Novell Documentation: Novell Linux Point of Service - Creating Branch Server Objects in LDAP

6.2 Creating Branch Server Objects in LDAP

Before you can configure and deploy a Branch Server, you must first create the necessary objects in the LDAP directory. These objects include:

One or more organizationalUnit objects to represent your organizational structure.
An scLocation object for each site where a Branch Server is located.
An scServerContainer to contain all the Branch Server objects for a given site.
An scBranchServer object and its associated configuration objects for each Branch Server in your system.
Additional objects for the Point of Service terminals associated with each Branch Server.

NOTE:Each LDAP object has two types of attributes: must and may attributes. The must attributes are required for an object; the may attributes are optional. The tables in this section list only those may attributes that are relevant to Novell Linux Point of Service.

6.2.1 Creating organizationalUnit Objects

In a Novell Linux Point of Service system, Organizational Unit (organizationalUnit) objects are containers that typically represent regions, divisions, or branches within a company. These objects can be nested to visually represent the structure or organization of your company. Branch location objects are created in organizationalUnit containers within the LDAP directory.

Here is the posAdmin command syntax for adding an organizationalUnit object in LDAP (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password 
--base base_context --add --organizationalUnit --ou ou_name 
[--description ‘string’]

Table 6-1 summarizes the organizationalUnit object attributes.

Table 6-1 Attributes for organizationalUnit objects

Attribute	Type	Explanation
--ou ou_name	must	Specifies the name of the organizational unit. For example, `--ou boston`. IMPORTANT:Use only alphanumeric characters.
--description ‘string’	may	Contains a human-readable description of the object.

For example, the following command adds the boston organizational unit to the LDAP directory and gives it the description “main headquarters”:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret --base o=mycorp,c=us --add --organizationalUnit --ou boston --description ‘main headquarters'

The LDAP context of the newly created organizationalUnit is ou=boston,o=mycorp,c=us directory.

6.2.2 Creating an scLocation Object

An scLocation object typically is used to represent a branch office; that is, a site where a Branch Server and Point of Service terminals are located. scLocation containers are used to store information about the Branch Servers and the deployed Point of Service terminals. This and all other information that can be modified at the Branch Server should be stored or referenced in the Location containers to limit the need to grant write privileges to subtrees.

Here is the posAdmin command syntax to add an scLocation object in LDAP (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password 
--base base_context --add --scLocation --cn location_name 
--ipNetworkNumber ip_address --ipNetmaskNumber subnet_mask 
--scDhcpRange ip_address,ip_address --scDhcpFixedRange ip_address,ip_address --scDefaultGw ip_address --scDynamicIp TRUE | FALSE --scWorkstationBasename string --scEnumerationMask number 
[--associatedDomain ldap_context]

Table 6-2 summarizes the command options which correspond to the scLocation object attributes.

Table 6-2 Attributes for scLocation objects

Attribute	Type	Explanation
--cn location_name	must	Specifies the common name of the location object.
--ipNetworkNumber ip_address	must	Identifies the network address of the subnet of the branch. For example,192.168.1.0.
--ipNetmaskNumber subnet_mask	must	Identifies the netmask of the subnet of the branch. For example, 255.255.255.0.
--scDhcpRange ip_address,ip_address	must	Specifies the dynamic IP address range of the subnet’s DHCP server.This is needed to register the Point of Service terminals. It is a comma-separated value pair. For example, 192.168.1.10, 192.168.1.50.
--scDhcpFixedRange ip_address,ip_address	must	Specifies the DHCP server’s fixed IP address range reserved for the Point of Service terminals. It is also a comma-separated value pair, such as 192.168.1.51, 192.168.1.150.
--scDefaultGw ip_address	must	Identifies the default gateway for this location. This is normally a router to the corporate wide area network.
--scDynamicIp TRUE \| FALSE	must	Enables (TRUE) or disables (FALSE) the dynamic IP address range of the DHCP server.
--scWorkstationBasename string	must	Specifies the base name of the Point of Service terminals of a branch. The base name, in combination with the scEnumerationMask, is used to create a unique name for each terminal, which is then associated with an IP address in the scDhcpFixedRange. For example, if the DHCP fixed range starts at 192.168.1.51, the scWorkstationBasename is CR, and the scEnumerationMask is 000, the first terminal to register gets the name CR001 and the IP address 192.168.1.51, the next terminal is named CR002 and gets the IP address 192.168.1.52, and so on.
--scEnumerationMask number	must	Specifies the last portion of the Point of Service terminal name. Refer to the explanation of scWorkstationBasename above.
--associatedDomain ldap_context	may	This optional entry configures the DNS domain and the domain part of the hostnames of the Point of Service terminals to be in the stated domain. If this entry is left empty (the default), the domain is derived from the LDAP structure of the scLocation entry DN. With this entry, a different domain can be chosen.

For example, the following command adds the Harbor scLocation to the LDAP directory, sets the IP addresses and DHCP ranges to the indicated values, and specifies a base name of CR and an enumeration mask of 000 (type the command all on one line):

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base ou=boston,o=mycorp,c=us --add --scLocation --cn harbor 
--ipNetworkNumber 192.168.1.0 --ipNetmaskNumber 255.255.255.0 
--scDhcpRange 192.168.1.10,192.168.1.50 --scDhcpFixedRange 192.168.1.51,192.168.1.151 --scDefaultGw 192.168.1.254 
--scDynamicIp TRUE --scWorkstationBasename CR --scEnumerationMask 000

6.2.3 Adding an scServerContainer Object

Before you can add the scBranchServer object to an scLocation object, you must define an scServerContainer.

