Difference between revisions of "Ops535-389-ds-install"

From CDOT Wiki
Jump to: navigation, search
(System resource configuration)
(389-DS rpm packages)
Line 55: Line 55:
  
 
= 389-DS rpm packages =
 
= 389-DS rpm packages =
 +
* yum install 389-ds*
 +
<pre>
 +
389-ds-console-doc
 +
389-ds-base
 +
389-ds-console
 +
389-ds-base-libs
 +
389-ds-base-devel
 +
389-ds
 +
389-dsgw
 +
</pre>
 +
Will install the above rpm packages and their dependencies.
  
 
= Requirements for running the setup-ds.pl program =
 
= Requirements for running the setup-ds.pl program =
  
 
= Post-installation =
 
= Post-installation =

Revision as of 13:52, 15 November 2016

Note: this wiki page is a work-in-progress

OS and virtual hardware configure on VM

  • Minimal CentOS 7.x installation
  • 2 NICs - one on NAT network (192.168.122.0/24), one on isolated private network (192.168.x.0/24)
  • enable "epel" repository - yum install epel-release
  • Hostname: ds389.cp.net
  • IP address: 192.168.x.20/24 on isolated private network

System Software Configuration

Host name resolution

  • Primary DNS server for your domain:
    • Add A resource record: ds389.cp.net. IN A 192.168.x.20
    • Add PTR resource record: 20.x.168.192.in-addr.arpa. IN PTR ds389.cp.net.
  • If you don't have DNS, add the following record to /etc/hosts
    • 192.168.x.20 ds389.cp.net ds389

Firewall configuration

You need to open tcp ports 389, 636 and 9830 for external access to your 389 directory server.

firewalld.service

Run the following commands to open the ports:

 firewall-cmd --permanent --add-port=389/tcp
 firewall-cmd --permanent --add-port=636/tcp
 firewall-cmd --permanent --add-port=9830/tcp

You need to run the following command to update the current firewall settings:

 firewall-cmd --reload

Please confirm your firewall settings with the following command:

firewall-cmd --list-ports

iptables.service

Run the following command to open the ports

iptables -I INPUT -p tcp --dport 389 -j ACCEPT
iptables -I INPUT -p tcp --dport 636 -j ACCEPT
iptables -I INPUT -p tcp --dport 9830 -j ACCEPT

Run the command to save the current firewall settings:

service iptables save

System resource configuration

  • Add the following lines to /etc/sysctl.conf
net.ipv4.tcp_keepalive_time = 300
  • Add the following lines to /etc/security/limits.conf
*    soft    nofile    8192
*    hard    nofile    8192

389-DS rpm packages

  • yum install 389-ds*
389-ds-console-doc
389-ds-base
389-ds-console
389-ds-base-libs
389-ds-base-devel
389-ds
389-dsgw

Will install the above rpm packages and their dependencies.

Requirements for running the setup-ds.pl program

Post-installation