tivoli
TRANSCRIPT
Section 1: Planning
A. Given the customer's business objectives, define the platform to deploy IBM Tivoli Directory Server V6.3 (ITDS), so that the platform for the deployment of ITDS has been defined and meets requirements.With emphasis on performing the following tasks:
a. Determine the configuration, number, and location of the ITDS servers.1. Review the System Requirements Guide.
b. Survey the customer's environment for end-user needs. c. Survey the customer's environment for application needs.d. Survey the customer's environment for deployment needs. e. Survey the customer's environment for infrastructure constraints.
B. Given the customer's business objectives, define a security plan, so that security requirements are met.With emphasis on performing the following tasks:
a. Determine security communications requirements.b. Determine password policy requirements.c. Determine password encryption requirements.d. Determine the need for ACLs.e. Determine the need for specific administrator roles.f. Determine the need for pass through authentication.
C. Given the customer's business objectives, define the topology to deploy ITDS in a distributed environment, so that the need for proxy server and distributed directory has been defined.With emphasis on performing the following tasks:
a. Determine the configuration, number, and location of the ITDS servers.b. Determine how the data is to be distributed.c. Determine the topology for a distributed (proxy) or non-distributed directory
server.d. Develop a plan to synchronize information.e. Develop a plan for failover and load-balancing.
D. Given the customer's business objectives, define the Directory Information Tree, identify custom schema needs and applications to be integrated, so that a functional ITDS solution has been defined.With emphasis on performing the following tasks:
a. Survey the customer's environment for end-user needs.b. Survey the customer's environment for application needs. c. Survey the customer's environment for infrastructure constraints.d. Determine a structural view for location of users and groups within the ITDS
Directory Information tree.e. Determine what customization are required to define users and groups that
may require additional custom objectclasses and attributes.f. Determine external applications that may access the ITDS server and what
information the applications may access.E. Given the customer's business objectives, define the data sources and types of data to
be loaded into the ITDS server, so that the data source, data type and data load have been defined.With emphasis on performing the following tasks:
a. Survey the customer's environment for end-user needs. b. Survey the customer's environment for application needs.
c. Survey the customer's environment for infrastructure constraints.d. Determine location of sources of data and data types to be loaded.e. Determine the methodology to follow to import the data into the ITDS
solution.F. Given the customer's business objectives, define a plan for ITDS migration, so that a
functional ITDS solution has been prepared for a migration.With emphasis on performing the following tasks:
a. Survey the customer's environment for existing ITDS deployments.b. Determine proper ITDS backups are available.c. Determine if the ITDS Instance Administration Tool can be used for
migration.d. Determine required files are available in backup directory.
G. Given the customer's business objectives, define the backup and recovery plan for a deployment of ITDS, so that backup and recovery plan of ITDS has been defined.With emphasis on performing the following tasks:
a. Survey the customer's environment for infrastructure constraints.b. Determine the customer requirements for backup/restore strategy.c. Determine file system location for backups.d. Determine schedule to perform backups.e. Define a plan to schedule a restore from a current backup.
H. Given the customer's business objectives, define a set of local and global users, so that the implementation for users to the ITDS Administrator group and user roles for local administrator has been defined.With emphasis on performing the following tasks:
a. Survey the customer's environment for end-user needs.b. Survey the customer's environment for deployment needs. c. Survey the customer's environment for infrastructure constraints.d. Determine an implementation plan to load a set of users to belong the global
Administration group.e. Determine an implementation plan to load a set of users to perform ITDS
Administration tasks.I. Given the customer's business objectives, define the replication topology, so that the
replication topology of ITDS has been defined.With emphasis on performing the following tasks:
a. Determine the replication strategy.b. Determine the business need for scheduling replication.c. Determine the credentials and SSL requirements for replication.
J. Given the customer's business objectives, define the password encryption implementation, so that the requirement for password encryption of the ITDS solution has been defined.With emphasis on performing the following tasks:
a. Determine the security requirements for password encryption.b. Survey the customer's environment for end-user needs.c. Document the chosen password encryption.
Section 2: Installation
A. Given a server with supported operating system (as per system requirements) and IBM Tivoli Directory Server V6.3 (ITDS) installable images (iso/zip/tar files), use operating system provided installation utilities (command line method) to install ITDS and perquisite software, so that the installation is completed successfully.With emphasis on performing the following tasks:
a. Validate the system requirements for the given server.1. Identify the system hardware and operating system.2. Review the System Requirements document provided in ITDS info
center.3. Validate the system requirements.
b. Identify the required part numbers for the given system and download the same.
1. Identify the system hardware and operating system.2. Identify the part numbers in the ITDS support site or product site for
the given system.c. Validate the extracted installable images.
1. Review the Installation and Configuration Guide in info center - Appendix A.
2. Compare with the extracted installable images and verify the contents.d. Install DB2 v9.7 FP2.
1. Execute the db2_install under DB2 folder of ITDS extracted images.2. Answer yes upon prompt to install into a custom installation location.3. On the next prompt provide ESE as input to install Enterprise Server
Edition.e. Install GSKit v8.
1. From gskit folder install the GSKit8 packages by using the operating system provided installation utility.
f. Install ITDS.1. From tdsfiles folder install the idsldap packages by using the operating
system provided installation utility.g. Install ITDS entitlement package.
1. From entitlement folder install the idsldap entitlement package by using the operating system provided installation utility.
h. Install embedded WebSphere Application Server(eWAS) 7.0.0.7.1. From appsrv folder install the eWAS by using install.sh script.
i. Install ITDS language packs.1. From the tdsLangpack/native folder install required idsldap language
packages by using the operating system provided installation utility.j. Install Tivoli Directory Integrator(TDI) 7.1
1. Refer to the TDI info center and install TDI.k. Verify the installation.
1. Verify the DB2 installation by using db2ls command.2. Verify the GSKit and ITDS installation by using operating system
provided utilities such as lslpp on aix, pkginfo on Solaris, rpm on Linux to query the system registry.
3. Verify the eWAS installation by using versionInfo script.4. Verify the installation logs.
B. Given a server with supported operating system (as per system requirements) and ITDS installable images (iso/zip/tar files), use InstallShield (GUI) method to install
ITDS and prerequisite software, so that installation is completed successfully.With emphasis on performing the following tasks:
a. Validate the system requirements for the given server.1. Identify the system hardware and operating system.2. Review the System Requirements document provided in ITDS info
center.3. Validate the system requirements.
b. Identify the required part numbers for the given system and download the same.
1. Identify the system hardware and operating system.2. Identify the part numbers in the ITDS support site or product site for
the given system.c. Validate the extracted installable images.
