Red Hat Directory Server 8.0 8.
Red Hat Directory Server 8.0 This manual provides a high-level overview of design and planning decisions you need to make before installing Directory Server, and describes the different installation methods that you can use.
Red Hat Directory Server 8.0: Installation Guide Copyright © 2008 Copyright © You need to override this in your local ent file Red Hat. This material may only be distributed subject to the terms and conditions set forth in the Open Publication License, V1.0 or later with the restrictions noted below (the latest version of the OPL is presently available at http://www.opencontent.org/openpub/).
Red Hat Directory Server 8.
Preface .................................................................................................................... vii 1. Document Conventions ................................................................................ viii 2. We Need Feedback! ...................................................................................... ix 1. Preparing for a Directory Server Installation ............................................................. 1 1. Directory Server Components ..................
Red Hat Directory Server 8.0 1.2. Configuring Proxy Servers for the Administration Server .......................80 2. Working with Directory Server Instances .........................................................80 2.1. Creating a New Directory Server Instance ............................................80 2.2. (Alternate) Installing Directory Server with setup-ds ..............................81 2.3. Registering an Existing Directory Server Instance with the Configuration Directory Server ............
Preface This installation guide describes the Red Hat Directory Server 8.0 installation process and the migration process. This manual provides detailed step-by-step procedures for all supported operating systems, along with explanations of the different setup options (express, typical, custom, and silent), additional options for Directory Server instance creation, migrating previous versions of Directory Server, and troubleshooting and basic usage. IMPORTANT Directory Server 8.
Preface 1. Document Conventions Certain words in this manual are represented in different fonts, styles, and weights. This highlighting indicates that the word is part of a specific category. The categories include the following: Courier font Courier font represents commands, file names and paths, and prompts . When shown as below, it indicates computer output: Desktop Mail about.html backupfiles logs mail paulwesterberg.
We Need Feedback! Tip A tip is typically an alternative way of performing a task. Important Important information is necessary, but possibly unexpected, such as a configuration change that will not persist after a reboot. Caution A caution indicates an act that would violate your support agreement, such as recompiling the kernel. Warning A warning indicates potential data loss, as may happen when tuning hardware for maximum performance. 2.
x
Chapter 1. Preparing for a Directory Server Installation Before you install Red Hat Directory Server 8.0, there are required settings and information that you need to plan in advance. This chapter describes the kind of information that you should provide, relevant directory service concepts Directory Server components, and the impact and scope of integrating Directory Server into your computing infrastructure.
Chapter 1. Preparing for a Directory Server Installation one for the Administration Server. These port numbers must be unique. The Directory Server instance (LDAP) has a default port number of 389. The Administration Server port number has a default number of 9830. If the default port number for either server is in use, then the setup program randomly generates a port number larger than 1024 to use as the default.
Directory Server User and Group Section 2.2, “Directory Server User and Group” has more information about the server user ID. 2.2. Directory Server User and Group The setup process sets a user ID (UID) and group ID (GID) as which the servers will run. The default UID is a non-privileged (non-root) user, nobody on Red Hat Enterprise Linux and Solaris and daemon on HP-UX. Red Hat strongly recommends using this default value.
Chapter 1. Preparing for a Directory Server Installation this user administrative access. There are important differences between the Directory Administrator and the Directory Manager: • The administrator cannot create top level entries for a new suffix through an add operation. either adding an entry in the Directory Server Console or using ldapadd, a tool provided with OpenLDAP. Only the Directory Manager can add top-level entries by default.
Administration Domain Server in your organization, you must determine which Directory Server instance will host the configuration directory tree, o=NetscapeRoot. Make this decision before installing any compatible Directory Server applications. The configuration directory is usually the first one you set up. Since the main configuration directory generally experiences low traffic, you can permit its server instances to coexist on any machine with a heavier-loaded Directory Server instance.
Chapter 1. Preparing for a Directory Server Installation Would you like to continue with setup? [yes]: • Pressing Enter accepts the default answer and proceeds to the next dialog screen. Yes/No prompts accept y for Yes and n for No. • To go back to a previous dialog screen, type Control-B and press Enter. You can backtrack all the way to the first screen. • Two prompts ask for a password. After entering it the first time, confirm the password by typing it in again.
About the setup-ds-admin.pl Script • An .inf file can be used in conjunction with command line parameters. Parameters set in the command line override those specified in an .inf file, which is useful for creating an .inf file to use to set up many Directory Servers. Many of the parameters can be the same, such as ConfigDirectoryLdapURL, ones specific to the host, such as FullMachineName have to be unique. For example: setup-ds-admin.pl -s -f common.inf General.FullMachineName=ldap37.example.com slapd.
Chapter 1. Preparing for a Directory Server Installation Option Alternate Options Description Example --silent parameter; if used alone, it sets the default values for the setup prompts. --debug -d[dddd] This parameter turns on debugging information. For the -d flag, increasing the number of d's increases the debug level. --keepcache -k This saves the temporary installation file, .inf that is created when the setup script is run. This file can then be reused for a silent setup.
Overview of Setup Option Alternate Options Description which to write the output. If this is not set, then the setup information is written to a temporary file. Example /export/example2007.log For no log file, set the file name to /dev/null: -l /dev/null Table 1.1. setup-ds-admin Options 4. Overview of Setup After the Directory Server packages are installed, there is a script, setup-ds-admin.pl, which you run to configure the new Directory Server and Administration Server instance.
Chapter 1. Preparing for a Directory Server Installation NOTE It is possible to use y and n with the yes and no inputs described in Section 3.5, “About .inf File Parameters”. Setup Screen Parameter Input Express Typical Custom Silent Setup File Parameter Continue with setup Yes or no N/A Accept license agreement Yes or no N/A Accept Yes or no N/A dsktune output and continue with setup Choose setup type N/A • 1 (express) • 2 (typical) • 3 (custom) Set the computer name ldap.example.
Overview of Setup Setup Screen Parameter Input Express Typical Custom Silent Setup File Parameter new Directory Server with an existing Configuration Directory Server Set the Configuration Directory Server URL a ldap://ldap.example.com:389/o=NetscapeRoot Give the Configuration Directory Server user ID a admin Give the Configuration Directory Server user password a password [General] ConfigDirectoryLdapURL= ldap://ldap.example.
