April 18, 2019

Use Fedora Directory Server For Manageable LDAP (Part 2) - page 2

Prerequisites and Java Madness

  • September 18, 2006
  • By Carla Schroder

Fedora Directory Server can run on any Linux or Unix. The easy way is to run it on Red Hat or Fedora, or a Red Hat clone like CentOS. My test system runs 64-bit Fedora Core 4. (Why not FC5? Because the darned thing is unfriendly to multi-booting without tweakage, and I'm getting too old and grumpy to hassle with stupid stuff.) So for this I grabbed the RPM from the download page and installed it in the usual fashion:

# rpm -ivh fedora-ds-1.0.2-1.FC4.x86_64.opt.rpm

If you run into any missing dependencies, satisfy them with yum install [foo]. FDS will be installed into /opt/fedora-ds. After installation, run the configuration script:

# /opt/fedora-ds/setup/setup

The first thing it will do is run the dsktune script, which will analyze your system and complain about flaws:

Fedora Directory Server system tuning analysis version 04-APRIL-2005.

NOTICE : System is x86_64-unknown-linux2.6.11-1.1369_FC4 (1 processor).

WARNING: 1000MB of physical memory is available on the system. 1024MB is recommended for best performance on large production system.

NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000 milliseconds
(120 minutes).  This may cause temporary server congestion from lost
client connections.

WARNING: There are only 1024 file descriptors (hard limit) available, which
limit the number of simultaneous connections.

WARNING: There are only 1024 file descriptors (soft limit) available, which
limit the number of simultaneous connections.

None of these are show-stoppers, so ignore them and move on. Select the Express installation. Then accept the default hostname to use, providing it's a real hostname and not localhost:

Hostname to use (default: uberpc.alrac.net)

For the "server user" use the ldap user and group you just created. This is the user and group that the various FDS servers will run under:

Server user ID to use (default: nobody) ldap
Server group ID to use (default: nobody) ldap

For the next step, you'll invent a new user and not use a Linux system user. In this example I create the "cdadmin" user:

Fedora configuration directory server
administrator ID [admin]:cdadmin
Password (again):

For the next step just use the default. This is the all-powerful root user for FDS. The Directory Manager must not be a user that exists in any existing LDAP directory:

Directory Manager DN [cn=Directory Manager]:
Password (again):

The next thing you'll see is "[slapd-uberpc]: starting up server ..." followed by several more lines out of output, ending with

You can now use the console.  Here is the command to use to start the console:
cd /opt/fedora-ds
./startconsole -u fdsadmin -a http://uberpc.alrac.net:52710/

You'll see something like Figure 1.

Figure 1.
(Click for a larger image)

Log in using either the cdadmin or Directory Manager user.

Most Popular LinuxPlanet Stories