www.bonsaiframework.com
Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

DNS

OpenDJ replication requires that you use fully qualified domain names, such as opendj.example.com so we'll use,

opendj0.krypton.com www.opendj0.krypton.com

Ensure that your dns entry is also in your host file.

Install Required Package

For some reason fontconfig is required for a proper install otherwise you get this error message,

Fontconfig error: Cannot load default config file
See /tmp/opends-setup-2789148880898957298.log for a detailed log of this operation. 

Install fontconfig

sudo apt-get install fontconfig

Setup Java

In theory and design we should be able to make OpenDJ truly zero footprint and specify the exact version of Java to run via the systems configuration file. However, in actual practice you end up having to setup and Java environment variable to pretty much do anything, so we might as well use a Java environment variable to run OpenDJ.

When you try to run the setup,

cd /opt/opends.0

./setup --cli
Please set OPENDS_JAVA_HOME to the root of a Java 6 update 10 (or higher) installation or edit the java.properties file and then run the dsjavaproperties script to specify the Java version to be used.

Install Java

Forget about using editing the java.properties. Instead, first install 32-bit JRE per the Zero Footprint Java on Ubuntu instructions using serveradmin. The only slight change is that we will move the JRE into the following folder using a root enabled account,

sudo mv /home/serveradmin/java/ /opt/java-forgerock/
sudo chown -R serveradmin:staff /opt/java-forgerock/
sudo chmod -R 750 /opt/java-forgerock/

Configure Java Environment Path

There is a bug that was resolved in the main start-ds, but as of 2.4.5 still exists with dsjavaproperties, the environment variable should be, OPENDJ_JAVA_HOME but dsjavaproperties still uses OPENDS_JAVA_HOME.

We set the environment variable for serveradmin by editing the user's profile,

cd ~
vi .profile

At the the following to the end of the file,

export OPENDS_JAVA_HOME=/opt/opendj-java-runtime

Command Line Setup

Do everything as the user that will be running OpenDJ. In our tutorial we will use serveradmin unless otherwise indicated,

OpenDJ Download and Prep

First grab the software and unzip,

wget http://download.forgerock.org/downloads/opendj/2.4.5/OpenDJ-2.4.5.zip
unzip OpenDJ-2.4.5.zip

Setup folder using a root capable user,

sudo mv /home/serveradmin/OpenDJ-2.4.5/ /opt/opendj/
sudo chown -R serveradmin:staff ./opendj/
sudo chmod -R 750 ./opendj/

 

Start the Setup

Run the command line setup,

cd /opt/opends.0 
./setup --cli

The initial root user for the DN, the default is cn=Directory Manager, a well known account.

If you use the default, make sure to use a complex password. We'll use the standard T&R password on "Directory Manager".

For LDAP client port, unless you are running with root priviledges you cannot use ports 1 through 1024. So rather than use 389, use 1389.

Use the default 4444 port for Administration Connector.

Do you want to create base DNs in the server, select yes if you have a real DNS or use host entries on the server and client.

Provide the base DN for the directory data: [dc=example,dc=com]: dc=krypton,dc=com

Options for populating the database: 1) Only create the base entry

Do you want to enable SSL? (yes / no) [no]:

Do you want to enable Start TLS? (yes / no) [no]:

Say no to starting the server. We will verify the environment first before starting.

What would you like to do? 1)  Set up the server with the parameters above

Enter choice [1]:
See /tmp/opends-setup-774306341481213092.log for a detailed log of this operation.
Configuring Directory Server ..... Done.
Creating Base Entry dc=tin-pham,dc=com ..... Done.
To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status

You can run the status command even if the server is off and verify the configuration.

Start and Stop

As a reference,

cd /opt/opendj.0/bin
./start-ds

cd /opt/opendj.0/bin
./stop-ds

# I think this is verbose mode but not finding docs on it
./start-ds -s

Start the server,

cd /opt/opendj.0/bin 
./start-ds
See /tmp/opends-setup-7855637320320628455.log for a detailed log of this operation.
Configuring Directory Server ..... Done.
Creating Base Entry dc=tin-pham,dc=com ..... Done.
Starting Directory Server .......... Done.
To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status

Create Data Stores

OpenAM uses two data stores,

  1. Configuration
  2. User

Be default we already have a branch for Users under dc=tin-pham,dc=com. So we'll create a new data store for open am itself called,

  1. openam
  2. opensso

Reference for the command.

./OpenDJ/bin/dsconfig create-backend --backend-name myOrgRoot --set base-dn:o=myOrg --set enabled:true 

..

K this is getting ridiculous... for now let's just use the internal data store for the configurations.

...

Relax the Restriction on Objects

Another bug in a sense. Carefully reading the manual,

If you decide to use an existing installation of OpenDJ for configuration data, then you must first relax the restriction on objects with multiple structural object classes, by using the OpenDJ *dsconfig* command before completing OpenAM configuration.

Enter this into the command line

 

cd /opt/opends.0
./dsconfig -h opendj.tin-pham.com -p 4444 -D "cn=Directory Manager" -w ****** set-global-configuration-prop --set single-structural-objectclass-behavior:warn -X -n

 

References

Not bad but not good manual setup - http://opendj.forgerock.org/doc/install-guide/OpenDJ-Install-Guide.html

https://bugster.forgerock.org/jira/browse/OPENDJ-330

  • No labels