Changeset 1674 for branches/fc13-dev/server/doc/install-ldap
- Timestamp:
- Sep 26, 2010, 3:23:31 PM (14 years ago)
- Location:
- branches/fc13-dev
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/fc13-dev
- Property svn:mergeinfo changed
/trunk removed
- Property svn:mergeinfo changed
-
branches/fc13-dev/server/doc/install-ldap
r1673 r1674 6 6 root# env NSS_NONLOCAL_IGNORE=1 useradd -r -d /var/lib/dirsrv fedora-ds 7 7 - root# yum install -y policycoreutils-python 8 - Temporarily move away the existing slapd-scripts folder9 root# mv /etc/dirsrv/slapd-scripts{,.bak}10 8 - root# /usr/sbin/setup-ds.pl 11 9 - Choose a typical install … … 16 14 - Input directory manager password 17 15 (this can be found in ~/.ldapvirc) 18 - Move the schema back 19 root# cp -R /etc/dirsrv/slapd-scripts.bak/{.svn,*} /etc/dirsrv/slapd-scripts 20 root# rm -Rf /etc/dirsrv/slapd-scripts.bak 16 [XXX: Got error: sh: semanage: command not found; turns out this is in 17 policycoreutils-python. Don't know if this will cause problems.] 21 18 - yum install ldapvi 22 19 - Check if dirsrv starts: /sbin/service dirsrv start 23 then turn it back off: service dirsrv stop24 20 - Apply the following configuration changes. If you're editing 25 21 dse.ldif, you don't want dirsrv to be on, otherwise it will … … 45 41 nsSaslMapFilterTemplate: (objectClass=posixAccount) 46 42 43 - /sbin/service dirsrv stop 44 - Add the scripts schemas to /var/lib/dirsrv/slapd-scripts [XXX: I don't 45 know how to do this, but placing them in /etc might be sufficient?] 47 46 - Put LDAP keytab (ldap/hostname.mit.edu) in /etc/dirsrv/keytab. Make 48 47 sure you chown/chgrp it to be readable by fedora-ds 49 48 - Uncomment and modify in /etc/sysconfig/dirsrv: KRB5_KTNAME=/etc/dirsrv/keytab ; export KRB5_KTNAME 49 - mkdir -p /var/run/dirsrv 50 50 - chown fedora-ds:fedora-ds /var/run/dirsrv 51 51 - chmod 755 /var/run/dirsrv 52 - /sbin/service dirsrv start53 - Use ldapvi -b cn=config to add these indexes (8 of them):52 - /sbin/service dirsrv restart 53 - Use ldapvi -b cn=config to add these indexes: 54 54 55 55 add cn=apacheServerName, cn=index, cn=userRoot, cn=ldbm database, cn=plugins, cn=config … … 191 191 nsDS5ReplicaBindDN: uid=ldap/whole-enchilada.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu 192 192 nsDS5ReplicaBindDN: uid=ldap/real-mccoy.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu 193 nsDS5ReplicaBindDN: uid=ldap/better-mousetrap.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu194 nsDS5ReplicaBindDN: uid=ldap/old-faithful.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu195 193 # ADD SERVERS HERE AS YOU ADD NEW SERVERS 196 194 nsds5ReplicaPurgeDelay: 604800 … … 202 200 weren't we going to replicate from only one server? That is 203 201 correct, however, simply binding won't mean we will receive 204 updates; we have to setup the $MASTER to send data $S LAVE.202 updates; we have to setup the $MASTER to send data $SALVE. 205 203 206 204 3. Although we allowed those uids to bind, that user information … … 242 240 nsDS5ReplicaTimeout: 120 243 241 244 4. Reboot the server `service dirsrv restart`, then run the 245 replication. (Don't fold this into the previous step! You might 246 nuke your database!) 242 4. Run the replication. (you could fold this into the previous step) 247 243 248 244 # under cn="GSSAPI Replication to $SLAVE", cn=replica, cn="dc=scripts,dc=mit,dc=edu", cn=mapping tree, cn=config
Note: See TracChangeset
for help on using the changeset viewer.