Use Fedora Directory Server For Manageable LDAP (Part 2) - page 2
Prerequisites and Java Madness
Fedora Directory Server can run on any Linux or Unix. The easy way is to run it on Red Hat or Fedora, or a Red Hat clone like CentOS. My test system runs 64-bit Fedora Core 4. (Why not FC5? Because the darned thing is unfriendly to multi-booting without tweakage, and I'm getting too old and grumpy to hassle with stupid stuff.) So for this I grabbed the RPM from the download page and installed it in the usual fashion:
# rpm -ivh fedora-ds-1.0.2-1.FC4.x86_64.opt.rpm
If you run into any missing dependencies, satisfy them with
yum install [foo]. FDS will be installed into
/opt/fedora-ds. After installation, run the configuration script:
The first thing it will do is run the
dsktune script, which will analyze your system and complain about flaws:
Fedora Directory Server system tuning analysis version 04-APRIL-2005. NOTICE : System is x86_64-unknown-linux2.6.11-1.1369_FC4 (1 processor). WARNING: 1000MB of physical memory is available on the system. 1024MB is recommended for best performance on large production system. NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000 milliseconds (120 minutes). This may cause temporary server congestion from lost client connections. WARNING: There are only 1024 file descriptors (hard limit) available, which limit the number of simultaneous connections. WARNING: There are only 1024 file descriptors (soft limit) available, which limit the number of simultaneous connections.
None of these are show-stoppers, so ignore them and move on. Select the Express installation. Then accept the default hostname to use, providing it's a real hostname and not localhost:
Hostname to use (default: uberpc.alrac.net)
For the "server user" use the ldap user and group you just created. This is the user and group that the various FDS servers will run under:
Server user ID to use (default: nobody) ldap Server group ID to use (default: nobody) ldap
For the next step, you'll invent a new user and not use a Linux system user. In this example I create the "cdadmin" user:
Fedora configuration directory server administrator ID [admin]:cdadmin Password: Password (again):
For the next step just use the default. This is the all-powerful root user for FDS. The Directory Manager must not be a user that exists in any existing LDAP directory:
Directory Manager DN [cn=Directory Manager]: Password: Password (again):
The next thing you'll see is "[slapd-uberpc]: starting up server ..." followed by several more lines out of output, ending with
You can now use the console. Here is the command to use to start the console: cd /opt/fedora-ds ./startconsole -u fdsadmin -a http://uberpc.alrac.net:52710/
You'll see something like Figure 1.
(Click for a larger image)
Log in using either the cdadmin or Directory Manager user.
Sponsored by BlackBerry
BlackBerry® Enterprise Server Express enables businesses of any size to quickly and easily get started with the BlackBerry solution. It provides advanced BlackBerry smartphone features with no additional software or user license fees, and works with any Internet-enabled BlackBerry data plan or a BlackBerry enterprise data plan. Download now!