1. Review the Installation and Configuration Guide in info center - Appendix A.
2. Compare with the extracted installable images and verify the contents.d. Install ITDS and its components.
1. From the tds folder launch the InstallShield installation utility install_tds.
2. In the Licence panel agree to the license.3. Choose either default installation or custom installation.4. If custom installation is chosen then select necessary prerequisite
software.5. Verify the summary of software to be installed.6. Finish the installation and verify the results panel for success or any
errors during the installation.e. Perform silent installation. (Windows only)
1. Refer to the installation and configuration guide section on silent installation.
2. Copy the options file installServer.txt file from optionFile folder into a writable folder.
3. Update the options file to select necessary prerequisite software to be installed along with ITDS.
4. Use install_tdsSilent with the updated options file provided as a parameter to -options flag.
5. Verify the return code of silent installer to be 0 for successful installation.
6. Verify the LDAP installation log file for any errors during silent installation.
f. Install ITDS language packs.1. From the tdsLangpack folder launch the launguage pack installer
idslp_setup_.2. In the language selection panel select required language(s).3. Verify the summary panel that displays the languages to be installed.4. Finish the installation and verify the results panel for success or any
installation errors.g. Install TDI.
1. Review the TDI documentation and install the TDI.h. Verify the installation.
1. Verify the results panel of the installer.
2. Verify the installation logs.C. Given a server with ITDS, perform necessary methods to uninstall ITDS and
prerequisite software so that uninstallation of ITDS and prerequisite software is completed successfully.With emphasis on performing the following tasks:
a. Uninstall by using operating system provided utilities. (command line method)1. Uninstall ITDS Language packs by using operating system provided
uninstallation utility.2. Uninstall ITDS packages by using operating system provided
uninstallation utility.3. Uninstall GSKit8 by using operating system provided uninstallation
utility.4. From the DB2 installed location go into the install folder and execute
db2_deinstall with -a option.5. Delete the appsrv folder to remove the eWAS.
b. Uninstall by using InstallShield (GUI) method.1. From the ITDS install location go into _uninst folder and launch the
uninstaller by using uninstall_tds utility.2. Select all or required software to be uninstalled.3. Verify the summary of software to be uninstalled on confirmation
window and uninstall.c. Perform silent uninstallation. (Windows only)
1. Referring to the installation and configuration guide update options file UninstallSilent.txt for silent uninstallation.
2. Using command window, go into the ITDS installation location and then go into the _uninst folder.
3. Run the uninstall.exe with the updated UninstallSilent.txt file provided as input for -options flag.
d. Uninstall ITDS language packs.1. Uninstall idsldap language packages by using the operating system
provided uninstallation utility if they were installed by using operating system utility installation method.
2. If the language packs are installed by using InstallShield(GUI) method, go into ITDS installation location and then into LangPack/uninstall folder and launch uninstaller.
3. In the confirmation window select required or all languages to be uninstalled.
4. Finish the uninstallation.e. Uninstall TDI
1. Uninstall TDI referring to TDI info center.f. Verify the uninstallation.
1. Verify by using uninstallation of ITDS and GSKit by using operating system provided utilities such as lslpp on aix, pkginfo on Solaris, rpm on Linux.
2. Verify the DB2 installation location to see nothing is left behind.3. Verify the appsrv installation location to see nothing is left behind.
Section 3: Configuration
A. Given user requirements, use operating system utilities and IBM Tivoli Directory Server V6.3 (ITDS) commands to create ITDS instance users, so that ITDS instance owner, DB2 instance owner and database owner have been created.With emphasis on performing the following tasks:
a. Create ITDS instance users (ITDS instance owner, DB2 instance owner and database owner) using operating system utilities
1. Use operating system utilities like useradd with appropriate parameters like primary group, shell (only for UNIX) , home directory (only for Unix) to create user.
2. Verify ITDS instance users password is not expired.3. Verify ITDS instance owner does not exceed maximum number of
characters limit.b. Create ITDS instance users from ITDS Instance Administration Tool.
1. Execute idsxinst from console.2. Click on Create an instance.3. Select �Create a new directory server instance'.4. Click �Next'.5. Click �Create user'.6. Provide user name, password, primary group and home location.7. Click �Create'.
c. Execute idsadduser command with appropriate parameters ( -u, -w, -g and -l ) to create users.
B. Given IBM Tivoli Directory Server V6.3(ITDS) instance creation and configuration requirements, adjust necessary system resources and kernel parameters, so that ITDS instance creation and configuration complete successfully.With emphasis on performing the following tasks:
a. Adjust system resource by using operating system utilities on UNIX.1. Adjust stack settings to 65535 by using ulimit -s 65535 command.2. Adjust memory settings to unlimited by using ulimit -m unlimited
command.3. Adjust data settings to unlimited by using ulimit -d unlimited
command.4. Adjust core settings to unlimited by using ulimit -c unlimited
command.5. Adjust file settings to unlimited by using ulimit -f unlimited command.
b. Adjust kernel settings on HP UNIX, Solaris and Linux. C. Given ITDS instance creation requirements, use ITDS commands or the ITDS
Instance Administration Tool to create a ITDS & DB2 instance, so that a ITDS and DB2 instance have been created.With emphasis on performing the following tasks:
a. Verify given instance location has required minimum space.b. Verify given port numbers are not in use on the system by using netstat
command.c. Create ITDS instance from ITDS Instance Administration Tool.
1. Execute idsxinst from console.2. Click on Create an instance.3. Select �Create a new directory server instance' and click next.4. Select ITDS instance owner name from drop-down list.5. Provide ITDS instance location where ITDS instance is to be created.6. Provide encryption seed for generating key stash files.
7. Provide encryption salt from other instance if you want to crypto-sync with same.
8. Provide instance description and click next.9. Select DB2 instance name from drop-down list and click next.10. Provide the IP addresses on which ITDS process should listen, and
click next.11. Provide server port or leave the default value for non-secure
communication.12. Provide secure port or leave the default value for secure
communication.13. Provide administrative server port or leave the default value for non-
secure communication.14. Provide administrative secure port or leave the default value for secure
communication, and click next.15. Unselect configure database and configure administrative DN &
password and click next and then finish to create ITDS. d. Execute idsicrt command with appropriate parameters ( -I, -e -l and -t ) to
create ITDS and DB2 instance.D. Given ITDS instance configuration requirements, use ITDS commands and create &
configure DB2 database for ITDS instance, so that a configured database for the ITDS instance is available.With emphasis on performing the following tasks:
a. Verify database location has required minimum space.b. Create and configure database from ITDS Instance Administration Tool.
