HP OSMS Blueprint: Directory Services on HP ProLiant and HP Integrity Servers with RHEL5
Table Of Contents
- HP Open Source Middleware Stacks Blueprint:
- Table of Contents
- Introduction
- Typographic Conventions
- HP Encourages Your Comments
- Overview of HP Directory Services OSMS
- Installing and Configuring Symas CDS and Apache Modules
- Managing the Symas CDS Server
- Performing Backups and Recovery with Berkeley DB
- Configuring the Master-Slave Replication
- Integrating the Apache HTTP Server with the mod_authnz_ldap and mod_ldap Modules
- Setting up Security for the CDS Server
- Monitoring OpenLDAP with the HP OpenView Operations CDS Gallery SPIs
The diagram illustrates a basic configuration consisting of a master directory server and one or
more replicas. The LDAP applications that are running on the Apache HTTP server, with the
mod_ldap and mod_authnz_ldap modules enabled, are routed through a load balancer to a
replica.
During a read operation, the replica returns the requested information. During a write operation,
the replica returns a reference to the master server. Replicas are kept up to date with the master
content using the LDAP Content Synchronization protocol through the syncrepl directive in
the replica’s configuration. An additional Windows-based server is required to host HP OVO
for manageability through the OpenLDAP SPI.
Installing and Configuring Symas CDS and Apache Modules
Pre-Installation
Before you start to install the HP OSMS Directory Services components, make sure the RHEL5
distribution, with full packages, is installed. Apache HTTP server version 2.0.52 is a bundled
package in the RHEL5 distribution. The mod_authnz_ldap and mod_ldap modules are included
in the Apache HTTP server package. To verify the modules are installed, see “Integrating the
Apache HTTP Server with the mod_authnz_ldap and mod_ldap Modules” (page 19). To obtain
the Symas CDS Silver Edition products and additional instructions, see the Web site located at:
http://www.symas.com/cds.shtml
Verify that you obtained the correct version of the installation packages according to your
architecture, as shown in Table 1.
Installing CDS
The CDS LDAP server can co-exist with OpenLDAP that is bundled with the RHEL5 distribution.
If the CDS LDAP service is used, verify that all LDAP-related commands and daemons are
obtained from the CDS LDAP server installation and not the RHEL5 distribution.
Table 2 CDS Components
DescriptionCDS Component
CDS Gold LDAP and replication server daemons and utilities
cdsgserver*.rpm
CDS LDAP Gold client tools and libraries
cdsgclient*.rpm
CDS header and documentation files
cdsdevel*.rpm
Connexitor public key services and certificate authority
cpkgca*.rpm
NOTE: The * represent the version number and architecture type.
1. The cdsgserver package is dependent on the cdsgclient package. Therefore, install the
cdsgclient package first by entering the following command:
# rpm –ivh cdsgclient*.rpm
2. Install the following packages by entering the commands provided.
a. To install the cdsgserver package, enter:
# rpm –ivh cdsgserver*.rpm
b. To install the cdsdevel package, enter:
# rpm –ivh cdsdevel*.rpm
c. To install the cpkgca package, enter:
# rpm –ivh cpkgca*.rpm
8