Chapter 1.
Overview of Setup Setup Screen Parameter Input Express Typical such as ou=People • Type none, which does not import any data Custom Silent Setup File Parameter [slapd] AddOrgEntries= Yes InstallLdifFile= /export/data.ldif Set the 9830 Administration Server port [admin] Port= 9830 Set the blank (all Administration interfaces) Server IP address [admin] ServerIpAddress= 111.11.11.
14
Chapter 2. System Requirements Before configuring the default Red Hat Directory Server 8.0 instances, it is important to verify that the host server has the required system settings and configuration: • The system must have the required packages, patches, and kernel parameter settings. • DNS must be properly configured on the target system. • The host server must have a static IP address.
Chapter 2. System Requirements Number of Entries Disk Space/Required Memory Free disk space: 8 GB Free memory: 1 GB Table 2.1. Hardware Requirements 2. Operating System Requirements Directory Server is supported on these operating systems: Red Hat Enterprise Linux 4 and 5 (x86 and x86_64), HP-UX 11i (IA 64), and Sun Solaris 9 (sparc 64-bit). The specific operating system requirements and kernel settings, patches, and libraries are listed for each. • Section 2.1, “Using dsktune” • Section 2.
Red Hat Enterprise Linux 4 and 5 instances so that you can properly configure your kernel settings and install any missing patches. On Red Hat Enterprise Linux and Solaris, the dsktune utility is in the /usr/bin directory; on HP-UX, it is in /opt/dirsrv/bin. To run it, simply use the appropriate command: /usr/bin/dsktune Red Hat Directory Server system tuning analysis version 10-AUGUST-2007. NOTICE : System is i686-unknown-linux2.6.9-34.EL (1 processor).
Chapter 2. System Requirements Linux Patches”, and the recommended system configuration changes are described in Section 2.2.2, “Red Hat Enterprise Linux System Configuration”.
Red Hat Enterprise Linux 4 and 5 Criteria Requirements Red Hat Enterprise Linux 5 Server (x86 and x86_64) Required Filesystem ext3 Table 2.3. System Versions 2.2.2. Red Hat Enterprise Linux System Configuration After verifying the system's kernel and glibc configuration and installing any required modules and patches, fine-tune the Red Hat Enterprise Linux system to work with Directory Server.
Chapter 2. System Requirements 3. Then increase the maximum number of open files on the system by editing the /etc/security/limits.conf configuration file. Add the following entry: * - nofile 8192 4. Edit the /etc/pam.d/system-auth, and add this entry: session required /lib/security/$ISA/pam_limits.so 5. Reboot the Linux machine to apply the changes. 2.2.2.3.
HP-UX 11i Criteria Requirements deployment 2 GB minimum for larger environments 4 GB minimum for very large environments (more than a million entries) You must use the largefile command to configure database files larger than 2 GB. Other To run the Directory Server using port numbers less than 1024, such as the default port 389, you must setup and start the Directory Server as root, but it is not necessary to run the Directory Server as root. Table 2.4. HP-UX 11i 2.3.1.
Chapter 2. System Requirements 2.3.2. HP-UX System Configuration Before setting up Directory Server, tune your HP-UX system so Directory Server can access the respective kernel parameters. To tune HP-UX systems, enable large file support, set the TIME_WAIT value, and modify kernel parameters. • Section 2.3.2.1, “Perl Prerequisites” • Table 2.6, “HP-UX 11i Kernel Parameters” • Section 2.3.2.3, “TIME_WAIT Setting” • Section 2.3.2.4, “Large File Support” • Section 2.3.2.5, “DNS Requirements” 2.3.2.1.
Sun Solaris 9 This limits the socket TIME_WAIT state to 60 seconds. 2.3.2.4. Large File Support To run Directory Server on HP-UX, you must enable large file support. 1. Unmount the filesystem using the umount command. umount /export 2. Create the large filesystem. fsadm -F vxfs -o largefiles /dev/vg01/rexport 3. Remount the filesystem. /usr/sbin/mount -F vxfs -o largefiles /dev/vg01/export 2.3.2.5.
Chapter 2. System Requirements are listed in Section 2.4.1, “Solaris Patches”, and the recommended configuration changes are described in Section 2.4.2, “Solaris System Configuration”.
Sun Solaris 9 Patch ID Description 112233-12 SunOS 5.9: Kernel patch 112964-08 SunOS 5.9: /usr/bin/ksh patch 112808 CDE1.5: Tooltalk patch 113279-01 SunOS 5.9: klmmod patch 113278-07 SunOS 5.9: NFS Daemon patch 113023 SunOS 5.9: Broken preremove scripts from S9 ALC packages 112601-09 SunOS 5.9: PGX32 Graphics 113923-02 X11 6.6.1: security font server patch 112817-18 SunOS 5.9: Sun Gigaswift Ethernet 1.0 driver patch 113718-02 SunOS 5.9: usr/lib/utmp_udate patch 114135-01 SunOS 5.
Chapter 2. System Requirements • Section 2.4.2.4, “File Descriptors” 2.4.2.1. Perl Prerequisites On Solaris systems, Red Hat Directory Server is installed with a Perl package, RHATperlx, that must be used. This package contains a 64-bit version of Perl 5.8. It is not possible to use the Perl version installed in /usr/bin/perl on Solaris because it is 32 bit and will not work with Directory Server's 64-bit components. 2.4.2.2.
Sun Solaris 9 connections. If you increase the rlim_fd_max value to over 4096, you must decrease the tcp_smallest_anon_port value in the /etc/init.d/inetinit file. ndd -set /dev/tcp tcp_smallest_anon_port 8192 • Reboot the Solaris machine to apply these changes. 2.4.2.3. DNS and NIS Requirements It is very important that DNS and reverse DNS be working correctly on the host machine, especially if you are using TLS/SSL or Kerberos with Directory Server.
28
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux Installing and configuring Red Hat Directory Server on Red Hat Enterprise Linux has three major steps: 1. Install the required version of the Java® Runtime Environment (JRE). 2. Install the Directory Server packages. 3. Run the setup-ds-admin.pl script. This is where all of the information about the new Directory Server instance is supplied.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux NOTE There is a fourth setup option called a silent installation. This provides two ways of performing the setup without user interaction, either by passing arguments in the command-line with the setup-ds-admin.pl script or to use a file with settings already defined. This is extremely useful for doing large numbers of Directory Server instances, since it does not require any user involvement after the packages are installed.
