How to change Admin Server user in SunONE Directory Server 5

How to change user for Admin Server

Problem Statement:

S1DS 5.2(compressed archive) does not offer the option of specifying the

owner of the admin server during installation. When you specify

non-privilege user, such as nobody, for directory server, admin server is

also running as same non-privilage user as well as directory server.

Therefore, if you specify privilege port in unix (<1024) for the directory server, this will result in not being able to start / restart the directory server instance via the console. Troubleshooting Steps: If admin server is running as user except for root, you can't change the user for admin server via cosole. Here is a steps to change user for Admin server by hand. ** admin server should be stopped before conducting this procedure, but ns-slapd for configuration instance should be on-line. 1. change directive named 'User' in ServerRoot/admin-serv/config/magnus.conf to 'root' by text editor. 2. change file owner under ServerRoot/admin-serv to user you want as follows a. # cd /admin-serv

b. # chown -R root *

3. change attribute ‘nsSuiteSpotUser’ of admin server configuration entry

in your Directorty Server like

dn: cn=configuration, cn=admin-serv-, cn=Administration

Server, cn=Server Group, cn=, ou=, o=NetscapeRoot

to the user you want to change to.

For example) in case of using ldapsearch

a. do the following ldapsearch to determine target entry

#./ldapsearch -p -h -D “cn=Directory Manager” -w -b o=NetscapeRoot -s sub “nsSuiteSpotUser=*” dn nsSuiteSpotUser

dn:cn=configuration, cn=admin-serv-test, cn=Administration Server,

cn=Server Group,cn=test.example.com, ou=example.com, o=NetscapeRoot

nsSuiteSpotUser=nobody

#

b. modify usr in attribute nsSuiteSpotUser of this entry to ‘root’

# ldapmodify -p -D “cn=Directory Manager” -w dn: cn=configuration, cn=admin-serv-test, cn=Administration Server,

cn=Server Group, cn=test.example.com, ou=example.com, o=NetscapeRoot

changetype: modify

replace: nsSuiteSpotUser

nsSuiteSpotUser: root

modifying entry cn=configuration, cn=admin-serv-test,

cn=Administration Server, cn=Server Group, cn=test.example.com,

ou=example.com, o=NetscapeRoot

^D

#

you can also do same modification via directory TAB in directory

server console.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.