Note: this wiki page is a work-in-progress
OS and virtual hardware configure on VM
- Minimal CentOS 7.x installation
- 2 NICs - one on NAT network (192.168.122.0/24), one on isolated private network (192.168.x.0/24)
- enable "epel" repository - yum install epel-release
- Hostname: ds389.cp.net
- IP address: 192.168.x.20/24 on isolated private network
System Software Configuration
Host name resolution
- Primary DNS server for your domain:
- Add A resource record: ds389.cp.net. IN A 192.168.x.20
- Add PTR resource record: 20.x.168.192.in-addr.arpa. IN PTR ds389.cp.net.
- If you don't have DNS, add the following record to /etc/hosts
- 192.168.x.20 ds389.cp.net ds389
Firewall configuration
You need to open tcp ports 389, 636 and 9830 for external access to your 389 directory server.
firewalld.service
Run the following commands to open the ports:
firewall-cmd --permanent --add-port=389/tcp firewall-cmd --permanent --add-port=636/tcp firewall-cmd --permanent --add-port=9830/tcp
You need to run the following command to update the current firewall settings:
firewall-cmd --reload
Please confirm your firewall settings with the following command:
firewall-cmd --list-ports
iptables.service
Run the following command to open the ports
iptables -I INPUT -p tcp --dport 389 -j ACCEPT iptables -I INPUT -p tcp --dport 636 -j ACCEPT iptables -I INPUT -p tcp --dport 9830 -j ACCEPT
Run the command to save the current firewall settings:
service iptables save