From Wiki-UX.info

Wiki-UX / Lightweight Directory Access Protocol / How to install Red Hat Directory Server
Jump to: navigation, search

How to install Red Hat Directory Server

Abstract

This article is a brief tutorial that covers the installation of the Redhat Directory Server 7.1 on HP-UX 11i Operating Environment. Complete coverage of LDAP technology is outside of the scope of this document. Understanding of LDAP, LDIF, X Server and general HP-UX 11i system administration is required.

Contents


Operating System Requirements

Patches

Before you install Directory Server, ensure that the host system is updated with the latest patches recommended by the operating-system vendor. Because the list of recommended patches changes with time, you always check the latest available information at http://itrc.hp.com

Here are some recommendations:

  • For HP-UX 11i, install the latest HP-UX 11i Quality Pack (GOLDQPK11i) patch from June 2008 or later.
  • The PHSS_37517 - s700_800 11.11 ld(1) and linker tools cumulative patch is required before installation of the Redhat Directory Server.
  • The following patch bundle is recommended: GOLDQPK11i(B.11.11.0806.476) Quality Pack Depot for 11i v1, June 2008

Kernel Parameters

Set your kernel parameters to provided at this minimum values:

  • Set maxfiles to 1024.
  • Set nkthread to 1328; nkthread is a computed value: (((NPROC*7)/4+16).
  • Set max_thread_proc to 512.
  • Set maxusers to 64.
  • Set maxuprc to 512.
  • Set nproc to 750.

Other options

Typically, client applications that do not properly shut down the socket cause it to linger in a TIME_WAIT state. To prevent this, you should consider changing the TIME_WAIT setting to a reasonable value. For example, setting ndd -set /dev/tcp tcp_time_wait_interval 60000 will limit the TIME_WAIT state of sockets to 60 seconds.

Java JRE

Redhat Directory Server 7.1 need version of Java 1.4 equal or higher to 1.4.2_04. Latest available version during the writing of this document is 1.4.2_19

File system Requirements

The product is install by default on /var/opt/netscape/server7. Create a new logical volume for a file system to store the product and its database. On this tutorial a 4 GB filesystem will be created. You also need to turn on large file support in order for Directory Server to work properly.

  1. lvcreate -L 4096 -n nds /dev/vg00
  2. newfs -F vxfs -o largefiles /dev/vg00/rnds
  3. mkdir /var/opt/netscape
  4. cp /etc/fstab /tmp/fstab.old
  5. echo "/dev/vg00/nds /var/opt/netscape vxfs largefiles,delaylog 0 2" >> /etc/fstab
  6. mount /var/opt/netscape
  7. bdf /var/opt/netscape


Example:

# lvcreate -L 4096 -n nds /dev/vg00
Logical volume "/dev/vg00/nds" has been successfully created with
character device "/dev/vg00/rnds".
Logical volume "/dev/vg00/nds" has been successfully extended.
Volume Group configuration for /dev/vg00 has been saved in /etc/lvmconf/vg00.conf
 
# newfs -F vxfs -o largefiles /dev/vg00/rnds
    version 4 layout
    4194304 sectors, 4194304 blocks of size 1024, log size 1024 blocks
    unlimited inodes, largefiles supported
    4194304 data blocks, 4192160 free data blocks
    128 allocation units of 32768 blocks, 32768 data blocks
 
# mkdir /var/opt/netscape
 
# cp /etc/fstab /tmp/fstab.old
 
# echo "/dev/vg00/nds /var/opt/netscape vxfs largefiles,delaylog 0 2" >> /etc/fstab
 
# mount /var/opt/netscape
 
# bdf /var/opt/netscape
Filesystem          kbytes    used   avail %used Mounted on
/dev/vg00/nds      4194304    2128 3930172    0% /var/opt/netscape

Installation

1. Obtain the latest version of Redhat directory server from http://software.hp.com. Current product id is NSDirSvr7 and is available for HP-UX 11i v1, 11i v2 and 11i v3.

