source: server/doc/HOWTO-SETUP-LDAP @ 862

Last change on this file since 862 was 862, checked in by xavid, 14 years ago
Reload iptables to nix firewall.
File size: 1.1 KB
Line 
1To set up a new LDAP server:
2
3- Install the RPM fedora-ds-base with yum
4- root# env NSS_NONLOCAL_IGNORE=1 useradd -r -d /var/lib/dirsrv fedora-ds
5- root# /usr/sbin/setup-ds.pl
6    - Choose a typical install
7    - Tell it to use the fedora-ds user and group
8    - Directory server identifier: scripts
9    - Suffix: dc=scripts,dc=mit,dc=edu
10    - Input directory manager password
11- yum install ldapvi
12- /sbin/service dirsrv start
13- Apply ./fedora-ds-enable-ssl-and-kerberos.diff manually
14- /sbin/service dirsrv stop
15- wget http://web.mit.edu/geofft/Public/scripts-ca.pem
16- certutil -d /etc/dirsrv/slapd-scripts -A -n "scripts.mit.edu CA" -t CT,, -a -i scripts-ca.pem
17- Generate a pkcs12 cert for the server:
18- pk12util -i ldap-server-cert.p12 -d /etc/dirsrv/slapd-scripts
19- Put LDAP keytab in /etc/dirsrv/keytab
20- Uncomment and modify in /etc/syscnfig/dirsrv: KRB5_KTNAME=/etc/dirsrv/keytab ; export KRB5_KTNAME
21- mkdir -p /var/tmp/dirsrv
22- chown fedora-ds:fedora-ds /var/tmp/dirsrv
23- /sbin/service dirsrv restart
24
25- Set up replication:
26  (basically, execute
27   http://directory.fedoraproject.org/sources/contrib/mmr.pl
28   manually)
Note: See TracBrowser for help on using the repository browser.