Difference between revisions of "Ops535-389-ds-install"
(→OS and virtual hardware configure on VM) |
|||
| Line 8: | Line 8: | ||
* IP address: 192.168.x.20/24 on isolated private network | * IP address: 192.168.x.20/24 on isolated private network | ||
| − | = Software | + | = System Software Configuration = |
| + | == Host name resolution == | ||
| + | * Primary DNS server for your domain: | ||
| + | ** Add A resource record: ds389.cp.net. IN A 192.168.x.20 | ||
| + | ** Add PTR resource record: 20.x.168.192.in-addr.arpa. IN PTR ds389.cp.net. | ||
| + | * If you don't have DNS, add the following record to /etc/hosts | ||
| + | ** 192.168.x.20 ds389.cp.net ds389 | ||
| + | == Firewall configuration == | ||
| + | You need to open tcp ports 389, 636 and 9830 for external access to your 389 directory server. | ||
| + | === firewalld.service === | ||
| + | Run the following commands to open the ports: | ||
| + | <pre> | ||
| + | firewall-cmd --permanent --add-port=389/tcp | ||
| + | firewall-cmd --permanent --add-port=636/tcp | ||
| + | firewall-cmd --permanent --add-port=9830/tcp | ||
| + | </pre> | ||
| + | You need to run the following command to update the current firewall settings: | ||
| + | <pre> | ||
| + | firewall-cmd --reload | ||
| + | </pre> | ||
| + | Please confirm your firewall settings with the following command: | ||
| + | <pre> | ||
| + | firewall-cmd --list-ports | ||
| + | </pre> | ||
| + | === iptables.service === | ||
| + | Run the following command to open the ports | ||
| + | <pre> | ||
| + | iptables -I INPUT -p tcp --dport 389 -j ACCEPT | ||
| + | iptables -I INPUT -p tcp --dport 636 -j ACCEPT | ||
| + | iptables -I INPUT -p tcp --dport 9830 -j ACCEPT | ||
| + | </pre> | ||
| + | Run the command to save the current firewall settings: | ||
| + | <pre> | ||
| + | service iptables save | ||
| + | </pre> | ||
| − | |||
= 389-DS rpm packages = | = 389-DS rpm packages = | ||
Revision as of 14:45, 15 November 2016
Note: this wiki page is a work-in-progress
Contents
OS and virtual hardware configure on VM
- Minimal CentOS 7.x installation
- 2 NICs - one on NAT network (192.168.122.0/24), one on isolated private network (192.168.x.0/24)
- enable "epel" repository - yum install epel-release
- Hostname: ds389.cp.net
- IP address: 192.168.x.20/24 on isolated private network
System Software Configuration
Host name resolution
- Primary DNS server for your domain:
- Add A resource record: ds389.cp.net. IN A 192.168.x.20
- Add PTR resource record: 20.x.168.192.in-addr.arpa. IN PTR ds389.cp.net.
- If you don't have DNS, add the following record to /etc/hosts
- 192.168.x.20 ds389.cp.net ds389
Firewall configuration
You need to open tcp ports 389, 636 and 9830 for external access to your 389 directory server.
firewalld.service
Run the following commands to open the ports:
firewall-cmd --permanent --add-port=389/tcp firewall-cmd --permanent --add-port=636/tcp firewall-cmd --permanent --add-port=9830/tcp
You need to run the following command to update the current firewall settings:
firewall-cmd --reload
Please confirm your firewall settings with the following command:
firewall-cmd --list-ports
iptables.service
Run the following command to open the ports
iptables -I INPUT -p tcp --dport 389 -j ACCEPT iptables -I INPUT -p tcp --dport 636 -j ACCEPT iptables -I INPUT -p tcp --dport 9830 -j ACCEPT
Run the command to save the current firewall settings:
service iptables save