Installing the Directory Server Packages 2. Log in as root, and install the JRE. For example: rpm -Uvh java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.i386.rpm After installing the JRE, install the Directory Server packages, as described in Section 2, “Installing the Directory Server Packages”. 2. Installing the Directory Server Packages 1. Install the Directory Server packages.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux ls *.rpm | egrep -iv -e devel -e debuginfo | xargs rpm -ivh 2. After the Directory Server packages are installed, run the setup-ds-admin.pl script to set up and configure the default Directory Server instance and the Administration Server. /usr/sbin/setup-ds-admin.pl 3. Accept the licensing agreement. 4. On the next screen, review the dsktune output. If there are any issues that you should address, exit the setup-ds-admin.
Express Setup match the /etc/resolv.conf settings, the setup program cannot use the default hostname option, and setup will fail. WARNING If Directory Server is already installed on your machine, it is extremely important that you perform a migration, not a fresh installation. Migration is described in Chapter 8, Migrating from Previous Versions. 1. After the Directory Server packages are installed as described in Section 2, “Installing the Directory Server Packages”, then launch the setup-ds-admin.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux NOTE To register the Directory Server instance with an existing Configuration Directory Server, select yes. This continues with the registration process rather than the regular express setup process. Registering a new instance with a Configuration Directory Server requires you to supply information about the Configuration Directory Server: • The Configuration Directory Server URL, such as ldap://ldap.example.
Typical Setup Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . Restarting admin server . . . The admin server was successfully started. Admin server was successfully reconfigured and started. Exiting . . . Log file is '/tmp/setup0C7tiV.log' The setup-ds-admin.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux ports for the Directory and Administration Servers, the domain name, and directory suffix. WARNING If Directory Server is already installed on your machine, it is extremely important that you perform a migration, not a fresh installation. Migration is described in Chapter 8, Migrating from Previous Versions. 1.
Typical Setup The hostname is very important. It is used generate the Directory Server instance name, the admin domain, and the base suffix, among others. If you are using SSL/TLS or Kerberos, the computer name must be the exact name that clients use to connect to the system. If you will use DNS, make sure the name resolves to a valid IP address and that IP address resolves back to this name. 6. Set the user and group as which the Directory Server process will run. The default is nobody:nobody.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux This information is supplied in place of creating an admin user and domain for the new Directory Server, steps 8, 9, and 10. 8. Set the administrator username. The default is admin. 9. Set the administrator password and confirm it. 10.Set the administration domain. This defaults to the host's domain. For example: Administration Domain [example.com]: 11.Enter the Directory Server port number.
Custom Setup Creating directory server . . . Your new DS instance 'example2' was successfully created. Creating the configuration directory server . . . Beginning Admin Server reconfiguration . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . .
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux you have existing information. The other imports sample data that is included with Directory Server; this is useful for testing features of Directory Server and for evaluation. NOTE Run the setup-ds-admin.pl script as root. The custom setup has the following steps: WARNING If Directory Server is already installed on your machine, it is extremely important that you perform a migration, not a fresh installation.
Custom Setup NOTE The setup program gets the host information from the /etc/resolv.conf file. If there are aliases in the /etc/hosts file, such as ldap.example.com, that do not match the /etc/resolv.conf settings, you cannot use the default hostname option. The hostname is very important. It is used generate the Directory Server instance name, the admin domain, and the base suffix, among others.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux • The Configuration Directory Server administrator's user ID; by default, this is admin. • The administrator user's password. • The Configuration Directory Server Admin domain, such as example.com. • The CA certificate to authenticate to the Configuration Directory Server. This is only required if the Directory Server instance will connect to the Configuration Directory Server over LDAPS.
Custom Setup 16.Select whether you want to install sample entries with the Directory Server instance. This means that an example LDIF, with preconfigured users, groups, roles, and other entries, is imported into the Directory Server database. This option is helpful for evaluation or testing Directory Server features. This is not required. 17.Select whether to populate the Directory Server with data; this means whether to import an LDIF file with existing data into the Directory Server database.
Chapter 3. Setting up Red Hat Directory Server on Red Hat Enterprise Linux Exiting . . . Log file is '/tmp/setupul88C1.log' When the setup-ds-admin.pl script is done, then the Directory Server is configured and running. To log into the Directory Server Console to begin setting up your directory service, do the following: 1. Get the Administration Server port number from the Listen parameter in the console.conf configuration file. grep \^Listen /etc/dirsrv/admin-serv/console.conf Listen 0.0.0.0:9830 2.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i Installing and configuring Red Hat Directory Server on HP-UX has three major steps: 1. Install the required version of the Java® Runtime Environment (JRE). 2. Install the Directory Server packages. 3. Run the setup program. The setup step is where all of the information about the new Directory Server instance is supplied.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i Server and Administration Server”. This chapter describes the complete process for installing Directory Server on HP-UX 11i, including both the JRE and Directory Server packages, and the different setup options. 1. Installing the JRE Necessary Java JRE libraries are not bundled with Directory Server. They must be downloaded and extracted separately before installing the Directory Server packages. NOTE Directory Server 8.
Express Setup NOTE Directory Server version 8.0 conforms to the Filesystem Hierarchy Standards. This means that the directories and files are in different locations than previous versions. For more information on FHS, see the http://www.pathname.com/fhs/ homepage. For a table showing the new file locations, see Section 1, “Directory Server File Locations”. 3. Express Setup Use express installation if you are installing Directory Server for an evaluation or trial.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i 2. Select y to accept the Red Hat licensing terms. 3. The dsktune utility runs. Select y to continue with the setup. dsktune checks the available disk space, processor type, physical memory, and other system data and settings such as TCP/IP ports and file descriptor settings. If your system does not meet these basic Red Hat Directory Server requirements, dsktune returns a warning.