1. Execute idsxinst command from console.2. Select the created ITDS instance, and click on Manage.3. Click on database option -> configure database.4. Provide database owner, password and name.5. Select configure advance database options if required.6. Provide database location and database character sets.7. Provide advance database option if it's selected.8. Provide tablespace type for USERSPACE1 and LDAPSPACE to either
SMS or DMS.9. Provide USERSPACE1 and LDAPSPACE container type to either file
or raw, and container location & size.10. Provide tablespace extension size.11. Click finish to create & configure database.
c. Execute idscfgdb command with appropriate parameters ( -I , -a , -w , -t and -l ) to create & configure database.
E. Given ITDS instance change log configuration requirements, use ITDS commands and configure change log for ITDS instance, so that the change log has been configured for the ITDS instance.With emphasis on performing the following tasks:
a. Verify database location has required minimum space.b. Configure database from ITDS Instance Administration Tool.
1. Execute idsxinst command from console.2. Select the configured ITDS instance, and click on Manage.3. Select manage Change log database option.4. Select enable Change log database option on right window.5. Provide maximum age and number of entries.
6. Click update to configure change log database.c. Execute idscfgchglg command with appropriate parameters ( -I , -m, and -y )
and configured change log database for ITDS instance.F. Given ITDS instance suffix configuration requirements, use ITDS commands and
configure suffixes for ITDS instance, so that suffixes are configured for the ITDS instance.With emphasis on performing the following tasks:
a. Configure suffix from ITDS Instance Administration Tool.1. Execute idsxinst command from console.2. Select the configured ITDS instance, and click on Manage.3. Select Manage Suffixes option.4. Provide suffix and click add, repeat this all for other suffixes.5. Click OK to apply your changes and exit this panel.
b. Execute idscfgsuf TDS command with appropriate parameters ( -I and -s ) and configure suffixes for ITDS instance.
G. Given ITDS Proxy server configuration requirements, use ITDS commands and configure the ITDS Proxy server, so that a proxy server has been configured for the ITDS instance.With emphasis on performing the following tasks:
a. Create users for the global administrator group by using idsldapadd command.b. Add users to the global administrator group by using idsldapmodify command.c. Add suffixes for proxy from ITDS Web Administration Tool.
1. Proxy administration -> Manage proxy properties.2. Enter suffix DN and click add.
d. Add back-end server from ITDS Web Administration Tool.1. Proxy administration -> Manage back-end directory servers -> add.2. Provide host name, port, connection pool size & health check run
interval, and click next.3. Provide bind DN and password.4. Click Finish to apply your changes and exit this panel.
e. Add partition base from ITDS Web Administration Tool.1. Proxy administration -> Manage partition bases -> add in partition
base.2. Provide partition spilt name, base DN and number of partitions.3. Click OK to apply your changes and exit this panel.
f. Add partition base topology from ITDS Web Administration Tool.1. Proxy administration -> Manage partition bases.2. Select added partition base and click add in partition base topology.3. Select back-end server, partition index, server role and server
priorities(tiers).4. Click OK to apply your changes and exit this panel.
g. Define proxy server group from ITDS Web Administration Tool.1. Proxy administration -> Manage proxy server groups -> add.2. Select available back-end server, and click on add to server group.3. Click OK to apply your changes and exit this panel.
H. Given high level solution design document, configure cryptographically synchronize ITDS instance, so that cryptographically has been synchronized for the ITDS instances.With emphasis on performing the following tasks:
a. Create ITDS instance.
1. Use the same crypto seed and salt values while creating the instance. (idsxinst or idsicrt utilities)
b. Execute idsgendirksf TDS command to generate database key stash file, and use same new key database file with new instance.
I. Given high level solution design document, implement replication topology from the ITDS Web Administration tool, so that replication is configured.With emphasis on performing the following tasks:
a. Add replicated subtree from ITDS Web Administration Tool.1. Replication Management -> Manage topology.2. Click Add subtree.3. Provide subtree DN i.e. replication context.4. Provide master server referral URL.5. Click OK to apply your changes and exit this panel.
b. Add Master server from ITDS Web Administration Tool.1. Replication Management -> Manage topology.2. Select replicated subtree -> show topology.3. Click on view popup menu -> Add Master.4. Provide replication server details.5. Click OK to apply your changes and exit this panel.
c. Add Replica server from ITDS Web Administration Tool.1. Replication Management -> Manage topology.2. Select replicated subtree -> show topology.3. Select master server -> View popup menu -> Add replica.4. Provide replication server details.5. Click OK to apply your changes and exit this panel.
d. Define replication filter if required from ITDS Web Administration Tool.1. Replication Management -> Manage filters -> Add.2. Provide filter name, and filter objectclass -> Next.3. Select objectclass -> Manage filter attribute.4. Provide a list of attribute for inclusion and exclusion list -> OK ->
Finish. e. Restart both servers.
J. Given an LDIF file to import and required custom schema, load the LDIF file by using ITDS utilities, so that the data is successfully imported.With emphasis on performing the following tasks:
a. Verify appropriate schema definitions and/or customizations are defined in the instance.
b. Verify file system space in the DB2 location.c. Use idsldif2db command to import data.
1. Verify ibmslapd is not running by using ibmdirct command.2. Verify no other applications are using configured database by using
db2 list applications command.3. Adjust system resources for import by using operating system utilities.-
Adjust stack settings.-Adjust memory settings.4. Adjust DB2 settings for import by using db2 commands-Adjust
transaction log size.-Adjust transaction log count.5. Execute idsldif2db command with appropriate parameters to import
data.d. Use idsbulkload command to import data.
1. Verify ibmslapd is not running by using ibmdirct command.
2. Verify file system space in temporary location for bulkload.3. Execute idsbulkload with appropriate parameters to import data.
e. Use idsldapadd command to import data.1. Verify ibmslapd is running by using ibmdirct command.2. Execute idsldapdd command with appropriate parameters to import
data.K. Given security requirements, create key database & configure security properties in
ITDS by using the ITDS Web Administration Tool or the command line method, so that ITDS instance is configured with SSL communication.With emphasis on performing the following tasks:
a. Create self signed key database by using GSkit utilities or request an external CA. To create by using GSkit utility:
1. Execute ikeyman to start IBM Key Management.2. Key Database File -> New. 3. Provide key database file type to CMS for an ITDS client/server (you
can also use GSKCapiCmd utility for CMS kdb creation) or JKS for the ITDS Web Administration Tool.
4. Provide File name and location where you want to create key database file, and click OK.
5. Provide password for the key database and set expiration time in days, and click OK.
6. Change key database content from drop down-list to personal certificate.
7. Click New Self-signed -> Provide required key label and common name -> OK.
8. Select the added self signed certificate -> Extract certificate. 9. Select data type to binary DER data, provide certificate name and
location where you want to export the certificate.10. Click OK -> Key Database File -> Exit.
b. To Configure the ITDS Web Administration Tool for communication over SSL to an ITDS server:
1. Go to the Web Administration console.2. Click Server administration.3. Click Manage security properties.4. Click Settings.5. Enable the type of security connections6. Select the authentication method. 7. Click Apply to save your changes .8. Restart both ITDS and the administration server for the changes to take
effect.c. Using ITDS Web Administration tool:
1. Enable SSL from ITDS Web Administration Tool.-Server administration -> Manage security properties -> Settings.-Select SSL or SSL Only.-Provide authentication method either to server authentication or client and server authentication.-Click OK to apply your changes and exit this panel.
