<div>Someone in the linuxQuestion recommended me to just start <a href="http://389-ds-admin.pl">389-ds-admin.pl</a> which will take care of Directory Server and Admin Server too. Is it correct?</div>
<div> </div>
<div>So, I ran the following commands</div>
<p>Code:<br>[root@389-ds init.d]# service dirsrv stop<br>Shutting down dirsrv:<br> 389-ds... [ OK ]<br>[root@389-ds ~]# /usr/sbin/<a href="http://setup-ds-admin.pl">setup-ds-admin.pl</a></p>
<p>==============================================================================<br>This program will set up the 389 Directory and Administration Servers.</p>
<p>It is recommended that you have "root" privilege to set up the software.<br>Tips for using this program:<br> - Press "Enter" to choose the default and go to the next screen<br> - Type "Control-B" then "Enter" to go back to the previous screen<br>
- Type "Control-C" to cancel the setup program</p>
<p>Would you like to continue with set up? [yes]: yes</p>
<p>==============================================================================<br>BY SETTING UP AND USING THIS SOFTWARE YOU ARE CONSENTING TO BE BOUND BY<br>AND ARE BECOMING A PARTY TO THE AGREEMENT FOUND IN THE<br>LICENSE.TXT FILE. IF YOU DO NOT AGREE TO ALL OF THE TERMS<br>
OF THIS AGREEMENT, PLEASE DO NOT SET UP OR USE THIS SOFTWARE.</p>
<p>Do you agree to the license terms? [no]: yes</p>
<p>==============================================================================<br>Your system has been scanned for potential problems, missing patches,<br>etc. The following output is a report of the items found that need to<br>
be addressed before running this software in a production<br>environment.</p>
<p>389 Directory Server system tuning analysis version 10-AUGUST-2007.</p>
<p>NOTICE : System is i686-unknown-linux2.6.18-164.el5 (1 processor).</p>
<p>ERROR : Only 249MB of physical memory is available on the system. 256MB is the<br>recommended minimum. 1024MB is recommended for best performance on large production system.</p>
<p>NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000 milliseconds<br>(120 minutes). This may cause temporary server congestion from lost<br>client connections.</p>
<p>WARNING: There are only 1024 file descriptors (hard limit) available, which<br>limit the number of simultaneous connections.</p>
<p>WARNING: There are only 1024 file descriptors (soft limit) available, which<br>limit the number of simultaneous connections.</p>
<p>ERROR : The above errors MUST be corrected before proceeding.</p>
<p>Would you like to continue? [no]: yes</p>
<p>==============================================================================<br>Choose a setup type:</p>
<p> 1. Express<br> Allows you to quickly set up the servers using the most<br> common options and pre-defined defaults. Useful for quick<br> evaluation of the products.</p>
<p> 2. Typical<br> Allows you to specify common defaults and options.</p>
<p> 3. Custom<br> Allows you to specify more advanced options. This is<br> recommended for experienced server administrators only.</p>
<p>To accept the default shown in brackets, press the Enter key.</p>
<p>Choose a setup type [2]: 2</p>
<p>==============================================================================<br>Enter the fully qualified domain name of the computer<br>on which you're setting up server software. Using the form<br><hostname>.<domainname><br>
Example: <a href="http://eros.example.com">eros.example.com</a>.</p>
<p>To accept the default shown in brackets, press the Enter key.</p>
<p>Computer name [<a href="http://389-ds.sap.com">389-ds.sap.com</a>]:</p>
<p>==============================================================================<br>The servers must run as a specific user in a specific group.<br>It is strongly recommended that this user should have no privileges<br>
on the computer (i.e. a non-root user). The setup procedure<br>will give this user/group some permissions in specific paths/files<br>to perform server-specific operations.</p>
<p>If you have not yet created a user and group for the servers,<br>create this user and group using your native operating<br>system utilities.</p>
<p>System User [nobody]: fds<br>System Group [nobody]: fds</p>
<p>==============================================================================<br>Server information is stored in the configuration directory server.<br>This information is used by the console and administration server to<br>