2. Copy the depot into a temporary directory, for example: "/software".

3. Check the depot.

# cd /software
 
# ll NSDir*.depot
-rw-r-----   1 root       sys        66867200 Jul 10 20:57 NSDirSvr7_B.07.10.40_HP-UX_B.11.11_32_64.depot
 
# swlist -s $(pwd)/NSDirSvr7_B.07.10.40_HP-UX_B.11.11_32_64.depot
# Initializing...
# Contacting target "c3650"...
#
# Target:  c3650:/var/tmp/NSDirSvr7_B.07.10.40_HP-UX_B.11.11_32_64.depot
#
 
#
# Bundle(s):
#
 
  NSDirSvr7     B.07.10.40     Red Hat Directory Server v7 for HP-UX

4. Install the product

# swinstall \
> -s $(pwd)/NSDirSvr7_B.07.10.40_HP-UX_B.11.11_32_64.depot \* @
 
=======  07/10/08 23:01:10 CDT  BEGIN swinstall SESSION
         (non-interactive) (jobid=c3650-0132)
 
       * Session started for user "root@c3650".
 
       * Beginning Selection
       * Target connection succeeded for "c3650:/".
NOTE:    The software "NetscapeDirSvr7" was successfully marked, but it
         depends on the following software items which could not be
         found in the source. However, these items may already be in
         the target. This will be checked during the Analysis Phase:
         Jre14.JRE14-COM,r>=1.4.2.07 Jre14.JRE14,r>=1.4.2.07 |
         Jre14.JRE14-PA11-HS,r>=1.4.2.07 Jre14.JRE14,r>=1.4.2.07 |
         Jre14.JRE14-PA20-HS,r>=1.4.2.07 Jre14.JRE14,r>=1.4.2.07 |
         Jre14.JRE14-PA20W-HS,r>=1.4.2.07
       * Source:
         /software/NSDirSvr7_B.07.10.40_HP-UX_B.11.11_32_64.depot
       * Targets:                c3650:/
       * Software selections:
             NSDirSvr7,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP
             NetscapeDirSvr7.NDS-ADM,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-BASE,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-BSCLNT,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-BSJRE,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-NC,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-NSPERL,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-PERLDAP,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-SLAPD,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-SLCLNT,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
             NetscapeDirSvr7.NDS-SVCORE,r=B.07.10.40,a=HP-UX_B.11.11_32/64,v=HP,fr=B.07.10.40,fa=HP-UX_B.11.11_32/64
       * Selection succeeded.
 
 
       * Beginning Analysis and Execution
       * Session selections have been saved in the file
         "/root/.sw/sessions/swinstall.last".
       * The analysis phase succeeded for "c3650:/".
       * The execution phase succeeded for "c3650:/".
       * Analysis and Execution succeeded.
 
 
NOTE:    More information may be found in the agent logfile using the
         command "swjob -a log c3650-0132 @ c3650:/".
 
=======  07/10/08 23:02:38 CDT  END swinstall SESSION (non-interactive)
         (jobid=c3650-0132)

5. Configure the product

# cd /var/opt/netscape/server7/setup
 
# ll
total 138
drwxr-xr-x   2 root       sys           1024 Jul 10 23:02 admin
drwxr-xr-x   2 root       sys             96 Jul 10 23:01 base
drwxr-xr-x   2 root       sys             96 Jul 10 23:01 nsperl
drwxr-xr-x   2 root       sys             96 Jul 10 23:01 perldap
-r-x------   1 root       sys          61440 Apr  2 22:18 setup
-rw-r--r--   1 root       sys            565 Apr  2 22:18 setup.inf
-r-xr-xr-x   1 root       sys           5237 Apr  2 22:18 silent.inf
drwxr-xr-x   2 root       sys           1024 Jul 10 23:02 slapd
drwxr-xr-x   2 root       sys             96 Jul 10 23:02 svrcore
.                                Red Hat, Inc.
.             Red Hat Server Products Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Welcome to the Red Hat Server Products installation program
This program will install Red Hat Server Products and the
Red Hat Management Console on your computer.
 
It is recommended that you have "root" privilege to install the software.
 
Tips for using the installation program:
  - Press "Enter" to choose the default and go to the next screen
  - Type "Control-B" to go back to the previous screen
  - Type "Control-C" to cancel the installation program
  - You can enter multiple items using commas to separate them.
    For example: 1, 2, 3
 
 
Would you like to continue with setup? [Yes]:
.                                Red Hat, Inc.
.             Red Hat Server Products Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
BY INSTALLING THIS SOFTWARE YOU ARE CONSENTING TO BE BOUND BY
AND ARE BECOMING A PARTY TO THE AGREEMENT FOUND IN THE
LICENCE.TXT FILE. IF YOU DO NOT AGREE TO ALL OF THE TERMS
OF THIS AGREEMENT, PLEASE DO NOT INSTALL OR USE THIS SOFTWARE.
 