2. Configure key database from ITDS Web Administration Tool.-Server administration -> Manage security properties -> Key database.-Provide key database file path, password and label.-Click OK to apply your changes and exit this panel.
3. Configure supported encryption algorithms.-Server administration -> Manage security properties -> Encryption.-Select required encryption algorithms which will be supported.-Click OK to apply your changes and exit this panel.
4. Restart ITDS instance.-Server administration -> Start/stop/restart server.-Click restart.
d. Using the command line:1. Create an LDIF file to updated the required SSL attributes in the
ibmslapd.conf2. Apply those changes dynamically by using idsldapmodify.3. Restart the server.
L. Given third party LDAP details with bind credential, and Pass-Through Authentication requirements, enable & configure Pass-Through Authentication , so that Pass-Through Authentication is configured and ITDS can authenticate users from Pass-Through Authentication server.With emphasis on performing the following tasks:
a. Enable Pass-Through Authentication feature in the ITDS instance from Web Administration Tool
1. Server administration -> Manage security properties -> Pass-Through Authentication.
2. Enable Pass-Through Authentication. 3. Click OK to apply your changes and exit this panel.
b. Configure Pass-Through Authentication server.1. Server administration -> Manage security properties -> Pass-Through
Authentication -> Add.2. Provide subtree DN for starting point of Pass-Through Authentication.3. Provide Pass-Through Authentication host name and port.4. Enable password migration if required.5. Provide number of connections to the Pass-Through Authentication
server to maintain for Pass-Through Authentication.6. Provide connection timeout, and this will be used as timeout while
communicating to Pass-Through Authentication server.7. Click OK to apply your changes and exit this panel.
c. Enable Attribute mapping is required.1. Server administration -> Manage security properties -> Pass-Through
Authentication.2. Select Pass-Through Authentication authentication server -> Edit ->
Next.3. Enable attribute mapping.4. Provide bind DN, password and search base of Pass-Through
Authentication server to retrieve user DN.5. Provide attribute from ITDS server whose value must match to Pass-
Through Authentication servers attribute.6. Provide attribute from Pass-Through Authentication server whose
value must match to ITDS servers attribute.7. Click Finish to apply your changes and exit this panel.8. Restart ITDS instance.9. Server administration -> Start/stop/restart server.10. Click restart.
M. Given ITDS backup and recovery requirements, configure database and Change log, so that ITDS instance is configured for backup and recovery.With emphasis on performing the following tasks:
a. Configure ITDS backup and recovery from ITDS Web Administration Tool.1. Server administration -> Manage backup/restore -> Configure
directory server backup.2. Select the Enable backup of directory server check box to enable
backup for the selected directory server instance.3. Select the Enable backup of change log check box to enable backup for
the change log database.b. Specify a backup type.
1. Click Online backup to enable online backup for a directory server instance.
2. Click Offline backup to enable offline backup for a directory server instance.
3. Specify a path for backup and restore operations in the Backup/Restore location field.
4. Click OK to apply your changes and exit this panel.c. Schedule directory server backup from ITDS Web Administration Tool.
1. Server administration -> Manage backup/restore -> Schedule directory server backup.
2. Take backup once for a directory server, select the check box under the section One time and specify a date and time.
3. To take directory server backup after a specific interval of time in a recurring manner, select the check box under the section Recurring and specify the duration.
4. Click OK to apply your changes and exit this panel.d. Perform directory server restore.
1. Server administration -> Manage backup/restore -> Perform directory server restores.
2. Restore a directory server instance while server is running, click Stop server and restore now.
3. Restore a directory server instance while server is stopped, click Restore now.
4. View logs related to the restore operation, click View logs.N. Given the password encryption requirements, configure ITDS instance for password
encryption, so that ITDS encrypts passwords in the database.With emphasis on performing the following tasks:
a. Configure password encryption from ITDS Web Administration Tool.1. Server administration -> Manage security properties -> Password
encryption2. Select a password encryption type from the Set the password
encryption mechanism combo box.3. Click OK to apply your changes and exit this panel.
b. Configure password encryption by using idsldapmodify command to change ibm-slapdPWEncryption attribute of cn=configuration entry.
O. Given the access requirements for users and applications, define ACLs in the ITDS environment, so that the required access control definitions have been defined.With emphasis on performing the following tasks:
a. Identify the type of ACL that is required to be defined in the environment.
1. Non-filtered ACLs - This type of ACL applies explicitly to the directory entry that contains them, but may be propagated to none or all of its descendant entries.
2. Filtered ACLs - Filter-based ACLs differ in that they employ a filter-based comparison, by using a specified object filter, to match target objects with the effective access that applies to them.
b. Identify the method for defining the ACL(s). (the ITDS Web Administration Tool or Command Line)
c. From the ITDS Web Administration Tool expand "Directory Management", select the entry where you intend to define the ACL and select "Edit ACL" from the Action drop-down menu.
d. From the Command Line, define an LDIF file which contains the required ACL definition and perform an idsldapmodify to define the ACL.
P. Given the roles and required access for a given bind DN, modify the access level of an entry, so that the required administrator role is defined.With emphasis on performing the following tasks:
a. Evaluate the required tasks for a given bind DN and determine which Administrative Role is required:
1. Audit administrator 2. Directory Data Administrator (DirDataAdmin) 3. No administrator (NoAdmin) 4. Password administrator (PasswordAdmin) 5. Replication administrator (ReplicationAdmin) 6. Server configuration group member (ServerConfigGroupMember) 7. Server start/stop administrator (ServerStartStopAdmin)
b. Create an Administrative Group by using either the ITDS Web Administration Tool or by using command line methods.
