About Securing an Enterprise Server Installation

Restriction: This topic applies only when the Enterprise Server feature is enabled.

You use the Enterprise Server security facility to implement user authentication, and to control access to the applications and resources that a system uses.

You control access to Enterprise Server administrative features and application resources through the use of security managers, sometimes referred to as external security managers (ESMs). Through the use of these security managers, you can implement measures such as verifying users against the operating system configuration or incorporating an LDAP repository into your Enterprise Server security.

Securing an installation involves securing access to the following system components:

The Directory Server (MFDS)
The Directory Server maintains records of system components and their configurations. You use the Enterprise Server Administration user interface to create and modify these configurations. Securing the Directory Server controls who can configure the system.
Enterprise Servers
Enterprise Servers use the application's program files, data files, and other items that a system uses while operating.
Inter-system communications
You can configure SSL links between components to secure these communications. This is covered in another part of the help.

Note: It is possible to apply different security configurations to the Directory Server and the Enterprise Servers. This can, however, cause problems during operation. For example, an administrator can have MFDS access permissions to configure a resource, but if the enterprise server does not have access permissions to use the resource, it cannot be used during operation. The safest thing to do is to apply the same security configuration to the Directory Server and the Enterprise Servers it controls.