www.bonsaiframework.com
Page tree

Versions Compared

Old Version 17

changes.mady.by.user Tin Pham

Saved on

compared with

New Version Current

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

High Level Diagrams

Image Added

 

Image Added

DNS

OpenDJ replication requires that you use fully qualified domain names, such as opendj.example.com so we'll use,

...

This is the hosts file from Ubuntu 14.x.

Setup Java

Warning
Java 8 is not supported with this version so use Java 7.

...

Code Block
languagebash
cd /opt/opendj

./setup --cli
Please set OPENDS_JAVA_HOME to the root of a Java 6 update 10 (or higher) installation or edit the java.properties file and then run the dsjavaproperties script to specify the Java version to be used.

Install Java

Forget about using editing the java.properties. Instead, first install JRE per the Zero Footprint Java on Ubuntu instructions using serveradmin. The only slight change is that we will move the JRE into the following folder using a root enabled account,

...

I thought about using oracle server jre edition, but given certificate things, it's best to use the most popular and tested which is standard jre.

Configure Java Environment Path

We set the environment variable for serveradmin by editing the profile for the account running opendj. In this case, serveradmin,

...

There is still a need for OPENDS environment. Variable. Looks like since 2.4.5 this was somewhat fixed (ie OPENDJ is now being used), but some parts of the code are still using OPENDS so you need both. Report this when I have time.

Command Line Setup

Do everything as the user that will be running OpenDJ. In our tutorial we will use serveradmin unless otherwise indicated,

OpenDJ Download and Prep

First grab the software and unzip,

...

Code Block
sudo mv /home/serveradmin/opendj/ /opt/
cd /opt
sudo chown -R serveradmin:staff ./opendj/
sudo chmod -R 750 ./opendj/

Now with 5.0 LXC, you can easily setup multiple machines (instead of using just one machine) to try out replication so I have dropped the opendj1 folder name convention from previous tutorials. Uniformity also makes it easier to compare instances too.

Start the Setup

Run the command line setup using the opendj dedicated account,

...

Since we will be setting up a secondary system for replication export and save the options for later. Note it looks like a bug as the hostname parameter (ldap1.krypton.com) is not outputted here.

Code Block
What would you like to do?
    1)  Set up the server with the parameters above
    2)  Provide the setup parameters again
    3)  Print equivalent non-interactive command-line
    4)  Cancel and exit
Enter choice [1]: 

See /tmp/opendj-setup-8737651315284839293.log for a detailed log of this operation.


Configuring Directory Server ..... Done.
Importing Automatically-Generated Data (20 Entries) .................. Done.


To see basic server configuration status and configuration you can launch /opt/opendj/bin/status

All should go well.

Verify Configuration with Server Status

You can verify things are good before starting,

...

Code Block
languagebash
cd /opt/opendj/bin 
./start-ds
[13/Jul/2015:00:08:30 -0400] category=EXTENSIONS severity=NOTICE msgID=1507899 msg=Loaded extension from file '/opt/opendj/lib/extensions/snmp-mib2605.jar' (build 2.6.0, revision 9086)
[13/Jul/2015:00:08:31 -0400] category=CORE severity=NOTICE msgID=458886 msg=OpenDJ 2.6.0 (build 20130626200626Z, R9086) starting up
[13/Jul/2015:00:08:38 -0400] category=RUNTIME_INFORMATION severity=NOTICE msgID=20381717 msg=Installation Directory:  /opt/opendj
[13/Jul/2015:00:08:38 -0400] category=RUNTIME_INFORMATION severity=NOTICE msgID=20381719 msg=Instance Directory:      /opt/opendj
[13/Jul/2015:00:08:38 -0400] category=RUNTIME_INFORMATION severity=NOTICE msgID=20381713 msg=JVM Information: 1.7.0_79-b15 by Oracle Corporation, 64-bit architecture, 496697344 bytes heap size
[13/Jul/2015:00:08:38 -0400] category=RUNTIME_INFORMATION severity=NOTICE msgID=20381714 msg=JVM Host: ldap1, running Linux 3.13.0-57-generic amd64, 2048925696 bytes physical memory size, number of processors available 1
[13/Jul/2015:00:08:38 -0400] category=RUNTIME_INFORMATION severity=NOTICE msgID=20381715 msg=JVM Arguments: "-Dorg.opends.server.scriptName=start-ds"
[13/Jul/2015:00:08:40 -0400] category=JEB severity=NOTICE msgID=8847402 msg=The database backend userRoot containing 22 entries has started
[13/Jul/2015:00:08:42 -0400] category=EXTENSIONS severity=NOTICE msgID=1507549 msg=DIGEST-MD5 SASL mechanism using a server fully qualified domain name of: ldap1.krpton.com
[13/Jul/2015:00:08:43 -0400] category=PROTOCOL severity=NOTICE msgID=2556180 msg=Started listening for new connections on Administration Connector 0.0.0.0 port 4444
[13/Jul/2015:00:08:43 -0400] category=PROTOCOL severity=NOTICE msgID=2556180 msg=Started listening for new connections on LDAP Connection Handler 0.0.0.0 port 1389
[13/Jul/2015:00:08:43 -0400] category=CORE severity=NOTICE msgID=458887 msg=The Directory Server has started successfully
[13/Jul/2015:00:08:43 -0400] category=CORE severity=NOTICE msgID=458891 msg=The Directory Server has sent an alert notification generated by class org.opends.server.core.DirectoryServer (alert type org.opends.server.DirectoryServerStarted, alert ID 458887):  The Directory Server has started successfully

Create Data Stores

During the OpenAM installation, two data stores will be are created,

  1. Configuration
  2. User

It is recommended by ForgeRock that the configuration use the OpenAM embedded data store for up to 4 OpenAM replicas. ForgeRock further recommends that no more then 4 OpenAM replicas exist for a given installation.

In our own experience, we were not successful when we tried to use OpenDJ for the configuration data store even though we followed the steps to Relax the Restriction on Objects.(Talk about next steps and links here...).

References

Not bad but not good manual setup - http://opendj.forgerock.org/docs.html

...