Express Setup Directory Server in steps 6 and 7. 6. Set the administrator username. The default is admin. 7. Set the administrator password and confirm it. 8. Set the Directory Manager username. The default is cn=Directory Manager. 9. Set the Directory Manager password and confirm it. 10.The last screen asks if you are ready to set up your servers. Select yes. Are you ready to set up your servers? [yes]: Creating directory server . . . Your new DS instance 'example' was successfully created.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i 2. Using the Administration Server port number, launch the Console. /opt/dirsrv/bin/redhat-idm-console -a http://localhost:9830 NOTE If you do not pass the Administration Server port number with the redhat-idm-console command, then you are prompted for it at the Console login screen. 4. Typical Setup The typical setup process is the most commonly-used setup process.
Typical Setup 3. The dsktune utility runs. Select y to continue with the setup. dsktune checks the available disk space, processor type, physical memory, and other system data and settings such as TCP/IP ports and file descriptor settings. If your system does not meet these basic Red Hat Directory Server requirements, dsktune returns a warning. dsktune warnings do not block the setup process; simply enter y to go to the next step. 4. Next, choose the setup type.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i NOTE To register the Directory Server instance with an existing Configuration Directory Server, select yes. This continues with the registration process rather than the regular typical setup process. Registering a new instance with a Configuration Directory Server requires you to supply information about the Configuration Directory Server: • The Configuration Directory Server URL, such as ldap://ldap.example.
Typical Setup 12.Enter the Directory Server identifier; this defaults to the hostname. Directory server identifier [example]: 13.Enter the directory suffix. This defaults to dc=domain name. For example: Suffix [dc=redhat, dc=com]: 14.Set the Directory Manager username. The default is cn=Directory Manager. 15.Set the Directory Manager password and confirm it. 16.Enter the Administration Server port number.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i grep \^Listen /etc/dirsrv/admin-serv/console.conf Listen 0.0.0.0:9830 2. Using the Administration Server port number, launch the Console. /opt/dirsrv/bin/redhat-idm-console -a http://localhost:9830 NOTE If you do not pass the Administration Server port number with the redhat-idm-console command, then you are prompted for it at the Console login screen. 5.
Custom Setup # /opt/dirsrv/sbin/setup-ds-admin.pl 2. Select y to accept the Red Hat licensing terms. 3. The dsktune utility runs. Select y to continue with the setup. dsktune checks the available disk space, processor type, physical memory, and other system data and settings such as TCP/IP ports and file descriptor settings. If your system does not meet these basic Red Hat Directory Server requirements, dsktune returns a warning.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i network, it is not possible to register it with another directory. Select n to set up this Directory Server as a Configuration Directory Server and move to the next custom install step, setting up the administrator user. NOTE To register the Directory Server instance with an existing Configuration Directory Server, select yes. This continues with the registration process rather than the regular custom setup process.
Custom Setup Directory server network port [389]: 1066 12.Enter the Directory Server identifier; this defaults to the hostname. Directory server identifier [example]: 13.Enter the directory suffix. This defaults to dc=domain name. For example: Suffix [dc=redhat, dc=com]: 14.Set the Directory Manager username. The default is cn=Directory Manager. 15.Set the Directory Manager password and confirm it. 16.Select whether you want to install sample entries with the Directory Server instance.
Chapter 4. Setting up Red Hat Directory Server on HP-UX 11i example: Run Administration Server as [daemon]: 21.The last screen asks if you are ready to set up your servers. Select yes. Are you ready to set up your servers? [yes]: Creating directory server . . . Your new DS instance 'example3' was successfully created. Creating the configuration directory server . . . Beginning Admin Server reconfiguration . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . .
Custom Setup If you do not pass the Administration Server port number with the redhat-idm-console command, then you are prompted for it at the Console login screen.
60
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris Installing and configuring Red Hat Directory Server on Sun Solaris has three major steps: 1. Install the required version of the Java® Runtime Environment (JRE). 2. Install the Directory Server packages. 3. Run the setup program. The setup step is where all of the information about the new Directory Server instance is supplied.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris Necessary Java JRE libraries are not bundled with Directory Server. They must be downloaded and extracted separately before installing the Directory Server packages. NOTE Directory Server 8.0 requires JRE version 1.5.0. Install the latest version of the 64-bit Sun J2SE Java Runtime Environment 5.0 (Update 9), available from the Sun download site, http://java.sun.com/javase/downloads/index.jsp.
Installing the Directory Server Packages After installing the JRE, install the Directory Server packages, as described in Section 2, “Installing the Directory Server Packages”. 2. Installing the Directory Server Packages There are two ways to install the Directory Server packages. The packages can be downloaded individually through Red Hat Network, or an ISO image can be downloaded and saved to a CD or DVD. • Section 2.1, “Installing Individual Packages” • Section 2.2, “Installing from an ISO Image” 2.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris backup directory. 5. Delete the temporary directory. rm -rf /tmp/rhds80 6. After the Directory Server packages are installed, run the setup program to set up and configure the default Directory Server instance and the Administration Server. /usr/sbin/setup-ds-admin.pl 7. Accept the initial screens for licensing and dsktune output, then select the setup type, and proceed with configuring the new Directory Server instance.
Express Setup cd /directory/tmp/RedHat/PKGS 3. Translate the package to the Solaris filesystem format: for i in `ls *.pkg`; do yes all | pkgtrans $i /directory/ ; done 4. Add the package: yes yes | pkgadd -d /directory/ all If another application such as Red Hat Certificate System is already installed on the server, pkgadd detects the shared packages. Make sure that the pkgadd program replaces any existing versions with the packages included with Directory Server. 5.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris NOTE The setup program gets the host information from the /etc/resolv.conf file. If there are aliases in the /etc/hosts file, such as ldap.example.com, that do not match the /etc/resolv.conf settings, the setup program cannot use the default hostname option, and setup will fail. WARNING If Directory Server is already installed on your machine, it is extremely important that you perform a migration, not a fresh installation.
Express Setup up the administrator user. NOTE To register the Directory Server instance with an existing Configuration Directory Server, select yes. This continues with the registration process rather than the regular express setup process. Registering a new instance with a Configuration Directory Server requires you to supply information about the Configuration Directory Server: • The Configuration Directory Server URL, such as ldap://ldap.example.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . Restarting admin server . . . The admin server was successfully started. Admin server was successfully reconfigured and started. Exiting . . .
