2.2 Enabling and Maintaining SecretStore

SecretStore can be installed in two different ways, both of which require that the user be logged in and authenticated to eDirectory as admin:

  1. Use the product installation CD to run the client and server installs to upgrade the server and client to support SecretStore.
  2. Manual installation of SecretStore components through the Novell Development Kit (NDK) complying with SecretStore requirements. For more information, see Section 1.4, Deployment Dependencies.

Server installation is not required for eDirectory version 8.8 and newer.

2.2.1 Server Installation for NetWare and Windows

  1. Login as the admin to the server.

  2. Copy sss, ssncp, ssldp, and lsss components to SYS:SYSTEM directory on NetWare or Novell\NDS directory on Windows.

  3. While logged in as admin, make the target server your primary tree and connection through Network Neighborhood connection table tab.

  4. Run sssinit.exe supplied by the NDK toward the target server to extend the schema.

  5. Run ldap.exe supplied by the NDK toward the target server to add LDAP extensions to the target server. /h or /H or /? Command line options will give you the usage information on this program

  6. Modify autoexec.ncf to add the following lines on NetWare in the order listed below to load the SecretStore NCP plugin:

           load ssncp.nlm

    The NLDAP server automatically loads the LSSS extension manager, which loads ssldp plugin, then sss server.

  7. On Windows Servers, use the eDirectory Console to make these components autoload.

    NOTE:The install program extends the schema on the user object to add SecretStore by default.

  8. Once SecretStore is installed and the schema has been extended, SecretStore can be tested by executing sstst.exe for NCP or lstst.exe for LDAP access. The source code for these test programs is provided in the NDK for developers use.

  9. SecretStore operations can also be tested through ssmanager.exe that is supplied in the SDK.