|Previous: Installation||Next: Batch Operation||Table of Contents|
The handle administration tool is a graphical utility for performing handle operations. Before using this tool it is important you read How Your Naming Authority is Set Up.
The 'Query Handle' button on the main Handle Admin Tool window will display the window below.
Only authenticated users can query restricted handle values(non public read). Other users can query public read handle values. Users can query specific types of handle values or specific index handle values.
The 'Create Handle' button on the main Handle Admin Tool window will display the window below.
Only authenticated users can create handles. Every handle MUST have at least one administrator. Every handle has a handle name and a group of handle values. Every handle value has an index, type, data, TTL(time to live), timestamp, permission set and references.
Be sure to check the appropriate permissions for the administrator handle. The 'More' button to view or modify the Type, TTL, timestamp, permissions, and references related to this handle value.
The 'Value Data' button inputs the data corresponding to the type.
HS_SITE type data adds the site information for naming authority handles to indicate where handles with that naming authority are resolved. The data value must have an index value which can be any unique number within the handle record data. The data version, protocol and serial number are values that have to do with the current handle system version. Check whether the site is a primary or a multi primary. Choose whether the handle will be hashed by the entire handle, just the naming authority, or a local name. Add the IP addresses of the servers that exist in the site. Add attribute value pairs.
HS_ALIAS type data is used to add a handle alias as a handle value.
HS_PUBKEY type data adds a public key as handle value. Generate key pairs (private key, public key) using the 'Generate Key Pair' button. Load a public key from the file system using the 'Load Key' button then add the public key to the key field. Click the 'Clear' button to clear the key field. Click the 'Ok' button to confirm.
HS_VLIST type data is used to define administrator groups with a list of other handle values.
HS_SECKEY type data adds a secret key as handle value. Generally, you should check the 'public read permission' off.
HS_SERV type data is a handle value which has the site information.
URN type data is a handle value which stores a URN.
INET_HOST type data is a handle value which has an IP address or host name.
The 'Modify Handle' button on the main Handle Admin Tool window will display a window that looks much like the handle creation window. To modify a handle, first type it into the text box at the top of the window. Then hit the ENTER key to retrieve the handle's current values. You can then operate on the handle using the modify, remove, and add buttons.
It is important to note that the handle will be modified after each operation. If you plan on replacing an admin value, you should always add the new value first, then remove the old.
The 'Remove Handle' button on the main Handle Admin Tool window will display a simple window for handle deletion. Enter in the handle to remove into the text box at the top of the window. Then hit the ENTER key to view the handle's current values. Finally, click the 'Remove' button to delete the handle.
The 'Run Batch' button on the main Handle Admin Tool window will display a window for submitting batch files. Only authenticated users can submit batch files. Batch files need to follow the file format described in the 4. Batch Operation. Every batch file can include more than one kind of handle operation (CREATE, DELETE, ADD, REMOVE, MODIFY, HOME, UNHOME). Users can authenticate themselves either through the batch files or through the GUI tools.
Click the 'Add' button to enter the batch file path. This will be added to the batch file list window. Click the 'Modify' button to change the selected file's path. Click the 'Remove' button to delete the selected file's path from the list. Click the 'View' button to view the selected batch file's path fully without editing. Click the 'Clear All' button to delete all files from list.
There are 2 ways to authenticate:
There will be output from the batch submission. Select the corresponding radio button to output the log information to a specified file, to stdout, or to the log window. If you chose to output the log to a file, enter the log file path. There are three types of log messages:
"Homing" a naming authority on a particular site tells the server(s) that make up the site that they are responsible for the given naming authority. This way, when a resolver comes along and asks for a handle under that naming authority, the server can say "here it is" or "it doesn't exist" or even "Why are you asking me? I don't have it."
If you enter the naming authority handle as well as the address and port number of one of the primary servers for the desired site, this tool will "home" the given naming authority to that site. A message will be sent to each server in the site indicating that that site will now be responsible for the given naming authority. From then on that server will accept and handle requests for the given naming authority.
"Un-homing" a naming authority on a particular site tells the server(s) that make up the site that they are no longer responsible for the given naming authority, and that they should behave accordingly.
If you enter the naming authority handle as well as the address and port number of one of the primary servers for the desired site, this tool will "unhome" the given naming authority on that site. A message will be sent to each server in the site indicating that that site will no longer be responsible for the given naming authority. From then on that server will reject requests for the handles under the given naming authority.
backup_adminssection of the `config.dct' file on the server).
The checkpoint operation consists of several steps. Upon receiving an authenticated request to backup the database, the server will
After these steps the `handles.bak' and `nas.bak' files can be safely copied to another location for a backup. The `dbtxns.log' file will contain all of the changes made to the database since the `handles.bak' and `nas.bak' files were made. The `dbtxns.log' file will allow you to restore the backup up to the last transaction that was successfully performed if something were to go wrong with the main database.
To perform the checkpointing, enter the IP address and port number of the server that you want to perform the checkpoint operation.
Note: During the checkpoint process, the server will reject all requests to create, modify, or delete handles. For this reason, it is usually preferable to perform the checkpoint operation when there is little administrative activity on the server. Checkpoint operations should only be performed on primary servers since secondary servers do not keep transaction logs for their databases.
To recover the database using the backup files and transaction log you can perform the following steps:
The "List Handles" function of the admin tool sends a request to a service to list all of the handles for a specific naming authority. In order to be able to list handles the administrator must have the "List Handles" permission enabled in the naming authority handle.
To list handles, select 'Server Admin' from the main Handle Administration Tool menu, then click 'List Handles'.
The List Handles function is implemented in the most recent CNRI handle server, but if your handle database is very large, the list handles command may time-out since the database used by the CNRI handle server is not optimized for this kind of operation.
In order to authenticate, the user will need a handle value and its associated secret key or private key.
To authenticate, select 'Setup' from the main Handle Administration Tool menu. Select 'Authentication'. Select the Authentication Type of 'Secret Key' or 'Public Key'. Enter the 'ID Handle' and 'ID Index'. Enter the 'Private Key File' path or the 'Secret Key'. Click 'OK' to begin authentication or click 'Cancel' to cancel it.
To generate key pairs:
Sessions reduce the authentication processing time for performing a sequence of administrative operations. Sessions also enable encrypting transactions between the client and hosting server.
Authenticated users establish a session with a server by selecting the desired session mode from the "Session Mode" list and setting session attributes. Each user explicitly sets session setup options via this panel. The Session Setup panel is displayed below.
To enable sessions:
To display the console:
|Previous: Creating a Handle||Next: Batch Operation||Table of Contents|