Typical Setup The typical setup process is the most commonly-used setup process. It offers control over the ports for the Directory and Administration Servers, the domain name, and directory suffix. WARNING If Directory Server is already installed on your machine, it is extremely important that you perform a migration, not a fresh installation. Migration is described in Chapter 8, Migrating from Previous Versions. 1.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris match the /etc/resolv.conf settings, you cannot use the default hostname option. The hostname is very important. It is used generate the Directory Server instance name, the admin domain, and the base suffix, among others. If you are using SSL/TLS or Kerberos, the computer name must be the exact name that clients use to connect to the system.
Typical Setup • The Configuration Directory Server Admin domain, such as example.com. • The CA certificate to authenticate to the Configuration Directory Server. This is only required if the Directory Server instance will connect to the Configuration Directory Server over LDAPS. This should be the full path and filename the CA certificate in PEM/ASCII format. This information is supplied in place of creating an admin user and domain for the new Directory Server, steps 8, 9, and 10. 8.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris Administration port [9830]: 17.The last screen asks if you are ready to set up your servers. Select yes. Are you ready to set up your servers? [yes]: Creating directory server . . . Your new DS instance 'example2' was successfully created. Creating the configuration directory server . . . Beginning Admin Server reconfiguration . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . .
Custom Setup login screen. 5. Custom Setup Custom setup provides two special configuration options that allow you to add information to the Directory Server databases during the setup period. One imports an LDIF file, which is useful if you have existing information. The other imports sample data that is included with Directory Server; this is useful for testing features of Directory Server and for evaluation. NOTE Run the setup-ds-admin.pl script as root.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris 5. Set the computer name of the machine on which the Directory Server is being configured. This defaults to the fully-qualified domain name (FQDN) for the host. For example: Computer name [ldap.example.com]: NOTE The setup program gets the host information from the /etc/resolv.conf file. If there are aliases in the /etc/hosts file, such as ldap.example.com, that do not match the /etc/resolv.
Custom Setup ldap://ldap.example.com:389/o=NetscapeRoot To use TLS/SSL, set the protocol as ldaps:// instead of ldap:// For LDAPS, use the secure port (636) instead of the standard port (389), and provide a CA certificate. • The Configuration Directory Server administrator's user ID; by default, this is admin. • The administrator user's password. • The Configuration Directory Server Admin domain, such as example.com. • The CA certificate to authenticate to the Configuration Directory Server.
Chapter 5. Setting up Red Hat Directory Server on Sun Solaris Suffix [dc=redhat, dc=com]: 14.Set the Directory Manager username. The default is cn=Directory Manager. 15.Set the Directory Manager password and confirm it. 16.Select whether you want to install sample entries with the Directory Server instance. This means that an example LDIF, with preconfigured users, groups, roles, and other entries, is imported into the Directory Server database.
Custom Setup Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . Restarting admin server . . . The admin server was successfully started. Admin server was successfully reconfigured and started. Exiting . . . Log file is '/tmp/setupul88C1.
78
Chapter 6. Advanced Setup and Configuration After the default Directory Server and Administration Server have been configured, there are tools available to manage, create, and remove server instances. These include Administration Server conigurations to allow people to access the Directory Server files remotely, silent setup tools for installing instances from file configuration, and instance setup and removal scripts. 1.
Chapter 6. Advanced Setup and Configuration *.*.*.* This allows all IP addresses to access the Administration Server. 6. Restart the Administration Server. CAUTION Adding the client machine proxy IP address to the Administration Server creates a potential security hole. 1.2.
(Alternate) Installing Directory Server with It is also possible to provide Directory Server parameters on the command line, so that the instance is created with pre-defined defaults. For example: setup-ds-admin.pl slapd.ServerPort=1100 slapd.RootDNPwd=itsasecret When the installer runs, the Directory Server port default is 1100, and the Directory Manager password is itsasecret.
Chapter 6. Advanced Setup and Configuration register-ds-admin script. /usr/sbin/register-ds-admin.pl IMPORTANT Running register-ds-admin creates a default instance of the Administration Server and Configuration Directory Server if they do not already exist, then registers any existing Directory Servers with the Configuration Directory Server. 3.
setup-ds RootDNPwd= password123 [admin] Port= 9830 ServerIpAddress= 111.11.11.11 ServerAdminID= admin ServerAdminPwd= admin NOTE There are three sections of directives in the .inf file to create the default Directory and Administration Servers: [General], [slapd], and [admin]. Creating an additional instance, or installing a single instance of Directory Server using setup-ds.pl, only requires two sections, [General] and [slapd].
Chapter 6. Advanced Setup and Configuration packages must already be installed, and the Administration Server must already be configured and running. 1. Make the setup .inf file. It must specify the following directives: [General] FullMachineName= dir.example.
Sending Parameters in the Command Line The setup utility, setup-ds-admin.pl, allows settings for all three configuration components — General (host server), slapd (LDAP server), and admin (Administration Server) — to be passed directly in the command line. Command-line arguments correspond to the parameters and values set in the .inf file. The arguments used with setup-ds-admin.pl specify the .inf setup file section (General, slapd, or admin), parameter, and value in the following form: section.
Chapter 6. Advanced Setup and Configuration The section names and parameter names used in the .inf files and on the command line are case sensitive. Refer to Table 6.1, “setup-ds-admin Options” to check the correct capitalization. Option Alternate Options Description --silent -s This sets that the setup script will run in silent mode, drawing the configuration information from a file (set with the --file parameter) rather than interactively.
Using the ConfigFile Parameter to Configure Option Alternate Options Description Example WARNING The cache file contains the cleartext passwords supplied during setup. Use appropriate caution and protection with this file. --logfile name -l This parameter specifies a log file to which to write the output. If this is not set, then the setup information is written to a temporary file. -l /export/example2007.log For no log file, set the file name to /dev/null: -l /dev/null Table 6.1.
Chapter 6. Advanced Setup and Configuration For example, to configure a new Directory Server instance as a supplier in replication, ConfigFile can be used to create the replication manager, replica, and replication agreement entries: [slapd] ... ConfigFile ConfigFile ConfigFile ConfigFile ... = = = = repluser.ldif changelog.ldif replica.ldif replagreement.ldif The LDIF file contains the entry information. For example, the replica.
the Directory Server • General — which supplies information about the server machine; these are global directives that are common to all your Directory Servers. • slapd — which supplies information about the specific Directory Server instance; this information, like the port and server ID, must be unique.
