Use Fedora Directory Server For Manageable LDAP (Part 2) - page 2
Prerequisites and Java Madness
Fedora Directory Server can run on any Linux or Unix. The easy way is to run it on Red Hat or Fedora, or a Red Hat clone like CentOS. My test system runs 64-bit Fedora Core 4. (Why not FC5? Because the darned thing is unfriendly to multi-booting without tweakage, and I'm getting too old and grumpy to hassle with stupid stuff.) So for this I grabbed the RPM from the download page and installed it in the usual fashion:
# rpm -ivh fedora-ds-1.0.2-1.FC4.x86_64.opt.rpm
If you run into any missing dependencies, satisfy them with
yum install [foo]. FDS will be installed into
/opt/fedora-ds. After installation, run the configuration script:
The first thing it will do is run the
dsktune script, which will analyze your system and complain about flaws:
Fedora Directory Server system tuning analysis version 04-APRIL-2005. NOTICE : System is x86_64-unknown-linux2.6.11-1.1369_FC4 (1 processor). WARNING: 1000MB of physical memory is available on the system. 1024MB is recommended for best performance on large production system. NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000 milliseconds (120 minutes). This may cause temporary server congestion from lost client connections. WARNING: There are only 1024 file descriptors (hard limit) available, which limit the number of simultaneous connections. WARNING: There are only 1024 file descriptors (soft limit) available, which limit the number of simultaneous connections.
None of these are show-stoppers, so ignore them and move on. Select the Express installation. Then accept the default hostname to use, providing it's a real hostname and not localhost:
Hostname to use (default: uberpc.alrac.net)
For the "server user" use the ldap user and group you just created. This is the user and group that the various FDS servers will run under:
Server user ID to use (default: nobody) ldap Server group ID to use (default: nobody) ldap
For the next step, you'll invent a new user and not use a Linux system user. In this example I create the "cdadmin" user:
Fedora configuration directory server administrator ID [admin]:cdadmin Password: Password (again):
For the next step just use the default. This is the all-powerful root user for FDS. The Directory Manager must not be a user that exists in any existing LDAP directory:
Directory Manager DN [cn=Directory Manager]: Password: Password (again):
The next thing you'll see is "[slapd-uberpc]: starting up server ..." followed by several more lines out of output, ending with
You can now use the console. Here is the command to use to start the console: cd /opt/fedora-ds ./startconsole -u fdsadmin -a http://uberpc.alrac.net:52710/
You'll see something like Figure 1.
(Click for a larger image)
Log in using either the cdadmin or Directory Manager user.