Do you agree to the license terms? [No]: Yes
.                                Red Hat, Inc.
.             Red Hat Server Products Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Choose an installation type:
 
   1. Express installation
       Allow you to quickly install the servers using the most
       common options and pre-defined defaults. Useful for quick
       evaluation of the products.
 
   2. Typical installation
       Allow you to specify common defaults and options.
 
   3. Custom installation
       Allow you to specify more advanced options. This is only
       recommended for experienced server administrators.
 
To accept the default shown in brackets, press the Enter key.
 
Choose an installation type [2]:
Red Hat, Inc.
              Red Hat Server Products Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Enter the fully qualified domain name of the computer
on which you're installing server software. Using the form
<hostname>.<domainname>
Example: eros.airius.com
 
To accept the default shown in brackets, press the Enter key.
 
Computer name [c3650.cri.hp.com]:
.                                Red Hat, Inc.
.             Red Hat Server Products Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Choose a UNIX user and group to represent the Red Hat server
in the user directory.  The Red Hat server will run as this user.
It is recommended that this user should have no privileges
in the computer network system.  The Administration Server
will give this group some permissions in the server root
to perform server-specific operations.
 
If you have not yet created a user and group for the Red Hat
server, create this user and group using your native UNIX
system utilities.
 
Example for this user:   www   or  nsuser or your choice ...
Example for this group:  other or nsgroup or your choice ...
 
To accept the default shown in brackets, press the Enter key.
 
System User [www]:
System Group [other]:
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Red Hat server information is stored in the Red Hat configuration
directory server, which you may have already set up.  If so, you
should configure this server to be managed by the configuration
server.  To do so, the following information about the configuration
server is required: the fully qualified host name of the form
<hostname>.<domainname>(e.g. hostname.domain.com), the port number,
the suffix, and the DN and password of a user having permission to
write the configuration information, usually the Red Hat
configuration directory administrator.
 
If you want to install this software as a standalone server, or if you
want this instance to serve as your Red Hat configuration directory
server, press Enter.
 
 
Do you want to register this software with an existing
Red Hat configuration directory server? [No]:
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
If you already have a directory server you want to use to store your
data, such as user and group information, answer Yes to the following
question.  You will be prompted for the host, port, suffix, and bind
DN to use for that directory server.
 
If you want this directory server to store your data, answer No.
 
 
Do you want to use another directory to store your data? [No]:
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
The standard directory server network port number is 389.  However, if
you are not logged as the superuser, or port 389 is in use, the
default value will be a random unused port number greater than 1024.
If you want to use port 389, make sure that you are logged in as the
superuser, that port 389 is not in use, and that you run the admin
server as the superuser.
 
 
Directory server network port [389]:
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Each instance of a directory server requires a unique identifier.
Press Enter to accept the default, or type in another name and press
Enter.
 
 
Directory server identifier [c3650]:
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Please enter the administrator ID for the Red Hat configuration
directory server.  This is the ID typically used to log in to the
console.  You will also be prompted for the password.
 
 
Red Hat configuration directory server
administrator ID [admin]:
 
Password:
Password (again):
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
The suffix is the root of your directory tree.  You may have more than
one suffix.
 
 
Suffix [dc=cri, dc=hp, dc=com]:
Red Hat, Inc.
                     Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
Certain directory server operations require an administrative user.
This user is referred to as the Directory Manager and typically has a
bind Distinguished Name (DN) of cn=Directory Manager.  Press Enter to
accept the default value, or enter another DN.  In either case, you
will be prompted for the password for this user.  The password must
be at least 8 characters long.
 
 
Directory Manager DN [cn=Directory Manager]:
 
Password:
Password (again):
.                                Red Hat, Inc.
.                    Directory Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
The Administration Domain is a part of the configuration directory
server used to store information about Red Hat software.  If you are
managing multiple software releases at the same time, or managing
information about multiple domains, you may use the Administration
Domain to keep them separate.
 
If you are not using administrative domains, press Enter to select the
default.  Otherwise, enter some descriptive, unique name for the
administration domain, such as the name of the organization responsible
for managing the domain.
 