Chapter 6. Advanced Setup and Configuration Directive Description Required user nobody on Linux and Solaris and daemon on HP-UX. This should be changed for most deployments. SuiteSpotGroup Specifies the group as which the servers will run. The default is group nobodyon Linux and Solaris and daemon on HP-UX. This should be changed for most deployments. No ConfigDirectoryLdapURL Specifies the LDAP URL that is used to connect to your configuration directory.
About .inf File Parameters Directive Description Required Example Section 2.1, “Port Numbers”. ServerIdentifier Specifies the server No identifier. This value is used as part of the name of the directory in which the Directory Server instance is installed. For example, if the machine's hostname is phonebook, then this name is the default, and selecting it installs the Directory Server instance in a directory labeled slapd-phonebook.
Chapter 6. Advanced Setup and Configuration Directive Description Required Example No suggest directive is used and InstallLdifFile is also used, then this directive has no effect. The default is no. InstallLdifFile Populates the new directory with the contents of the specified LDIF file. SchemaFile Lists the full path and No file name of additional schema files; this is used if there is custom schema with the old Directory Server. This directive may be specified more than once.
About .inf File Parameters Directive Description Required Example This should be changed for most deployments. For information as to what users your servers should run, see Section 2.2, “Directory Server User and Group”. Port Specifies the port that No the Administration Server will use. The default port is 9830. 9830 ServerAdminID Specifies the administration ID that can be used to access this Administration Server if the configuration directory is not responding.
Chapter 6. Advanced Setup and Configuration Directive Description Required Example Server. Table 6.4. [admin] Directives 3.5.2. Sample .inf Files [General] FullMachineName= SuiteSpotUserID= SuiteSpotGroup= AdminDomain= ConfigDirectoryAdminID= ConfigDirectoryAdminPwd= ConfigDirectoryLdapURL= [slapd] SlapdConfigForMC= UseExistingMC= ServerPort= ServerIdentifier= Suffix= RootDN= RootDNPwd= InstallLdifFile= AddOrgEntries= [admin] SysUser= Port= ServerIpAddress= ServerAdminID= ServerAdminPwd= ldap.
Uninstalling Directory Server UseExistingUG= No ServerPort= 18257 ServerIdentifier= directory Suffix= dc=example,dc=com RootDN= cn=Directory Manager UseReplication= No AddSampleEntries= No InstallLdifFile= suggest AddOrgEntries= Yes DisableSchemaChecking= No RootDNPwd= admin123 [admin] Port= 33646 ServerIpAddress= 111.11.11.11 ServerAdminID= admin ServerAdminPwd= admin Example 6.2. .inf File for Registering the Instance with a Configuration Directory Server (Typical Setup) 4.
Chapter 6. Advanced Setup and Configuration /usr/sbin/ds_removal -s example3 -w itsasecret 2. Stop the Administration Server. /etc/init.d/dirsrv-admin stop 3. Then use the system tools to remove the packages.
Uninstalling Directory Server rm -Rf /export/ds80 4. Remove the symlinks to the directories. For example: rm -f /opt/dirsrv /var/opt/dirsrv /etc/opt/dirsrv 4.2.3. Solaris To uninstall Red Hat Directory Server entirely, do the following: 1. Remove all of the Directory Server instances. /usr/sbin/ds_removal -s example1 -w itsasecret /usr/sbin/ds_removal -s example2 -w itsasecret /usr/sbin/ds_removal -s example3 -w itsasecret 2. Stop the Administration Server. /etc/init.d/dirsrv-admin stop 3.
98
Chapter 7. General Usage Information This chapter contains common information that you will use after installing Red Hat Directory Server 8.0, such as where files are installed; how to start the Directory Server, Administration Server, and Directory Server Console; and basic troubleshooting information. For more detailed information on using Directory Server, see the Directory Server Administration Guide. 1. Directory Server File Locations Red Hat Directory Server 8.
Chapter 7. General Usage Information File or Directory Location Log files /var/log/dirsrv/slapd-instance Configuration files /etc/dirsrv/slapd-instance Instance directory /usr/lib64/dirsrv/slapd-instance Database files /var/lib/dirsrv/slapd-instance Runtime files /var/lock/dirsrv/slapd-instance /var/run/dirsrv/slapd-instance Initscripts /etc/rc.d/init.d/dirsrv and /etc/sysconfig/dirsrv /etc/rc.d/init.d/dirsrv-admin and /etc/sysconfig/dirsrv-admin Tools /usr/bin/ /usr/sbin/ Table 7.2.
LDAP Tool Locations File or Directory Location Log files /var/opt/log/dirsrv/slapd-instance Configuration files /etc/opt/dirsrv/slapd-instance Instance directory /opt/dirsrv/slapd-instance Database files /var/opt/dirsrv/slapd-instance Runtime files /var/opt/dirsrv/instance Binaries /opt/dirsrv/bin/ /opt/dirsrv/sbin/ Libraries /opt/dirsrv/lib/ Table 7.4. HP-UX 11i (IA64) 2.
Chapter 7. General Usage Information NOTE Make sure that the correct JRE — the program called java — is set in the PATH before launching the Console. When the login screen opens, you are prompted for the username, password, and Administration Server location. It is possible to send the Administration Server URL and port with the start script.
Starting and Stopping Administration Server /usr/lib/dirsrv/slapd-instance/start-slapd /usr/lib/dirsrv/slapd-instance/restart-slapd /usr/lib/dirsrv/slapd-instance/stop-slapd • The Directory Server service can also be stopped and started using system tools on Red Hat Enterprise Linux and Solaris. For example, Linux uses the service tool: service dirsrv {start|stop|restart} instance Solaris uses /etc/init.d: /etc/init.
Chapter 7. General Usage Information Passwords are stored in the Directory Server databases and can be modified with tools like ldapmodify and through the Directory Server Console. The Directory Manager password is stored in the Directory Server configuration files and can be viewed (if lost) and modified by editing that file. To check or reset the Directory Manager password, do the following: 1. Stop the Directory Server.
Running dsktune 7. Troubleshooting 7.1. Running dsktune dsktune runs when the Directory Server is first set up to check for minimum operating requirements. After the setup, the dsktune utility can determine the Directory Server patch levels and kernel parameter settings. To launch dsktune, Directory Server has to be installed successfully first. NOTE You must run dsktune as root. On Solaris, dsktune automatically checks the patches and compares them with the current Sun recommended patch lists.