c. Add the user as a member of the Administrative Group.d. Use the ITDS Web Administration Tool or command line options to define the
administrative role required.1. Web Admin :2. Expand the Server administration category in the navigation area and
click Manage administrative group. On the Manage administrative group panel:-Select the member whose information you want to modify.-Click Edit.-Select the available administrative roles from the Available administrative role box and click Add. Command line : Issue an idsldapmodifydn: changetype: modifyreplace: ibm-slapdAdminRoleibm-slapdAdminRole:
Q. Given the required installation media, install and deploy the ITDS Web Administration Tool, so that the ITDS Web Administration Tool is successfully configured.With emphasis on performing the following tasks:
a. Deploy the ITDS Web Administration Tool into eWAS by using the following command:
1. Go to the idstools subdirectory of the installpath. (installpath is the directory where ITDS is installed.)
2. For Unix/Linux platforms this directory is: /opt/IBM/ldap/V6.3/idstools
3. Be sure that the deploy_IDSWebApp file is present in the idstools directory. Type the following command: ./deploy_IDSWebApp
b. Launch a browser and log in to the administration console (superadmin/secret) for the WAT - http://:12100/IDSWebApp/IDSjsp/Login.jsp
c. Adding an existing ITDS server as the console admin in the ITDS Web Administration tool. To add a server to the console:
1. Expand Console administration in the navigation area.2. Click Manage console servers. A table for listing of server host names
and port numbers is displayed.3. Click Add.4. Specify a unique name that identifies a registered IBM® Tivoli®
Directory Server instance running on a specified host name or IP address and server port. The server name is displayed in the LDAP server name list on the Directory server login panel. If a name is not provided in the Server name field, the host name: port combination would be displayed for the server instance in the LDAP server name list on the Directory server login panel.
5. Enter the host name address or the IP address of the server. For example servername.austin.ibm.com
6. Select the Administration server supported check box to enable the Administration port control.
7. Specify the port numbers or accept the defaults.Note: For multiple server instances on the same machine, although the host name remains the same, you must specify the correct port that was assigned to the directory server instance.
8. Specify if the server is SSL enabled. Ensure that you complete step 5 under Managing console properties.
9. Click OK to apply the changes or click Cancel to exit the panel without making any changes.
R. Given the required operations to be audited, modify the server configuration so that the audit log is successfully configured.With emphasis on performing the following tasks:
a. Identify the operations that is required to be audited.b. Determine a location with enough space to store the audit log. c. Determine the method of configuring the audit log either the ITDS Web
Administration Tool or from command line.d. If using the Web Admin:
1. Expand Logs in the navigation area, click Modify log settings. 2. Click Server Audit log. 3. Select Enable server audit logging to use the audit log utility. 4. Enter the Path and file name and operations to be audited for the audit
log.5. Click Apply.
e. From Command Line:1. Create an LDIF file with the desired audit log settings.2. Issue and idsldapmodify to dynamically update the audit log settings
by using the LDIF file created.S. Given the identified data and location to store the data, export the data to an LDIF
file, so that the data is successfully exported.With emphasis on performing the following tasks:
a. Identify what data is required to be exported.b. Export the data by using one of the following methods:
1. idsldapsearch can be used to export data based on a filter by subtree, configuration information. (Server must be running.)
2. idsdb2ldif can be used to export the full database, subtree or entry.3. Idsxcfgdb is GUI tool which calls idsdb2ldif under the covers.
T. Given the requirement to keep track of deleted entries, enable tombstone, so that the tombstone feature is successfully configured.With emphasis on performing the following tasks:
a. Use either the ITDS Web Administration Tool or command line tool to enable tombstone.
1. By using Web Administration:-If you have not done so yet, click Server administration in the Web Administration navigation area and then click Manage server properties in the expanded list. Click the Delete settings tab.-This panel allows you to control tombstone configuration parameters. This panel is displayed only to Primary admin or Server config group members.-To enable tombstones, click the Record deleted entries check box. This control is associated with the ibm-slapdTombstoneEnabled attribute.-Under the Deleted entries lifetime section, enter a value for tombstone lifetime. You can specify the value in either Days or Hours by selecting the desired value from the combo box. The default value is 7 days. This control is associated with the ibm-slapdTombstoneLifetime attribute.
2. By using the command line:-To enable the tombstone feature, issue the following command:idsldapmodify -D -w -f where contains (Note: add to the LDIF any additional tombstone parameters that you want to be enabled):dn: cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configurationibm-slapdTombstoneEnabled: TRUE-To reread the configuration file, issue the following command:idsldapexop -D -w -op readconfig -scope entire
U. Given the requirements to reference a parent server or a subordinate reference, configure a referral to point to the appropriate LDAP server, so that the required referrals are configured.With emphasis on performing the following tasks:
a. Configure a referral by using the command line or ITDS Web Administration Tool or from command line.
1. From the ITDS Web Administration Tool:-Expand Directory Management.-Select add an entry. -Select the Structural Objectclass referral.-Enter the DN for the entry and web address of the LDAP server to refer to.-Click OK.
2. From the command line:-Create an LDIF file:dn: o=sampleobjectclass: referralref: ldap://:/o=sample-Update the server by using an idsldapadd.
V. Given the requirement to provide synchronization between an ITDS server and an Active Directory Server, configure active directory synchronization by using either the idsxcfg or idsadscfg, so that the Active Directory Synchronization solution is configured.With emphasis on performing the following tasks:
a. Install IBM Tivoli Directory Integrator. b. Determine the method for configuring the Active Directory Synchronization
solution idsxcfg or from command line.
1. By using the configuration tool, idsxcfg:-idsxcfg -I -Select Active Directory Synchronization.-Enter the values for the required parameters.-Click Finish and then close the tool.
2. From Command Line:You can use the idsadscfg command to configure Active Directory synchronization. For example:idsadscfg -I inst1 -adH ldap://9.182.191.134:389 -adb dc=adsynctest,dc=com -adD cn=administrator,cn=users,dc=adsynctest,dc=com -adw sec001ret -adg ou=testgroup1,dc=adsynctest,dc=com -adu ou=testuser1,dc=adsynctest,dc=com -idss o=ibm,c=us -idsg ou=Testgroup1,ou=groups,o=ibm,c=us -idsu ou=Testuser1,ou=users,o=ibm,c=us
W. Given the password policy requirement and an ITDS environment, define the password policy, so that the password policy for the ITDS solution has been defined.With emphasis on performing the following tasks:
a. Create the password policy by using the ITDS Web Administration Tool.1. Log on to ITDS Web Administration Tool.2. Navigate to Server administration.3. Navigate to Manage password policy.4. Select radio button for pwdpolicy to modify.5. Click on Edit Settings.6. On the Policy definition panel, fill in the specified values.7. Click on Next.8. Fill in other appropriate password policy parameters that may require a
modified value and not a default value.9. Click on Finish.
