&path%3D8_3_11_0_1http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.IBMDS.doc%2Finstall78.htm&path%3D8_3_11_0_1http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.IBMDS.doc%2Finstall78.htm&path%3D8_3_11_0_1http://pic.dhe.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=%2Fcom.ibm.IBMDS.doc%2Finstall78.htm&path%3D8_3_11_0_18/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
8/15
%. efore running instance creation utility e have to &a+e sure all lda* related
lin+s are u*dated to use the ITDS 8.3 version. To do this run
c(8o2t8IBM8l(a286.38#in8
./idslin+ ,i ,g ,l 84 ,s fullsrv
). Creating our ITDS instance.0ote9 In this case e assu&e that the shared storage /ho&e/lda*d2 is&ounted and active on *ri&ary server tdsserverA and that e are naturallyrunning on the #ri&ary 0ode as the root user.#er&issions on ho&e directory9,
Run this co&&and to create the TDS instance9 i(sicrt 7I l(a2(#' 7e *'3:;6+*' 7t l(a2(#' 7l 8!ome8l(a2(#'
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age
http://www-01.ibm.com/support/%3C/a%3Ehttp://www-01.ibm.com/support/%3C/a%3Ehttp://www-01.ibm.com/support/%3C/a%3E8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
9/15
. Configuring the ITDS 8.3 instance dataase
y creating the instance e no have a location and user in hich to configurethe d2 dataase hich ill store our ITDS 8.3 data. To configure the dataaserun the folloing co&&and9
9 i(scfg(# 7I l(a2(#' 7a l(a2(#' 74 2ass4+r( 7t t(s(# 7l 8!ome8l(a2(#'
1-. Jetting the *ri&ary TDS instance readyAt this stage e need to *re*are the instance for *roduction7 *lease set theAd&in D0 and #assord9,
9 i(s(n24 7I l(a2(#' 7u cn?root 72 2ass4+r(
0e$t set the *roduction suffi$. In this e$a&*le o:i& suffi$ is used for the to* ofthe tree.9 i(scfgsuf 7I l(a2(#' 7s o?i#m
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age
http://www-01.ibm.com/support/%3C/a%3Ehttp://www-01.ibm.com/support/%3C/a%3E8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
10/15
11. Testing functionality of TDS *ri&ary server on tdserverAi(ssla2( 7I l(a2(#' $TDS start comman()
12.
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
11/15
'.3 Ste2s to get DB' 4or-ing correctly on t(sserverB
1. 6*en the /etc/services file on tdsserverA and chec+ for *ort infor&ation ofD2 instance.
cat 8etc8services gre2 l(a2
d2c;lda*d2 "---1/tc*d2c;lda*d2i "---2/tc*D2;lda*d2 8----/tc*D2;lda*d2;1 8---1/tc*D2;lda*d2;2 8---2/tc*
D2;lda*d2;'0D 8---3/tc*lda*d2svcids 3%88/tc*lda*d2svcidsi 3--/tc*
2. Co*y the aove entries fro& tdsserverA /etc/services file and *aste it ontdsserver /etc/services file and save it .D2 relies on a file called (#'no(es.cfgto tell it hich syste& hostna&e thedataase is located on. If e loo+ at this file directly after failover on tdsservere see that it is *ointing to tdsserverA.
9 cat 8!ome8l(a2(#'8slli#8(#'no(es.cfg
At this ti&e hoever7 e are running on tdsserver so this file ill need to eu*dated to reflect that change. Le ill eventually scri*t this into the cluster scri*t7ut for no I a& ?ust going to &anually u*date the d2nodes.cfg ased on thevalue returned fro& the co&&and.
3. Try Starting D2 server instance on tdsserver7 your dataase instanceshould start successfully.
4. Install TDS *ac+ages on tdsserver as e$*lained in Ste* 8 and create theTDS instance as defined in ste*) 7 ut dont configure the dataase since D2 isconfigured on shared storage.
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 11
http://www-01.ibm.com/support/%3C/a%3Ehttp://www-01.ibm.com/support/%3C/a%3E8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
12/15
". In addition e need to get the ad&in dae&on line for the TDS instance
fro& /etc/initta file fro& tdsserverA.
9 cat 8etc8initta#and co*y the line9ids-9234"9once9/o*t/i&/lda*/
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
13/15
3. OS Clustering Scri2t for TDS4)'in)'ash )etc)init+d)i'msapd IBM Tivoi init script ch5config( 3-. 0 20 description( IBM Tivoi init script
Source function i'rary++ )etc)init+d)functions
start67 8 echo 9n :Starting i'msapd( : daemon 99chec5 i'msapd )opt)i'm)dap);/+3)s'in)sapd i'mdiradm ?@ return ??@ rm 9f )var)oc5)su'sys)i'msapd return ?
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
14/15
case :?1: in start7 start status7
status stop7 stop restart7 stop start 7 echo :Dsage( i'msapd 8startEstopEstatusEreoadErestartFEpro'eG:
e#it 1 esace#it ?@
Chec+ and validate the TDS failover y shutting don one server fro& the clusterand then vice versa.
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 1-
8/11/2019 Configuring ITDS 6.3 in an Linux OS Clustering Environment
15/15
:. &esources
Tivoli Directory Server #roduct site
Tivoli Directory Server Infor&ation Center. Configuring ITDS 8.1 in HAC(# environ&ent
RH'5 8 Cluster Ad&inistration
Copyright IBM Corporation, 2013 and IBM Security SystemsConfiguring IBM Tivoi !irectory Server in a "inu# $S custering %nvironment for &igh avaia'iityhttp())*3+i'm+com)support)Techdocs age 1.
http://www-01.ibm.com/software/tivoli/products/directory-server/http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.IBMDS.doc/welcome.htmhttp://www-01.ibm.com/support/docview.wss?uid=swg21405230http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/Cluster_Administration/index.htmlhttp://www-01.ibm.com/software/tivoli/products/directory-server/http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.IBMDS.doc/welcome.htmhttp://www-01.ibm.com/support/docview.wss?uid=swg21405230http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/Cluster_Administration/index.htmlTop Related