Chapter 7. General Usage Information 7.2. Common Installation Problems There are several common problems that can come up during the setup process, generally relating to network or naming problems. These problems and workarounds and soluions are described below. For system information, try running the dsktune utility to identify potential hardware problems. 7.2.1. Problem: Clients cannot locate the server Solution. First, modify the hostname.
Chapter 8. Migrating from Previous Versions Red Hat Directory Server 6.x and 7.x instances can be migrated to Directory Server 8.0. Migration carries over all data and settings from the older Directory Server to the new Directory Server, including Administration Server and Console information. This is performed by running a Directory Server-specific script, migrate-ds-admin.pl. migrate-ds-admin.
Chapter 8. Migrating from Previous Versions WARNING If Directory Server databases have been moved from their default location (/opt/redhat-ds/slapd-instancename/db), migration will not copy these databases, but will use the directly. This means that if you run migration, you may not be able to go back to the old version. Migration will not remove or destroy the data, but may change the format in such a way that you cannot use the older version of the Directory Server.
About migrate-ds-admin.pl On Red Hat Enterprise Linux and Solaris machines, the migrate-ds-admin tool is in the /usr/sbin/ directory. On HP-UX machines, the migrate-ds-admin is in the /opt/dirsrv/sbin/ directory. Option Alternate Options Description General.ConfigDirectoryAdminPwd=password Required. This is the password for the configuration directory administrator of the old Directory Server (the default username is admin). --oldsroot -o Required.
Chapter 8. Migrating from Previous Versions Option Alternate Options Description on the machine. --file=name -f name This sets the path and name of the .inf file provided with the migration script. The only parameter is the General.ConfigDirectoryAdminPwd parameter, which is the configuration directory administrator's password. Any other configuration setting is ignored by the migration script.
Before Migration Option Alternate Options Description Table 8.1. migrate-ds-admin Options migrate-ds-admin.pl allows the password parameter to be provided on the command line, similar to the setup-ds-admin.pl script. The arguments set the section, parameter, and value of .inf parameters in the following form: section.parameter=value The only required argument is the Configuration Directory Server administrator password (ConfigDirectoryAdminPwd): /usr/sbin/migrate-ds-admin.
Chapter 8. Migrating from Previous Versions • Shut down all Directory Server instances and the Administration Server. • Back up all of your databases. • For servers which have a different configuration directory, make sure that the Directory Server Console write operations are moved from the configuration directory to the server itself. 3.1. Backing up the Directory Server Configuration All of the configuration files for Directory Server 6.x and 7.
Migrating a Server or Single Instance 4. Migration Scenarios The migration scenario differs depending on the type of existing Directory Server configuration you have. It is possible to migrate a single Directory Server instance, all Directory Server instances on a machine or replicated servers and to migrate the Directory Server to a different machine, or to a different platform.
Chapter 8. Migrating from Previous Versions WARNING If Directory Server databases have been moved from their default location (/opt/redhat-ds/slapd-instancename/db), migration will not copy these databases, but will use the directly. This means that if you run migration, you may not be able to go back to the old version. Migration will not remove or destroy the data, but may change the format in such a way that you cannot use the older version of the Directory Server.
Migrating Replicated Servers /opt/redhat-ds/ is the directory where the old Directory Server is installed. The migration process starts. The legacy Directory Server is migrated, and a new Directory Server 8.0 instance is installed using the configuration information from the legacy Directory Server. 4.2.
Chapter 8. Migrating from Previous Versions This issue does not occur in cross-platform migrations or migrating using LDIF files instead of the binary databases because these already work with an LDIF copy of the database. To migrate a replicated site, do the following: 1. Stop all old Directory Server instances and the Administration Server. 2. Back up all the Directory Server user and configuration data. 3. Stop directory writes to the master or hub server being migrated. 4.
Migrating a Directory Server from One and then for the replicas. 4.3.
Chapter 8. Migrating from Previous Versions NFS-mounted directory: # /usr/sbin/migrate-ds-admin.pl --oldsroot server2:/migration/opt/redhat-ds --actualroot /opt/redhat-ds General.ConfigDirectoryAdminPwd=password The oldsroot can also specify a local directory on the target machine that was created from a tarball. In that case, create a tarball of your old server root directory, and untar it on the target machine.
Machine to Another For example: # /usr/sbin/migrate-ds-admin.pl --oldsroot server2:/migration/opt/redhat-ds --actualsroot /opt/redhat-ds General.ConfigDirectoryAdminPwd=password The migration process starts. The legacy Directory Server is migrated, and a new Directory Server 8.0 instance is installed using the configuration information from the legacy Directory Server. 4.4.
Chapter 8. Migrating from Previous Versions 1. Stop all Directory Server instances and the Administration Server. 2. Back up all the Directory Server user and configuration data. 3. Export all of the database information to LDIF. The LDIF file must be named the name of the database with .ldif appended. For example: cd /opt/redhat-ds/slapd-instance ./db2ldif -n userRoot -a /opt/redhat-ds/slapd-instance/db/userRoot.ldif ./db2ldif -n NetscapeRoot -a /opt/redhat-ds/slapd-instance/db/NetscapeRoot.ldif 4.
Glossary A access control instruction See ACI. ACI An instruction that grants or denies permissions to entries in the directory. See Also access control instruction. access control list See ACL. ACL The mechanism for controlling access to your directory. See Also access control list. access rights In the context of access control, specify the level of access granted or denied. Access rights are related to the type of operation that can be performed on the directory.
Glossary value. attribute list A list of required and optional attributes for a given entry type or object class. authenticating directory server In pass-through authentication (PTA), the authenticating Directory Server is the Directory Server that contains the authentication credentials of the requesting client. The PTA-enabled host sends PTA requests it receives from clients to the host. authentication (1) Process of proving the identity of the client user to the Directory Server.
uses the HTTP protocol to communicate with the host server. browsing index Speeds up the display of entries in the Directory Server Console. Browsing indexes can be created on any branch point in the directory tree to improve display performance. See Also virtual list view index . C CA See Certificate Authority. cascading replication In a cascading replication scenario, one server, often called the hub supplier, acts both as a consumer and a supplier for a particular replica.