b. Create the password policy by using the command line:1. To enable the password policy, issue the following
command:idsldapmodify -D -w -p -kdn: cn=pwdpolicy,cn=ibmpoliciesibm-pwdpolicy:trueibm-pwdGroupAndIndividualEnabled:true
2. To define group and individual password policies issue the following commands:idsldapadd -D -w dn:cn=grp1_pwd_policy,cn=ibmpoliciesobjectclass: containerobjectclass: pwdPolicyobjectclass: ibm-pwdPolicyExtobjectclass: topcn:grp_pwd_policypwdAttribute: userPasswordpwdGraceLoginLimit: 1pwdLockoutDuration: 30pwdMaxFailure: 2pwdFailureCountInterval: 5pwdMaxAge: 999pwdExpireWarning: 0pwdMinLength: 8pwdLockout: truepwdAllowUserChange: truepwdMustChange: falseibm-pwdpolicy:trueidsldapadd -D -w dn:cn=individual1_pwd_policy,cn=ibmpoliciesobjectclass: containerobjectclass: pwdPolicyobjectclass: ibm-pwdPolicyExtobjectclass: topcn:grp_pwd_policy
3. To associate the group and individual password policies with a group or a user, issue the following commands. For instance, to associate a group password policy with a group:idsldapmodify -D -w -kdn:cn=group1,o=samplechangetype:modifyadd:ibm-pwdGroupPolicyDNibm-pwdGroupPolicyDN:cn=grp1_pwd_policy,cn=ibmpolicies
4. To associate an individual password policy with a user:idsldapmodify -D -w -kdn:cn=user1 ,o=samplechangetype:modifyadd:ibm-pwdIndividualPolicyDNibm-pwdIndividualPolicyDN:cn= Individual1 _pwd_policy,cn=ibmpoliciespwdAttribute: userPasswordpwdGraceLoginLimit: 3pwdLockoutDuration: 50pwdMaxFailure: 3pwdFailureCountInterval: 7pwdMaxAge: 500pwdExpireWarning: 0pwdMinLength: 5pwdLockout: truepwdAllowUserChange: truepwdMustChange: falseibm-pwdpolicy:true
X. Given the instance information, unconfigure the ITDS instance, so that previous ITDS configuration has been unconfigured. With emphasis on performing the following tasks:
a. Identify which ITDS instance is required to be unconfigured. b. Determine if the database should be removed or unconfigured.c. From command Line to remove and delete ITDS instance, DB2 instance and
DB2 database:1. Issue idsidrop -I -r -n.2. Confirm the instance is no longer present, issue idsilist -a.
d. To unconfigure the DB2 database only (idsucfgdb or GUI tool idsxcfg):1. Issue the idsucfgdb command.2. Issue the idsxcfg -I , select Database Tasks, then Unconfigure
database.
Section 4: Administration
A. Given a fully configured IBM Tivoli Directory Server V6.3(ITDS) environment, perform necessary methods to monitor its health so that the ITDS environment health monitored.With emphasis on performing the following tasks:
a. Perform the root DSE search to find if the server is running in normal or configuration only mode.
1. In ITDS Web Administration Tool, navigate to Server administration and click on View server capabilities (Root DSE) and review multiple tab pages presented in main page.
2. Run ldapsearch command against the LDAP server with the base scope, null search base (" ") and obectclass=* filter and review the returned value.
b. Monitor the disc space utilization.1. In ITDS Web Administration Tool, navigate to Server administration
and click on View server status and go to System information tab page to review the disc space utilization by the instance.
2. Run ldapsearch command against the LDAP server with the base scope, search base "cn=system,cn=monitor" and obectclass=* filter and review the returned value.
3. Connect to the system and use operating system provided methods such as df/du to find the disc space utilization for the file systems/drives where the instance and database are located.
c. Enable the audit log to find any slow ldapsearches.
1. In ITDS Web Administration Tool, navigate to Server administration, Logs and then click on Modify log settings.
2. Select Server audit log from the table and click on Edit settings button on the top of the table.
3. Make necessary changes to enable the audit log for all operations.4. Alternatively build an LDIF file by referring to Administration Guide
and use it with ldapmodify command to enable audit logging for all operations.
5. Review the audit log to find any search operations which is taking longer time based on the start and stop timestamps on the audit records.
d. Review the server log and db2cli log files for errors.1. In ITDS Web Administration Tool, navigate to Server administration,
Logs and then click on view logs.2. To review server log, use the select log drop-down box, select Server
log and click on View button. Navigate through pages as required.3. To review the db2cli log, use the select log drop down box, select DB2
log and click on View button. Navigate through pages as required.4. Alternatively go into the instance's logs folder and review ibmslapd.log
or db2cli.log by using any applicable editor or choice per platform.e. Perform connections search to find if the connections from applications are
increasing above expected usage1. In ITDS Web Administration Tool, navigate to Server administration
and click on Manage server connections and review the resulting panel. Repeat the same periodically.
2. Run ldapsearch command against the LDAP server with the base scope, search base "cn=connections,cn=monitor" and obectclass=* filter and review the returned value.
f. Perform monitor search and find if the server is having any problems.1. In ITDS Web Administration Tool, navigate to Server administration
and click on View server status and review multiple tabs in resulting panel. Repeat the same periodically.
2. Run ldapsearch command against the LDAP server with the base scope, search base "cn=monitor" and obectclass=* filter and review the returned value.
g. Monitor replication status.1. In ITDS Web Administration Tool, navigate to Replication
management and then to Manage queues and review the status on the replication queues.
2. Run ldapsearch command against the LDAP server with the sub scope, null search base (" "), obectclass=ibm-repl* filter and attribute or either +ibmrepl. Review the returned value.
B. Given an ITDS system, run the ITDS command line utilities to perform the intended LDAP actions, so that the required server or client command line utilities are identified and performed successfully.With emphasis on performing the following tasks:
a. Identify the server command line utilities and client command line utilies.1. Review the Command Reference Guide to identify the command line
utilities for server as well as client to know the purpose and usage.2. Identify the required VS optional paramters on those commands.
b. Perform ITDS instance LDAP server start/stop by using server command line utilities.
1. Use the ibmslapd / idsslapd command with with options -I and -k to stop the instance's LDAP server.
2. Use the ibmslapd / idsslapd command with just -I to start the instance's LDAP server.
c. Perform ITDS instance administration server start/stop by using server command line utilities.
1. Use the ibmdiradm / idsdiradm command with options -I and -k to stop the instance's admin server.
2. Use the ibmdiradm / idsdiradm command with an option -I to start the instance's admin server.
d. Perform ITDS instance LDAP server start, stop and find status by using client command line utilities.
1. Use the ibmdirctl command with admin server port provided with -p option along with appropriate bind and keyword of start or stop at the end to start or stop instance's LDAP server process remotely.
2. Use the ibmdirctl command with with admin server port provided with -p option along with appropriate bind and keyword of status to find the status of LDAP server.
3. Use the ibmdirctl command with with admin server port provided with -p option along with appropriate bind and keyword of admstop to stop the admin server itself.
e. Identify the instance details by using command line utility.1. Run the idsilist command with -a option and review the output which
displays the instance's details.f. Perform LDAP client commands such as ldapsearch, ldapmodify etc. from
command line.1. Referring to the command reference guide use the LDAP client
command line utilities such as ldapsearch, ldapmodify etc. C. Given an ITDS system, run required GUI utilities so that GUI procedures are
completed successfully.With emphasis on performing the following tasks:
a. Identify the server GUI utilities.1. Review the Command Reference guide and Installation and
configuration guide to identify the server GUI utilities (idsxinst and idsxcfg) for server.
