Ignore:
Timestamp:
Sep 26, 2010, 3:17:59 PM (12 years ago)
Author:
ezyang
Message:
Merge in changes from trunk.
Location:
branches/fc13-dev
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/fc13-dev

  • branches/fc13-dev/server/doc/install-ldap

    r1672 r1673  
    66  root# env NSS_NONLOCAL_IGNORE=1 useradd -r -d /var/lib/dirsrv fedora-ds
    77- root# yum install -y policycoreutils-python
     8- Temporarily move away the existing slapd-scripts folder
     9  root# mv /etc/dirsrv/slapd-scripts{,.bak}
    810- root# /usr/sbin/setup-ds.pl
    911    - Choose a typical install
     
    1416    - Input directory manager password
    1517      (this can be found in  ~/.ldapvirc)
    16         [XXX: Got error: sh: semanage: command not found; turns out this is in
    17         policycoreutils-python.  Don't know if this will cause problems.]
     18- Move the schema back
     19  root# cp -R /etc/dirsrv/slapd-scripts.bak/{.svn,*} /etc/dirsrv/slapd-scripts
     20  root# rm -Rf /etc/dirsrv/slapd-scripts.bak
    1821- yum install ldapvi
    1922- Check if dirsrv starts: /sbin/service dirsrv start
     23  then turn it back off: service dirsrv stop
    2024- Apply the following configuration changes.  If you're editing
    2125  dse.ldif, you don't want dirsrv to be on, otherwise it will
     
    4145nsSaslMapFilterTemplate: (objectClass=posixAccount)
    4246
    43 - /sbin/service dirsrv stop
    44 - Add the scripts schemas to /var/lib/dirsrv/slapd-scripts [XXX: I don't
    45   know how to do this, but placing them in /etc might be sufficient?]
    4647- Put LDAP keytab (ldap/hostname.mit.edu) in /etc/dirsrv/keytab.  Make
    4748  sure you chown/chgrp it to be readable by fedora-ds
    4849- Uncomment and modify in /etc/sysconfig/dirsrv: KRB5_KTNAME=/etc/dirsrv/keytab ; export KRB5_KTNAME
    49 - mkdir -p /var/run/dirsrv
    5050- chown fedora-ds:fedora-ds /var/run/dirsrv
    5151- chmod 755 /var/run/dirsrv
    52 - /sbin/service dirsrv restart
    53 - Use ldapvi -b cn=config to add these indexes:
     52- /sbin/service dirsrv start
     53- Use ldapvi -b cn=config to add these indexes (8 of them):
    5454
    5555add cn=apacheServerName, cn=index, cn=userRoot, cn=ldbm database, cn=plugins, cn=config
     
    191191nsDS5ReplicaBindDN: uid=ldap/whole-enchilada.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
    192192nsDS5ReplicaBindDN: uid=ldap/real-mccoy.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
     193nsDS5ReplicaBindDN: uid=ldap/better-mousetrap.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
     194nsDS5ReplicaBindDN: uid=ldap/old-faithful.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
    193195# ADD SERVERS HERE AS YOU ADD NEW SERVERS
    194196nsds5ReplicaPurgeDelay: 604800
     
    200202        weren't we going to replicate from only one server?  That is
    201203        correct, however, simply binding won't mean we will receive
    202         updates; we have to setup the $MASTER to send data $SALVE.
     204        updates; we have to setup the $MASTER to send data $SLAVE.
    203205
    204206    3. Although we allowed those uids to bind, that user information
     
    240242nsDS5ReplicaTimeout: 120
    241243
    242     4. Run the replication. (you could fold this into the previous step)
     244    4. Reboot the server `service dirsrv restart`, then run the
     245    replication. (Don't fold this into the previous step!  You might
     246    nuke your database!)
    243247
    244248# under cn="GSSAPI Replication to $SLAVE", cn=replica, cn="dc=scripts,dc=mit,dc=edu", cn=mapping tree, cn=config
Note: See TracChangeset for help on using the changeset viewer.