Glossary ciphertext Encrypted information that cannot be read by anyone without the proper key to decrypt the information. class definition Specifies the information needed to create an instance of a particular object and determines how the object works in relation to other objects in the directory. class of service See CoS. classic CoS A classic CoS identifies the template entry by both its DN and the value of one of the target entry's attributes. client See LDAP client.
data master The server that is the master source of a particular piece of data. database link An implementation of chaining. The database link behaves like a database but has no persistent storage. Instead, it points to data stored remotely. default index One of a set of default indexes created per database instance. Default indexes can be modified, although care should be taken before removing them, as certain plug-ins may depend on them. definition entry See CoS definition entry.
Glossary to a different host#specifically a DNS CNAME record. Machines always have one real name, but they can have one or more aliases. For example, an alias such as www.yourdomain.domain might point to a real machine called realthing.yourdomain.domain where the server currently exists. DSGW See Directory Server Gateway. E entry A group of lines in the LDIF file that contains information about an object.
gateway See Directory Server Gateway. general access When granted, indicates that all authenticated users can access directory information. GSS-API Generic Security Services. The generic access protocol that is the native way for UNIX-based systems to access and authenticate Kerberos services; also supports session encryption. H hostname A name for a machine in the form machine.domain.dom, which is translated into an IP address. For example, www.example.
Glossary indirect CoS An indirect CoS identifies the template entry using the value of one of the target entry's attributes. international index Speeds up searches for information in international directories. International Standards Organization IP address See ISO. ISO International Standards Organization. Also Internet Protocol address. A set of numbers, separated by dots, that specifies the actual location of a machine on the Internet (for example, 198.93.93.10).
Access Protocol See LDAP. locale Identifies the collation order, character type, monetary format and time / date format used to present data for users of a specific region, culture, and/or custom. This includes information on how data of a given language is interpreted, stored, or collated. The locale also indicates which code page should be used to represent a given language. M managed object A standard value which the SNMP agent can access and send to the NMS.
Glossary directory tree. monetary format Specifies the monetary symbol used by specific region, whether the symbol goes before or after its value, and how monetary units are represented. multi-master replication An advanced replication scenario in which two servers each hold a copy of the same read-write replica. Each server maintains a changelog for the replica. Modifications made on one server are automatically replicated to the other server.
object class Defines an entry type in the directory by defining which attributes are contained in the entry. object identifier A string, usually of decimal numbers, that uniquely identifies a schema element, such as an object class or an attribute, in an object-oriented system. Object identifiers are assigned by ANSI, IETF or similar organizations. See Also OID. OID See object identifier.
Glossary protocol A set of rules that describes how devices on a network exchange information. protocol data unit See PDU. proxy authentication A special form of authentication where the user requesting access to the directory does not bind with its own DN but with a proxy DN. proxy DN Used with proxied authorization. The proxy DN is the DN of an entry that has access permissions to the target on which the client-application is attempting to perform an operation.
process is called a referral. read-only replica A replica that refers all update operations to read-write replicas. A server can hold any number of read-only replicas. read-write replica A replica that contains a master copy of directory information and can be updated. A server can hold any number of read-write replicas. relative distinguished name See RDN. replica A database that participates in replication.
Glossary schema Definitions describing what types of information can be stored as entries in the directory. When information that does not match the schema is stored in the directory, clients attempting to access the directory may be unable to display the proper results. schema checking Ensures that entries added or modified in the directory conform to the defined schema. Schema checking is on by default, and users will receive an error if they try to save an entry that does not conform to the schema.
See Also ns-slapd. SNMP Used to monitor and manage application processes running on the servers by exchanging data about network activity. Also Simple Network Management Protocol. SNMP master agent Software that exchanges information between the various subagents and the NMS. SNMP subagent Software that gathers information about the managed device and passes the information to the master agent. Also called a subagent.
Glossary T target In the context of access control, the target identifies the directory information to which a particular ACI applies. target entry The entries within the scope of a CoS. TCP/IP Transmission Control Protocol/Internet Protocol. The main network protocol for the Internet and for enterprise (company) networks. template entry See CoS template entry. time/date format Indicates the customary formatting for times and dates in a specific region.
X.500 standard The set of ISO/ITU-T documents outlining the recommended information model, object classes and attributes used by directory server implementation.
138
Appendix A. Revision History Revision History Revision 8.0.0-4 Thurs. Jan. 10, 2008 Ella DeonLackey Added note that Directory Server is supported as a virtual guest on Red Hat Enterprise Linux 5 Minor bug fixes and text edits from post-beta review Revision 8.0.0-3 Wed. Oct 31, 2007 Ella DeonLackey Updated all content per engineering review Added sections on Administration Server ports and LDAP tool locations Revision 8.0.0-2 Thurs.
140
Index Symbols .
Index HP-UX, 20 Solaris, 24 HP-UX hardware requirements, 20 required patches, 21 system configuration, 22 DNS, 23 kernel parameters, 22 Large file support, 23 Perl, 22 TIME_WAIT setting, 22 uninstalling Directory Server, 96 HP-UX 11i, 45 custom setup, 54 express setup, 47 installing Directory Server packages , 46 installing JRE, 46 typical setup, 50 I Installing explained, 1 HP-UX 11i Directory Server packages , 46 JRE, 46 prerequisites, 1 administration domain, 5 Administration Server user, 4 configurati
Solaris, 24 Perl HP-UX, 22 Red Hat Enterprise Linux, 19 Solaris, 26 Port number finding Administration Server, 102 R Red Hat Enterprise Linux, 29 custom setup, 39 express setup, 32 hardware requirements, 18 installing Directory Server packages, 31 installing JRE, 30 required patches, 18, 18 system configuration, 19 DNS, 20 File descriptors, 19 Perl, 19 typical setup, 35 uninstalling Directory Server, 95 register-ds-admin.
Index File descriptors, 19 Perl, 19 Solaris, 25 DNS and NIS, 27 File descriptors, 27 Perl, 26 TCP tuning, 26 T The port is in use, 106 Troubleshooting dsktune, 105 installation, 106 Typical setup HP-UX 11i, 50 Red Hat Enterprise Linux, 35 Solaris, 68 U Uninstalling Directory Server HP-UX, 96 Red Hat Enterprise Linux, 95 Solaris, 97 144