2. Review the Installation and configuration guide as well as administration guide to know about the ITDS Web Administration Tool purpose and usage.
b. Perform ITDS instance LDAP server and admin server start/stop by using server GUI utilities.
1. Launch the ITDS Instance Administration Tool (idsxinst) and highlight the required instance. Then click on Start/Stop button. In the resulting panel perform start / stop actions.
2. Launch the Configuration tool with option -I . Click on Manage server status. In the resulting panel perform start / stop actions.
c. Perform ITDS instance LDAP server start by using the ITDS Web Administration Tool.
1. Log in to the LDAP server instance via ITDS Web Administration Tool and navigate to Server administration and click on Start/stop/restart server. In the resulting panel perform start / stop actions.
D. Given an ITDS system, perform appropriate maintenance steps so that preventive maintenance is achieved.With emphasis on performing the following tasks:
a. Identify the current software levels.b. Perform a backup of the ITDS instance.c. Install latest recommended fix levels.
Section 5: Performance Tuning
A. Given a fully configured IBM Tivoli Directory Server V6.3(ITDS) environment, perform periodic optimization procedures so that the ITDS LDAP server optimal performance is achieved.With emphasis on performing the following tasks:
a. Identify and execute the command line method of optimization. (runstats)1. Use idsrunstats (or runstats) command with option -I to perform the
optimization on the database.b. Identify and execute the GUI method of optimization.
1. Launch the ITDS Instance Configuration Tool (idsxcfg) with option -I . Go to Database tasks and click on Optimize database. In the resulting panel click on Optimize button.
2. After the completion of optimization, click OK button the task completion info pop-up window. Clear results and close.
B. Given a fully configured ITDS environment, identify and adjust of LDAP caches so that the ITDS LDAP caches are customized.With emphasis on performing the following tasks:
a. Review Performance tuning guide section on LDAP caches to familiarize with different type of caches, purpose and tuning recommendations.
b. Identify the default cache settings by using Command line method.1. Run ldapsearch command against the LDAP server with the base
scope, search base "cn=Front End, cn=configuration" and objectclass=* filter.
2. Review the returned value for various types of LDAP caches.c. Identify the default cache settings by using GUI method.
1. In ITDS Web Administration Tool, navigate to Server administration and click on View cache statuss and review multiple tabs in resulting panel. Repeat the same periodically.
d. Determine the need for adjusting the LDAP caches.1. Based on the recommendations in the Performance Tuning guide,
review the monitor searches via either webadmin or ldapsearch utility. 2. Determine there is a need for adjusting the LDAP caches.
e. Execute the method to adjust the LDAP caches by using command line utilities.
1. Build necessary LDIF files to modify the cache related attributes in "cn=Front End, cn=configuration".
2. Use ldapmodify command with appropriate port and bind and the input LDIF file to update the configuration for adjusting the caches.
f. Execute the method to adjust the LDAP caches by using GUI tools.1. In ITDS Web Administration Tool, navigate to Server administration
and click on Manage cache properties.2. In the resulting main page click on tab pages corresponding to the
LDAP cache setting that is required to be changed. Update the cache settings. Click OK to apply the changes.
C. Given a fully configured ITDS environment, use ITDS Performance Tuning Tool in various scenarios so that the ITDS LDAP server performance is tuned.With emphasis on performing the following tasks:
a. Identify the idsperftune location, usage, default input file and statistics file locations.
1. Review the Performance Tuning and command reference guides to familiarize with the Performance Tuning Tool. (idsperftune)
2. Identify the usage of idsperftune.3. Identify the default idsperftune input file that resides in the instance's
etc folder and review its contents.4. Identify the default statistics file for idsperftune that resides in the
instance's logs folder and review its contents.b. Perform basic tuning by using idsperftune.
1. Review the performance tuning guide section on basic tuning and perform required actions with idsperftune command utility.
c. Perform advanced tuning using idsperftune.1. Review the performance tuning guide section on advanced tuning and
perform required actions with idsperftune command utility.d. Performance Tuning via GUI Tool
1. Launch the configuration tool (idsxcfg) with option -I .2. Navigate to Database tasks and click on Performance tuning.3. Review the performance tuning guide section on basic and advanced
tuning and perform necessary actions. D. Given a fully configured ITDS environment, identify the need for indexes (on
attributes/tables) and perform necessary methods to create indexes so that the LDAP attributes are indexed.With emphasis on performing the following tasks:
a. Identify the need for indexes on attributes.1. Review the server log (ibmslapd.log) and identify any attributes are
being reported as not indexed but used n times in searches.b. Perform GUI method to create indexes.
1. Log in to LDAP server via ITDS Web Administration Tool.2. Navigate to Schema management and click on Manage Attributes.3. Navigate to the required attribute (identified as indexing candidate)
and click on the attribute to edit.4. Click on IBM extensions and in the section "Indexing rules" select
required indexes. Click OK to complete the update.c. Perform command line method to create indexes.
1. Build necessary LDIF files to add index related keywords in IBM attribute types definition of the identified attribute.
2. Use ldapmodify command with appropriate port and bind and the input LDIF file to update the indexes on the attribute.
d. Execute the optimization command/GUI method after the indexing.1. idsrunstats (or runstats) command with option -I to perform the
optimization on the database.2. Launch the ITDS Instance Configuration Tool (idsxcfg) with option -
I . Go to Database tasks and click on Optimize database. In the resulting panel click on Optimize button. Close the configuration tool after optimization.
E. Given an operational ITDS environment, enable the audit logging for performance profiling so that the performance bottlenecks are identified.With emphasis on performing the following tasks:
a. Enable the audit log for performance profiling.1. Log in to the ITDS Web Administration Tool, navigate to the Server
administration, Logs and then click on Modify log settings.2. Select Server audit log from the table and click on Edit settings button
on the top of the table.3. Make necessary change to select "Enable audit for performance data"
to enable the audit log for performance profiling.4. Make necessary changes to enable the audit log for all operations.5. Alternatively build an LDIF file by referring to administration guide
and use it with ldapmodify command to enable audit logging for all operations along with making the value of ibm-auditPerformance to be true.
b. Disable the performance profiling in audit log settings.1. In ITDS Web Administration Tool, edit the audit log settings to
unselect "Enable audit for performance data" and complete the update.2. Use LDIF and ldapmodify method to change the value of ibm-
auditPerformance to be false.c. Review and identify the performance bottlenecks.
