1,760
edits
Changes
→Post-installation
service iptables save
</pre>
= System resource configuration =* Add the following lines to /etc/sysctl.conf<pre>net.ipv4.tcp_keepalive_time = 300</pre>* Add the following lines to /etc/security/limits.conf<pre>* soft nofile 8192* hard nofile 8192</pre>
= 389-DS rpm packages =
* yum install 389-ds*
<pre>
389-ds-console-doc
389-ds-base
389-ds-console
389-ds-base-libs
389-ds-base-devel
389-ds
389-dsgw
</pre>
Will install the above rpm packages and their dependencies.
= Requirements for running the setup-ds.pl program =
== Create an unprivileged regular ==
User to act as the Administrator for the 389 Directory Server
<pre>
useradd ldapadmin
</pre>
== Warning message for system resources ==
<pre>
[root@ds389 ~]# setup-ds-admin.pl
==============================================================================
This program will set up the 389 Directory and Administration Servers.
It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
- Press "Enter" to choose the default and go to the next screen
- Type "Control-B" then "Enter" to go back to the previous screen
- Type "Control-C" to cancel the setup program
Would you like to continue with set up? [yes]:
==============================================================================
Your system has been scanned for potential problems, missing patches,
etc. The following output is a report of the items found that need to
be addressed before running this software in a production
environment.
389 Directory Server system tuning analysis version 23-FEBRUARY-2012.
NOTICE : System is x86_64-unknown-linux3.10.0-327.36.3.el7.x86_64 (1 processor).
NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000 milliseconds
(120 minutes). This may cause temporary server congestion from lost
client connections.
WARNING: There are only 1024 file descriptors (soft limit) available, which
limit the number of simultaneous connections.
WARNING : The warning messages above should be reviewed before proceeding.
Would you like to continue? [no]:
</pre>
Update the files "/etc/sysctl.conf" and "/etc/security/limits.conf" and run the "setup-ds-admin.pl" again:
== Setup screen ==
After updating "/etc/sysctl.conf" and "/etc/security/limits.conf", reboot the VM and login as root.
Run the "setup-ds-admin.pl" again and you should get something similar to the following:
<pre>
[root@ds389 ~]# setup-ds-admin.pl
==============================================================================
This program will set up the 389 Directory and Administration Servers.
It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
- Press "Enter" to choose the default and go to the next screen
- Type "Control-B" then "Enter" to go back to the previous screen
- Type "Control-C" to cancel the setup program
Would you like to continue with set up? [yes]:
==============================================================================
Your system has been scanned for potential problems, missing patches,
etc. The following output is a report of the items found that need to
be addressed before running this software in a production
environment.
389 Directory Server system tuning analysis version 23-FEBRUARY-2012.
NOTICE : System is x86_64-unknown-linux3.10.0-327.36.3.el7.x86_64 (1 processor).
Would you like to continue? [yes]:
</pre>
* [https://scs.senecac.on.ca/~raymond.chan/topics/dirsrv/ds389.cp.net-installation-log.txt 389 Directory Server Installation Log]
* [https://scs.senecac.on.ca/~raymond.chan/topics/dirsrv/ds389-setup.log 389 Directory Server setup Log]
= Post-installation =
== Start the Directory Server and Admin service ==
* systemctl enable dirsrv.target
* systemctl start dirsrv.target
* systemctl enable dirsrv-admin.service
* systemctl start dirsrv-admin.service
== Install Xfce for GUI web console ==
* yum groupinstall Xfce
== Testing the LDAP Server ==
* ldapsearch -x -b 'dc=cp,dc=net'
== Start the management console ==
=== On the local machine ===
To start the management console, type 389-console
=== On remote workstation ===
* ssh -X root@192.168.x.20 /usr/bin/389-console -a http://192.168.x.20:9830