Installation guide

NOTE
The Directory Server requires the fully-qualified domain name to set up the servers, as
described in Section 1.2.1,Resolving the Fully-qualified Domain Name. T he setup script
uses the system's gethostname() function to obtain the hostname (such as ldap) and
the /etc/resolv.conf file to identify the domain name (such as example.com ).
Therefore, if there are aliases in the /etc/hosts file that do not match the specified
domains in the /etc/resolv.conf settings, the setup script cannot correctly generate
the fully-qualified domain name as it is used by DNS, and the default options in the prompts
are wrong.
The hostname is very important. It is used generate the Directory Server instance name, the
admin domain, and the base suffix, among others. If you are using SSL/T LS or Kerberos, the
computer name must be the exact name that clients use to connect to the system. If you will use
DNS, make sure the name resolves to a valid IP address (IPv4 or IPv6) and that IP address
resolves back to this name.
6. Set the user and group as which the Directory Server process will run. T he default is
nobody:nobody. For example:
System User [nobody]:
System Group [nobody]:
7. The next step allows you to register your Directory Server with an existing Directory Server
instance, called the Configuration Directory Server. T his registers the new instance so it can be
managed by the Console. If this is the first Directory Server instance set up on your network, it is
not possible to register it with another directory. Select n to set up this Directory Server as a
Configuration Directory Server and move to the next typical install step, setting up the
administrator user.
NOTE
To register the Directory Server instance with an existing Configuration Directory Server,
select yes. This continues with the registration process rather than the regular typical
setup process.
Registering a new instance with a Configuration Directory Server requires you to supply
information about the Configuration Directory Server:
The Configuration Directory Server URL, such as
ldap://ldap.exam ple.com :389/o=NetscapeRoot
To use T LS/SSL, set the protocol as ldaps:// instead of ldap:// For LDAPS, use
the secure port (636) instead of the standard port (389), and provide a CA certificate.
The Configuration Directory Server administrator's user ID; by default, this is adm in.
The administrator user's password.
The Configuration Directory Server Admin domain, such as exam ple.com .
The CA certificate to authenticate to the Configuration Directory Server. T his is only
required if the Directory Server instance will connect to the Configuration Directory
Server over LDAPS. T his should be the full path and filename the CA certificate in
PEM/ASCII format.
This information is supplied in place of creating an admin user and domain for the new
Directory Server, steps 8, 9, and 10.
Red Hat Directory Server Red Hat Directory Server 9 Installation Guide
36