Configuring the IBM Directory (LDAP) to store System V print information

Edit online

You can configure the IBM® Directory (LDAP) to store System V print information.

Installing and configuring the IBM Directory Server software on the AIX® system that serves as the centralized repository for System V print information. If the system has the IBM Directory Server installed, go to step 2.

  1. Install the IBM Directory Server software from the AIX base operating system media software. The IBM Db2 database is required by the IBM Directory Server. You must install the IBM Db2 database prior to installing the IBM Directory Server.
    Note: For detailed instructions on installing and troubleshooting the IBM Directory, see the documentation that was provided with the IBM Directory product.
  2. To configure the IBM Directory to store System V print information, run the mkprtldap command with the server flag options.
    mkprtldap -s -a AdminDN -p Adminpasswd -w ACLBindPasswd [-f] [-d node DN]

The server flag options are described in detail in Server flag options.

The mkprtldap command works even if the directory server has been set up for other purposes, for example, for white pages information. In this case, the mkprtldap command adds the AIX information tree and the print subtree information to the existing database. This print tree is protected independently from other trees by use of an Access Control List (ACL). In this case, the LDAP server works as usual. Back up your existing database before you use the mkprtldap command to configure System V print information to share the same database.

Configuration using the -s flag

During the configuration, if you use the -s flag with the mkprtldap command, the following occurs:

  1. Checks the IBM Directory Server's DB2® configuration on the system. If DB2® is not configured for IBM Directory, the mkprtldap command creates a DB2 instance with ldapdb2 as the default instance name, and creates a DB2 database with ldapdb2 as the default database name if one does not exist. If an existing database is found, the mkprtldap command adds AIX System V print information to the existing database.
  2. Requires the IBM Directory Administrator Distinguished Name (DN) and password if the directory has been previously configured. If the directory administrator DN and password have not been set, the mkprtldap command sets them to the values provided to the command.
  3. Adds the IBM Directory server process (slapd) to the /etc/inittab file so that the server starts after a reboot.
  4. Creates the AIX information tree DN (cn=aixdata container object) on the directory if one is not present. The print subtree will be created under the AIX information subtree. If an existing AIX information subtree exists on the directory, the print subtree will be created under it. All System V print information will be stored under the print subtree. The directory-enabled System V print commands must be run to add printers and print queues under the print subtree created.
  5. Adds the default suffix cn=aixdata to the /home/ldapdb2/idsslapd-ldapdb2/etc/ibmslapd.conf file if the suffix does not exist. Creates the AIX information tree container object cn=aixdata if it not found in the Directory. The cn=aixdata is a top-level container object under which the print subtree (ou=print) is then created.
  6. The print subtree is ACL-protected with the value of the ACLBindPasswd parameter passed to the command. The same value must be used when configuring clients to use the directory for System V print information.
  7. If the -d flag is used and a valid existing node on the directory is passed to the command, the AIX information subtree is created under the given node. The print subtree is then created under the AIX information subtree.
  8. Starts the IBM Directory server after all the previous steps are completed.
Notes:
  • If IBM Directory has been configured previously, the Administrator DN and password are needed to run the mkprtldap command. The LDAP configuration is saved in the /etc/slapd32.conf file.
  • If the IBM Directory (LDAP) server configuration is not successful, no undo option is provided for the server-side configuration. See the IBM Directory documentation for any errors that occur during the configuration. If the database information was created by the mkprtldap command, you must remove it manually. If the mkprtldap command has added data to a preexisting database, you must determine how to recover from a failed setup attempt. For details on how to remove data or databases, see the IBM Db2 documentation.