All system information (system structure, the configuration and deployment method for each Branch Server, available client images, and Point of Service terminal types) is stored in an LDAP directory on the Administration Server.
Novell Linux Point of Service can use the following LDAP directories: OpenLDAP, eDirectory™, or IBM Directory Services. The posInitLdap script defines the LDAP directory schema and the initial records for OpenLDAP. Likewise, the posInitEdir script defines the directory schema and the initial records required for eDirectory.
NOTE:To run the LDAP directory on IBM Directory Services, run posInitLdap, then import the /etc/opt/SLES/POS/template/ldif.pos file into IBM Tivoli* Directory Server.
The following sections review the procedure required to run posInitLdap or posInitEdir and verify the LDAP directory.
The posInitLdap script defines the LDAP directory schema and the initial records for OpenLDAP. It cannot add the Novell Linux Point of Service LDAP directory to an existing openLDAP tree; it creates an entirely new LDAP directory tree.
To create the Novell Linux Point of Service LDAP directory for OpenLDAP:
After you have installed the Novell Linux Point of Service Administration Server, log in as root on the Administration Server.
Run posInitLdap.sh.
Specify your company name without spaces or special characters.
Specify your country abbreviation.
Use de for Germany, us for United States, uk for United Kingdom, and so forth.
Specify the LDAP administrator password.
NOTE:You are assigning the password for the LDAP directory administrator account. The Branch Server uses this account to access the LDAP directory and this account is required to use posAdmin to add objects to the LDAP directory.
Determine if you want to use SSL when the Branch Server connects to the LDAP directory on the Administration Server.
posInitLdap creates the certificates and keys required to run SSL regardless of whether or not SSL is enabled. This allows you to switch to SSL at a later time if desired.
NOTE:The keys and certificates are located in the /etc/opt/SLES/POS/keys/ directory on both the Administration and Branch Servers.
posInitLdap provides a summary of the LDAP directory data based on your input. If all data is correct, press .
If there is something wrong with the input data, abort the installation by pressing .
The script initializes the basic LDAP database structure and performs some tests, then displays a summary of the configuration and test results. When the tests are successfully completed, the script displays a success message. To complete the initialization, press .
The posInitEdir script defines the LDAP directory schema and the initial records for eDirectory. It cannot add the Novell Linux Point of Service LDAP directory to an existing eDirectory tree; it creates an entirely new tree.
To create the Novell Linux Point of Service LDAP directory for eDirectory:
After you have installed the Novell Linux Point of Service Administration Server, log in as root on the Administration Server.
Install eDirectory on the Administration Server.
Run posInitEdir.sh.
Specify the eDirectory tree name you want to create.
IMPORTANT:posInitEdir does not add to an existing eDirectory tree.
Specify your company name without spaces or special characters.
Specify your country abbreviation.
Use de for Germany, uk for United Kingdom, us for United States, and so forth.
Specify the LDAP administrator password.
NOTE:This password is for the account the Branch Server uses to access the LDAP directory.
posInitEdir provides a summary of the LDAP directory data based on your input. If all data is correct, press .
If there is something wrong with the input data, abort the installation by pressing .
The script initializes the basic LDAP database structure and performs some tests, then displays a summary of the configuration and test results. When the tests are successfully completed, the script displays a success message. To complete the initialization, press .
After you run posInitLdap or posInitEdir, the LDAP directory has been initialized on the Administration Server and the LDAP service is available. At this point, you should have a basic tree structure with a root, a Country container, and an Organization container.
You can verify that the LDAP structure is accessible using a GUI-based LDAP browser, such as GQ, or an ldapsearch command. Table 4-2 lists the parameters required to access the LDAP directory using GQ.
Table 4-2 Parameters for accessing the LDAP directory with GQ
Before you create a Branch Server, you must use the posAdmin command to create the LDAP objects required to configure the Branch Server and boot its Point of Service terminals. For detailed instructions on creating these objects, see Section 6.2, Creating Branch Server Objects in LDAP.