Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP Open Source Middleware Stacks Blueprint:: Directory Services on HP ProLiant and HP Integrity Servers with Red Hat Linux Enterprise Version 5

Installing and Configuring Symas CDS and Apache Modules
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

spacerspacerspacer
spacer
spacer
  		 
 

Pre-Installation

Before you start to install the HP OSMS Directory Services components, make sure the RHEL5 distribution, with full packages, is installed. Apache HTTP server version 2.0.52 is a bundled package in the RHEL5 distribution. The mod_authnz_ldap and mod_ldap modules are included in the Apache HTTP server package. To verify the modules are installed, see “Integrating the Apache HTTP Server with the mod_authnz_ldap and mod_ldap Modules”. To obtain the Symas CDS Silver Edition products and additional instructions, see the Web site located at:

http://www.symas.com/cds.shtml

Verify that you obtained the correct version of the installation packages according to your architecture, as shown in Table 1.

Installing CDS

The CDS LDAP server can co-exist with OpenLDAP that is bundled with the RHEL5 distribution. If the CDS LDAP service is used, verify that all LDAP-related commands and daemons are obtained from the CDS LDAP server installation and not the RHEL5 distribution.

Table 2 CDS Components

CDS Component

Description

cdsgserver*.rpm

CDS Gold LDAP and replication server daemons and utilities

cdsgclient*.rpm

CDS LDAP Gold client tools and libraries

cdsdevel*.rpm

CDS header and documentation files

cpkgca*.rpm

Connexitor public key services and certificate authority

 

NOTE: The * represent the version number and architecture type.

  1. The cdsgserver package is dependent on the cdsgclient package. Therefore, install the cdsgclient package first by entering the following command:

    # rpm –ivh cdsgclient*.rpm

  2. Install the following packages by entering the commands provided.

    1. To install the cdsgserver package, enter:

      # rpm –ivh cdsgserver*.rpm

    2. To install the cdsdevel package, enter:

      # rpm –ivh cdsdevel*.rpm

    3. To install the cpkgca package, enter:

      # rpm –ivh cpkgca*.rpm

  3. Add the CDS BIN path (the default is /opt/symas/bin) by entering the following:

    # export PATH=/opt/symas/bin:$PATH

Configuring the CDS Server

  1. Change the working directory to /opt/symas/etc/openldap.

  2. Copy the file slapd.conf.default to slapd.conf in the CDS configuration directory (the default directory is /opt/symas/etc/openldap).

  3. Edit the slapd.conf file by replacing the section Sample bdb database definitions with the following lines:

    database		bdb
suffix		"dc=example,dc=com"
rootdn		"cn=Manager,dc=example,dc=com"
rootpw		secret

    The values of rootdn and rootpw can be used in simple authentication. The database value, in this example Berkeley DB (bdb), specifies the type of storage LDAP uses, for example sql or bdb.

  4. Copy the file cds.conf.default to cds.conf.

  5. Edit the cds.conf file by setting the parameters as follows:

    SLAPD_USER=root SLAPD_GROUP=root SLURPD_USER=root SLURPD_GROUP=root HOST_LIST="ldap://Your Ip Address:389/"

    The parameters, SLURPD_USER (used for the slapd daemon that provides LDAP service) and SLURPD_GROUP (used for the slurpd daemon which is in charge of replication) set the users and groups of the SLAPD and SLURPD daemons. The HOST_LIST parameter sets the listeners that the LDAP daemon starts.

    NOTE: If needed for security reasons, you can use a different user instead of root. If you choose to do this, grant write permission to all the directories and files for which slapd requires access.

  6. Copy the file /opt/symas/etc/openldap/DB_CONFIG.default to the directory specified in the slapd.conf file (for example, /var/symas/openldap-data/example/)and then change the file name to DB_CONFIG.

  7. Start the LDAP server by entering the following command:

    # /etc/init.d/cdsserver start

  8. Enter the following command to ensure the SLAPD daemon is running:

    # ps –ef|grep slapd

  9. To verify the LDAP server is configured properly and prepare test data for upcoming examples, add initial entries to the directory by performing the following substeps.

    1. Stop the LDAP server by entering the following command:

      # /etc/init.d/cdsserver stop

    2. Modify the /opt/symas/etc/openldap/slapd.conf file by uncommenting the following lines:

      include /opt/symas/etc/openldap/schema/ppolicy.schema

      include /opt/symas/etc/openldap/schema/cosine.schema

      include /opt/symas/etc/openldap/schema/inetorgperson.schema

    3. Using a text editor, create an LDIF file, save it as /tmp/example.ldif, and add the following content:

      NOTE: The following abbreviations are used in the file content: Distinguished Name (dn), Domain Component (dc), and Common Name (cn).
      dn: dc=example,dc=com
objectClass: dcObject
objectClass: organization
dc: example
o: example
 
dn: dc=osm,dc=example,dc=com
objectClass: dcObject
objectClass: organizationalUnit
dc: osm
ou: osm
 
dn: ou=people,dc=osm,dc=example,dc=com
objectClass: organizationalUnit
ou: people
 
dn: uid=benw,ou=people,dc=osm,dc=example,dc=com
objectClass: inetOrgPerson
uid: benw
sn: ben
cn: ben won
mail: ben.won@example.com
userPassword: ben
 
dn: ou=groups,dc=osm,dc=example,dc=com
objectClass: organizationalUnit
ou: groups
 
dn: cn=tomcat,ou=groups,dc=osm,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: tomcat
uniqueMember: uid=benw,ou=people,dc=osm,dc=example,dc=com

    4. Add the entries in the example.ldif file to the LDAP server by entering the following command:

      # /opt/symas/bin/slapadd –f /tmp/example.ldif

      NOTE: Verify that the CDS server has been stopped before running the slapadd command.

    5. Start the CDS server and verify the entries were added by entering the following:

      # /etc/init.d/cdsserver start

      # /opt/symas/bin/slapcat

Configuring the CDS Client

  1. Copy the ldap.conf.default file to ldap.conf in the /opt/symas/etc/openldap directory.

  2. Edit the ldap.conf file by changing the following parameters:

    BASE dc=example,dc=com URI ldap://Your_LDAP_Server_IP_Address

  3. Restart the CDS server by entering the following command:

    # /etc/init.d/cdsserver restart

  4. From the client, enter the following command to verify the CDS client can connect to CDS server by entering the following:

    # /opt/symas/bin/ldapsearch –x –b ‘’ –s base ‘objectclass=*’ \

    namingContexts

    The command should return the following:

    …
dn:
namingContexts: dc=example,dc=com
…


Overview of HP Directory Services OSMS
  		 


Managing the Symas CDS Server  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2007 Hewlett-Packard Development Company, L.P.