Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
11121314151617181920
lab.eng.exam ple.com , so the domain name used by the setup script is lab.eng.exam ple.com .
Any information in the /etc/resolv.conf file must match the information maintained in the local
/etc/hosts file. If there are aliases in the /etc/hosts file, such as ldap1.exam ple.com , that do
not match the specified domains in the /etc/resolv.conf settings, the setup program cannot
generate the correct fully-qualified domain name for the machine as it is used by DNS. All of the default
settings then displayed or accepted by the script are wrong, and this can potentially cause the setup to
fail.
It is possible to set the fully-qualified domain name for the host manually using an .inf file or by
passing the General.FullMachineNam e argument with the setup command itself. These options
are described in Section 1.3, About the setup-ds-admin.pl Script”. For small deployments or for
evaluation, it is possible to use the /etc/hosts file to resolve the hostname and IP address (IPv4 or
IPv6). This is not recommended for production environments, though.
It is best to have the local hosts file and DNS properly configured for the server. Remote clients and
server to server operations like replication require that other machines be able to resolve the hostname
of the Directory Server's host. Likewise, both T LS/SSL and SASL/Kerberos require an accurate fully-
qualified domain name for their configuration.
Configure the DNS resolver and the NIS domain name by the modifying the /etc/resolv.conf,
/etc/nsswitch.conf, and /etc/netconfig files, and set the DNS resolver for name resolution.
Edit the /etc/defaultdom ain file to include the NIS domain name. T his ensures that the fully-
qualified host and domain names used for the Directory Server resolve to a valid IP address (IPv4 or
IPv6) and that that IP address resolves back to the correct hostname.
Reboot the Red Hat Enterprise Linux machine to apply these changes.
1.2.2. Port Numbers
The Directory Server setup requires two T CP/IP port numbers: one for the Directory Server and one for
the Admin Server. T hese port numbers must be unique.
The Directory Server instance (LDAP) has a default port number of 389. T he Admin Server port number
has a default number of 9830. If the default port number for either server is in use, then the setup
program randomly generates a port number larger than 1024 to use as the default. Alternatively, you can
assign any port number between 1025 and 65535 for the Directory Server and Admin Server ports; you
are not required to use the defaults or the randomly-generated ports.
NOTE
While the legal range of port numbers is 1 to 65535, the Internet Assigned Numbers Authority
(IANA) has already assigned ports 1 to 1024 to common processes. Never assign a Directory
Server port number below 1024 (except for 389/636 for the LDAP server) because this may
conflict with other services.
For LDAPS (LDAP with T LS/SSL), the default port number is 636. T he server can listen to both the LDAP
and LDAPS port at the same time. However, the setup program will not allow you to configure T LS/SSL.
To use LDAPS, assign the LDAP port number in the setup process, then reconfigure the Directory
Server to use LDAPS port and the other T LS/SSL parameters afterward. For information on how to
configure LDAPS, see the Directory Server Administrator's Guide.
Red Hat Directory Server Red Hat Directory Server 9 Installation Guide
10