1. Review the audit log file from instance's logs folder.2. Identify the additional information shown via performance data fields
in the audit records after enabling the performance profiling.3. Identify the slow running LDAP search operations along with detailed
information in performance data fields. F. Given an operational ITDS environment, perform maintenance activities by using the
database maintenance tool so that the database maintenance is completed.With emphasis on performing the following tasks:
a. Identify the various activities that can be performed by using database maintenance tool.
1. Review the documentation to identify the various activities that can be performed via database maintenance tool.
b. Perform index reorganization by using idsdbmaint.1. Review the performance tuning guide section on DB2 index
reorganization and perform required actions with idsdbmaint command utility.
c. Perform row compression by using idsdbmaint.1. Review the performance tuning guide section on DB2 row
compression and perform required actions with idsdbmaint command utility.
d. Perform database tablespace conversion using idsdbmaint.
1. Review the performance tuning guide section on Tablespace conversion and perform required actions with idsdbmaint command utility.
e. Perform database maintenance via GUI tool.1. Launch the configuration tool (idsxcfg) with option -I .2. Navigate to Database tasks and click on Maintenance.3. Review the performance tuning guide section on database maintenance
and perform necessary actions.
Section 6: Problem Determination
A. Given the knowledge of IBM Tivoli Directory Server V6.3(ITDS), configure appropriate logging so that the available logging capabilities are understood.With emphasis on performing the following tasks:
a. Describe Administrative logging.b. Describe Audit logging.c. Describe PREOP Audit logging.d. Describe Performance Audit logging.e. Describe bulkload logging.f. Describe tools logging.g. Describe DB2 logging.h. Describe lost and found logging.i. Describe server logging.j. Describe how to view logs.
B. Given a problem symptom, identify the relevant utilities, so that the appropriate diagnostics are collected. With emphasis on performing the following tasks:
a. Categorize the problem symptom and implement diagnostic collection.1. Configuration-Use command line method and use the debug flag
appropriate for the configuration activity.2. Specific operation-Use the debug flag, to generate additional
diagnostic information.-Enable ascii and or binary tracing.3. Error occurred while environment is running-Enable ascii and or
binary tracing.-Enable additional server logging. (audit / preop audit, log level, performance trace)-Enable idsmonitor.
C. Given a replication failure message, identify the appropriate diagnostic tools, so that additional information is gathered to troubleshoot the replication issue.With emphasis on performing the following tasks:
a. Confirm version information: Collecting Version Informationb. Gather logs and ibmslapd.conf file: Log and Configuration Files c. Collect the replication agreements from each system in the
topology:idsldapsearch -h -p -D -w -b " " -s sub objectclass=ibm-repl*d. Collect the replication status:idsldapsearch -h hostName -p -D -w -s sub -b " "
objectclass=ibm-replicationagreement ++ibmrepl e. Collection server tracing: Dynamic Ascii and Binary Tracing
D. Given an SSL failure message, identify the appropriate diagnostic tools, so that additional information is gathered to troubleshoot the SSL issue.With emphasis on performing the following tasks:
a. Confirm version information: Collecting Version Informationb. Gather logs and ibmslapd.conf file: Log and Configuration Files c. Collect server traces: Dynamic Ascii and Binary Tracing d. Collect GSkit traces: Gskit Tracing
E. Given an installation failure, identify the appropriate diagnostic tools and files, so that additional information is gathered to troubleshoot the installation issue.With emphasis on performing the following tasks:
a. Collect installation logs. ( ISMP or Native installation)1. For InstallShield GUI (ISMP), Collect the following:For Windows:-
All logs under \var For example, default location when installed ITDS 6.x:C:\Program Files\IBM\LDAP\V6.x\var For AIX:- All logs under: /var/idsldap/V6.x- installp_isje.log under: /opt/IBM/ldap/V6.xFor Linux, Solaris, and HP-UX:- All logs under: /var/idsldap/V6.x
2. For Native Operating System Utility installations, Collect the following logs/files:For AIX:- console ouput during installation.- All logs under /var/idsldap/V6.x- /smit.log (if using SMIT)- /tmp/db2_install.log.xxxxxx- /tmp/db2_install.rc.xxxxxx - Verify that the ITDS was installed successfully:- #lslpp -aL idsldap.
3. For Solaris:- console ouput during installation.- All logs under /var/idsldap/V6.x- Verify all packaged installed:- # pkginfo | grep -i idsl- /tmp/db2_install.log.xxxxxx- /tmp/db2_install.rc.xxxxxx
4. For Linux:- console ouput during installation.- All logs under /var/idsldap/V6.x- Verify that the packages has been installed correctly:- # rpm -qa | grep idsldap- /tmp/db2_install.log.xxxxxx- /tmp/db2_install.rc.xxxxxx
5. For HP-UX:- console ouput during installation.- All logs under /var/idsldap/V6.x- Verify that the packages has been installed successfully:- # wslist | grep idsldap- /tmp/db2_install.log.xxxxxx- /tmp/db2_install.rc.xxxxxx
F. Given a symptom of poor performance, identify the appropriate diagnostic tools, so that additional information is gathered to troubleshoot the performance issue.With emphasis on performing the following tasks:
a. Enable the idsmonitor script.b. Configure performance auditing.c. Identify the last time runstats was performed.d. Collect performance tracing.e. Collect the ibmslapd log.f. Collect the db2look command output.
G. Given a configuration failure message, identify the appropriate diagnostic tools, so that additional information is gathered to troubleshoot the configuration.With emphasis on performing the following tasks:
a. Collect logs and pertinent error messages.1. For Windows:-Outputs on screen-db2diag.log for your Instance-All
logs under /var/idsldap/V6.3-All log files from instance's logs folder2. For UNIX:-File /etc/hosts, /etc/group, /etc/passwd, /etc/services-
Outputs on screen-db2diag.log for your Instance-All logs under /var/idsldap/V6.3-All log files from instance's logs folder
b. Collect additional debug messages by rerunning the command with the debug flag set.
H. Given the output of a failed installation, remove and uninstall any partially installed software, so that the failed installation is cleaned up.With emphasis on performing the following tasks:
a. Review the installation logs.b. Uninstall the failed component and remove associated files if performing
native installation.c. Clean up the failed ISMP install attempt by running the uninstaller if created.
I. Given the output of a failed configuration task, remove and unconfigure any files associated with the failed configuration attempt, so that the failed configuration attempt is cleaned up.With emphasis on performing the following tasks:
a. To completely clean up a failed configuration attempt. Issue "idsidrop -I -r"b. Verify the DB2 instance is removed: cd to the DB2 instance location and run
db2ilist from the bin directory.c. Verify DB2 folders and ITDS folders are removed from the instances home
directory, if not remove them.d. Delete the instance owner by using OS methods.