configure and manage your servers. If you have already set up a<br>configuration directory server, you should register any servers you<br>set up or create with the configuration server. To do so, the<br>following information about the configuration server is required: the<br>
fully qualified host name of the form<br><hostname>.<domainname>(e.g. <a href="http://hostname.example.com">hostname.example.com</a>), the port number<br>(default 389), the suffix, the DN and password of a user having<br>
permission to write the configuration information, usually the<br>configuration directory administrator, and if you are using security<br>(TLS/SSL). If you are using TLS/SSL, specify the TLS/SSL (LDAPS) port<br>number (default 636) instead of the regular LDAP port number, and<br>
provide the CA certificate (in PEM/ASCII format).</p>
<p>If you do not yet have a configuration directory server, enter 'No' to<br>be prompted to set up one.</p>
<p>Do you want to register this software with an existing<br>configuration directory server? [no]: yes</p>
<p>==============================================================================<br>Please specify the information about your configuration directory<br>server. The following information is required:<br>- host (fully qualified), port (non-secure or secure), suffix,<br>
protocol (ldap or ldaps) - this information should be provided in the<br> form of an LDAP url e.g. for non-secure<br><a href="ldap://host.example.com:389/o=NetscapeRoot">ldap://host.example.com:389/o=NetscapeRoot</a><br>
or for secure<br><a href="ldaps://host.example.com:636/o=NetscapeRoot">ldaps://host.example.com:636/o=NetscapeRoot</a><br>- admin ID and password<br>- admin domain<br>- a CA certificate file may be required if you choose to use ldaps and<br>
security has not yet been configured - the file must be in PEM/ASCII<br> format - specify the absolute path and filename</p>
<p>Configuration directory server URL [ldap://<a href="http://389-ds.sap.com:389/o=NetscapeRoot">389-ds.sap.com:389/o=NetscapeRoot</a>]:<br>Configuration directory server admin ID [admin]:<br>Configuration directory server admin password:<br>
Configuration directory server admin domain [<a href="http://sapient.com">sapient.com</a>]:<br>The server 'ldap://<a href="http://389-ds.sap.com:389/o=NetscapeRoot">389-ds.sap.com:389/o=NetscapeRoot</a>' is not reachable. Error: unknown error</p>
<p>Please try again, in case you mis-typed something.</p>
<p>Configuration directory server URL [ldap://<a href="http://389-ds.sap.com:389/o=NetscapeRoot">389-ds.sap.com:389/o=NetscapeRoot</a>]:<br>[root@389-ds ~]#Am I missing anything?<br><br></p>
<div class="gmail_quote">On Sat, Jan 9, 2010 at 12:56 PM, Ajeet S Raina <span dir="ltr"><<a href="mailto:ajeetraina@gmail.com">ajeetraina@gmail.com</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div><br clear="all"><br>Guys,</div>
<div> </div>
<div>I have been confused with the overall new 389 DS Server Setup.</div>
<div>All I did upto now is:</div>
<div> </div>
<div>yum install 389-ds </div>
<div> </div>
<div>and it did all the installation correctly.</div>
<div>Then, I ran:</div>
<div>/usr/sbin/<a href="http://setup-ds.pl/" target="_blank">setup-ds.pl</a></div>
<div> </div>
<div>It too went fine.</div>
<div> </div>
<div>All I need is Setup 389 Server with SSL.I did went through <a href="http://directory.fedoraproject.org/wiki/Howto:SSL" target="_blank">http://directory.fedoraproject.org/wiki/Howto:SSL</a> but no Idea how to proceed.</div>
<div> </div>
<div>I am confused with the following points:</div>
<div> </div>
<div>1. Do I also need to run <strong><a href="http://setup-ds-admin.pl/" target="_blank">setup-ds-admin.pl</a></strong> and <strong>setup-ds-dsgw</strong> too?</div>
<div> </div>
<div>I tried running <a href="http://setup-ds-admin.pl/" target="_blank">setup-ds-admin.pl</a> and it stucked at :</div>
<div> </div>
<div>The server 'ldap://<a href="http://389-ds.sap.com:45474/o=NetscapeRoot" target="_blank">389-ds.sap.com:45474/o=NetscapeRoot</a>' is not reachable. Error: unknown error.</div>
<div> </div>
<div>2. When Should I run the setupssl2.sh script? After running the above setup-* scripts?</div>
<div> What changes I need to make on the script?<br></div></blockquote></div><br><br clear="all"><br>-- <br><br><br>”It is not possible to rescue everyone who is caught in the Windows quicksand<br> --Make sure you are on solid Linux ground before trying.”<br>
<br><br>