Here is the posAdmin command syntax for adding an scServerContainer object in LDAP (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password 
--base base_context --add --scServerContainer --cn object_name

For example, the following command adds an scBranchServer object named server to the LDAP directory:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=east,ou=boston,o=mycorp,c=us --add --scServerContainer 
--cn server

6.2.4 Adding an scBranchServer Object

The next step is to add an scBranchServer object to the new scServerContainer. The scBranchServer object stores configuration information that is specific to each Branch Server. It is located in the LDAP tree via an scLocation object. There must be an scBranchServer object for every Branch Server in the Novell Linux Point of Service system.

IMPORTANT:The location of the scBranchServer object in the LDAP directory must correspond to the hostname defined for the Branch Server during installation. For example, if the hostname is bs.east.boston.mycorp.us, the dn of the scBranchServer object would be cn=bs,cn=server, cn=east,ou=boston,o=mycorp,c=us. You must create the scBranchServer object and its supporting organizational structure before you can run posInitBranchserver and deploy the Branch Server. For more information on defining the server hostname during installation, see Network Interfaces.

Here is the posAdmin command syntax for adding an scBranchServer object in LDAP (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password
--base base_context --add --scBranchServer --cn branch_server_name

As a may attribute, you can define the reference hardware with the --scRefServerDn option, specifying a pointer (Distinguished Name) to the global directory.

For example, the following command adds a Branch Server object named bs1 in the server container:

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scBranchServer --cn bs1

6.2.5 Defining the Branch Server Hardware

The scBranchServer object must contain at least one defined scNetworkcard object. You can define other hardware objects as necessary.

Here is the posAdmin command syntax for adding a network interface card to the Branch Server object (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password
--base base_context --add --scNetworkcard --scDevice device_name 
--ipHostNumber ip_address

Table 6-3 summarizes the command options which correspond to the scNetworkcard object attributes.

Table 6-3 Attributes for scNetworkcard objects

Attribute	Type	Explanation
--scDevice device_name	must	Specifies the name of network device of the card. For example, eth0 or eth1.
--ipHostNumber ip_address	must	Specifies the IP address assigned to the card. For example, 192.168.1.1.
--macAddress	may	Identifies the MAC address of the network interface card.
--scModul	may	Specifies the name of the Linux kernel module for the network interface card.
--scModulOption	may	Specifies the module options of the Linux kernel module for the network interface card.
--ipNetmaskNumber	may	Adds the netmask belonging to the IP address assigned to the network interface card, if the ipHostNumber is not inside the defined subnet of the location.

For example, the following command adds a network interface card with a static IP address from the defined subnet (type the comman d all on one line):

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scNetworkcard --scDevice eth0 --ipHostNumber 192.168.1.1

6.2.6 Defining the Branch Server Services

The scBranchServer also contains objects representing services such as DHCP and DNS. At a minimum, you should define the required DHCP, DNS, and TFTP.

Here is the posAdmin command syntax for defining an scService object in LDAP (type the command all on one line):

posAdmin.pl --user dn_of_admin_user --password password 
--base base_context --add --scService --cn service_name 
--ipHostNumber ip_address --scDnsName dns_name --scServiceName string 
--scServiceStartScript filename --scServiceStatus TRUE; | FALSE;

Table 6-4 provides a description of scService attributes.

Table 6-4 Attributes for scService objects

Attribute	Type	Explanation
--cn service_name	must	Specifies the common name of the service.
--ipHostNumber ip_address	must	Specifies the IP address of the Branch Server hosting the service.
--scDnsName dns_name	must	Specifies the DNS name of the service.
--scServiceName string	must	Specifies the name of the service. For example: dhcp, dns, or tftp.
--scServiceStartScript filename	must	The name of the init script in /etc/init.d. For example, atftpd for the tftp service.
--scServiceStatus TRUE \| FALSE	must	The service status. TRUE or FALSE are possible values.

The following examples demonstrate how to add the DHCP, DNS, and TFTP services (type the commands all on one line).

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scService --cn dhcp --ipHostNumber 192.168.1.1 
--scDnsName dhcp --scServiceName dhcp --scServiceStartScript dhcpd  
--scServiceStatus TRUE

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret  
--base cn=bs,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scService --cn dns --ipHostNumber 192.168.1.1 
--scDnsName dns; --scServiceName dns --scServiceStartScript named  
--scServiceStatus TRUE

posAdmin.pl --user cn=admin,o=mycorp,c=us --password secret 
--base cn=bs,cn=server,cn=east,ou=boston,o=mycorp,c=us 
--add --scService --cn tftp --ipHostNumber 192.168.1.1 
--scDnsName tftp --scServiceName tftp --scServiceStartScript atftpd 
--scServiceStatus TRUE

6.2.7 Creating Point of Service Terminal Objects

Before you can boot the Point of Service terminals associated with a Branch Server, you must create additional objects in the branch portion of the LDAP directory. These include an scCashRegister object and its associated configuration objects for each type of Point of Service terminal in your system, and scPosImage objects for the client image files you want the Branch Server to distribute to Point of Service terminals.

For instructions on how to create these objects, see Section 11.2, Creating the LDAP Objects Required for the Point of Service Terminals.