 
Administration Domain [cri.hp.com]:
.                                Red Hat, Inc.
.                  Administration Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
The Administration Server is separate from any of your application
servers since it listens to a different port and access to it is
restricted.
 
Pick a port number between 1024 and 65535 to run your Administration
Server on. You should NOT use a port number which you plan to
run an application server on, rather, select a number which you
will remember and which will not be used for anything else.
 
The default in brackets was randomly selected from the available
ports on your system. To accept the default, press return.
 
Administration port [15761]:
.                                Red Hat, Inc.
.                  Administration Installation/Uninstallation
--------------------------------------------------------------------------------
 
 
The Administration Server program runs as a certain user on your
system. This user should be different than the one which your
application servers run as. Only the user you select will be
able to write to your configuration files. If you run the
Administration Server as "root", you will be able to use the Server
Administration screen to start and stop your application servers.
 
Run Administration Server as [root]:
[slapd-c3650]: starting up server ...
[slapd-c3650]:  Red Hat-Directory/7.1 SP2 B2007.121.2059
[slapd-c3650]:  c3650.cri.hp.com:389 (/var/opt/netscape/server7/slapd-c3650)
[slapd-c3650]:
[slapd-c3650]: [10/Jul/2008:23:26:26 -0500] - Red Hat-Directory/7.1 SP2 B2007.121.2059 starting up
[slapd-c3650]: [10/Jul/2008:23:26:33 -0500] - slapd started.  Listening on All Interfaces port 389 for LDAP requests
Your new directory server has been started.
Created new Directory Server
Start Slapd Starting Slapd server configuration.
Success Slapd Added Directory Server information to Configuration Server.
Using database directory /var/opt/netscape/server7/alias...
Module "Root Certs 32 bit" added to database.
Configuring Administration Server...
Your parameters are now entered into the Administration Server
database, and the Administration Server will be started.
 
Changing ownership to admin user root...
Setting up Administration Server Instance...
Configuring Administration Tasks in Directory Server...
Configuring Global Parameters in Directory Server...
Netscape-Enterprise/6.2 B04/18/2005 13:44
 
warning: daemon is running as super-user
 
[LS ls1] http://c3650.cri.hp.com, port 15761 ready to accept requests
 
startup: server started successfully
 
 
Press Return to continue...
 
Go to /var/opt/netscape/server7 and type startconsole to begin
managing your servers.

6. Test that the Redhat Directory Server processes are running and listening on port 389

# ps -ef | grep [s]lapd
     www  5304     1  0 23:26:26 ?         0:01 ./ns-slapd -D /var/opt/netscape/server7/slapd-c3650 -i /var/opt
 
# netstat -an | grep [.]389
tcp        0      0  192.168.2.107.389      192.168.2.107.49805     ESTABLISHED
tcp        0      0  192.168.2.107.389      192.168.2.107.49798     ESTABLISHED
tcp        0      0  *.389                  *.*                     LISTEN
tcp        0      0  192.168.2.107.49796    192.168.2.107.389       ESTABLISHED
tcp        0      0  192.168.2.107.389      192.168.2.107.49807     ESTABLISHED
tcp        0      0  192.168.2.107.389      192.168.2.107.49796     ESTABLISHED
tcp        0      0  192.168.2.107.49795    192.168.2.107.389       ESTABLISHED
tcp        0      0  192.168.2.107.389      192.168.2.107.49795     ESTABLISHED
tcp        0      0  192.168.2.107.49803    192.168.2.107.389       ESTABLISHED
tcp        0      0  192.168.2.107.49798    192.168.2.107.389       ESTABLISHED
tcp        0      0  192.168.2.107.389      192.168.2.107.49803     ESTABLISHED
tcp        0      0  192.168.2.107.49807    192.168.2.107.389       ESTABLISHED
tcp        0      0  192.168.2.107.49805    192.168.2.107.389       ESTABLISHED

7. Start the Java console

# export JAVA_HOME=/opt/java1.4/jre
# cd /var/opt/netscape/server7
# ./startconsole -a http://c3650.cri.hp.com:15761

Image:NDS_console_login.png

Image:NDS_console.png

Reference

Authors

This page was last modified on 7 August 2010, at 04:47. This page has been accessed 4,004 times.