Difference between revisions of "Setup basic 389-DS server"
From Notes_Wiki
m |
m |
||
Line 53: | Line 53: | ||
Steps learned from http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/ and https://www.youtube.com/watch?v=2wD-u5TMsfc | Steps learned from http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/ and https://www.youtube.com/watch?v=2wD-u5TMsfc | ||
==Basic setup of 389-ds on CentOS 7.0== | |||
'''These steps did not seem to work''' | |||
[[category:TODO]] | |||
# Configure firewall | |||
#:<pre> | |||
#:: firewall-cmd --permanent --add-port=389/tcp | |||
#:: firewall-cmd --permanent --add-port=636/tcp | |||
#:: firewall-cmd --permanent --add-port=9830/tcp | |||
#:</pre> | |||
#:: Add --zone=internal, if zones are being used | |||
# Install packages: | |||
#:<pre> | |||
#:: yum -y install epel-release | |||
#:: yum install 389-ds-base 389-admin 389-adminutil -y | |||
#:</pre> | |||
# Ignore SELInux poilcy errors | |||
# Enable services to run on startup | |||
#:<pre> | |||
#:: systemctl enable dirsrv.target | |||
#:: systemctl enable dirsrv-admin | |||
#:: systemctl start dirsrv.target | |||
#:: systemctl start dirsrv-admin | |||
#:</pre> | |||
Refer: | |||
* http://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/ | |||
* http://technet.sector19.net/linux/install-and-configure-389-directory-server-centos7/ | |||
Revision as of 08:53, 4 August 2016
<yambe:breadcrumb>389-DS|389-DS</yambe:breadcrumb>
Setup basic 389-DS server
To setup basic 389-DS server use following steps:
- yum -y install epel-release
- If LDAP server is being setup on VM or base machine then do the following: (Not useful for container based setup)
- Edit '/etc/sysctl.conf'
- net.ipv4.tcp_keepalive_time = 300
- net.ipv4.ip_local_port_range = 1024 65000
- In '/etc/security/limits.conf' add:
- * soft nofile 8192
- * hard nofile 8192
- Edit '/etc/profile' and at the end append
- ulimit -n 8192
- Edit '/etc/pam.d/login' and after last session required line add
- session required pam_limits.so
- Edit '/etc/sysctl.conf'
- Create ldapadmin user and set its password
- Install 389-ds and openldap-clients using:
- yum install -y 389-ds openldap-clients
- Ensure that FQDN resolves to IP and with help of /etc/hosts IP resolves to FQDN. Without this setup fails. Even after setup while running the server this is necessary for server to continue working.
- Run 'setup-ds-admin.pl' and enter appropriate values to setup the server
- If there is warning of low file-descriptors reboot
- Choose following options
- Typical setup
- system user is ldapadmin, system group is ldapadmin
- register with existing server: no
- administrator id : admin
- Password: secret
- Other appropriate values
- Allow incoming TCP connections on port 389, 636 and 9830 in firewall
- Configure 389-ds to automatically start on system boot using:
- chkconfig dirsrv-admin on
- chkconfig dirsrv on
To connect to server on administrators machine
- Install 389-ds (and not just 389-console)
- Use command:
- 389-console -a http://<server-fqdn-or-ip>:9830/
Steps learned from http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/ and https://www.youtube.com/watch?v=2wD-u5TMsfc
Basic setup of 389-ds on CentOS 7.0
These steps did not seem to work
- Configure firewall
- firewall-cmd --permanent --add-port=389/tcp
- firewall-cmd --permanent --add-port=636/tcp
- firewall-cmd --permanent --add-port=9830/tcp
-
- Add --zone=internal, if zones are being used
- Install packages:
- yum -y install epel-release
- yum install 389-ds-base 389-admin 389-adminutil -y
- Ignore SELInux poilcy errors
- Enable services to run on startup
- systemctl enable dirsrv.target
- systemctl enable dirsrv-admin
- systemctl start dirsrv.target
- systemctl start dirsrv-admin
Refer:
- http://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
- http://technet.sector19.net/linux/install-and-configure-389-directory-server-centos7/
<yambe:breadcrumb>389-DS|389-DS</yambe:breadcrumb>