DNS
Ensure that your dns entry is also in your host file.
OpenDJ replication requires that you use fully qualified domain names, such as opendj.example.com so we'll use,
opendj1.krypton.com www.opendj1.krypton.com
Install Required Package
For some reason fontconfig is required for a proper install otherwise you get this error message,
Fontconfig error: Cannot load default config file See /tmp/opends-setup-2789148880898957298.log for a detailed log of this operation.
Install fontconfig
sudo apt-get install fontconfig
Configure Java
If your default Java environment is not appropriate, set OPENDJ_JAVA_HOME to the path to the correct Java environment, or set OPENDJ_JAVA_BIN to the absolute path of the java command. The latter environment variable is useful for example if you have both 32-bit and 64-bit versions of the Java environment installed, and want to make sure you use the 64-bit version.
What? Why have two variables? Anyway,
When you try to run the setup,
cd /opt/opends.0 ./setup --cli Please set OPENDS_JAVA_HOME to the root of a Java 6 update 10 (or higher) installation or edit the java.properties file and then run the dsjavaproperties script to specify the Java version to be used.
What is dsjavaproperties? According to the inline comments in java.properties goes and updates all the different scripts with the new settings made in java.properties.
However, the funny thing is you need to set OPENDS_JAVA_HOME to even run dsjavaproperties.
Made the following changes to config/java.properties,
start-ds.java-args=-server -Xms256m overwrite-env-java-home=true overwrite-env-java-args=true default.java-home=/opt/opendj-java-runtime
-server - Per Oracle OpenDS manual, selects server application runtime optimizations. The directory server will take longer to start and “warm up” but will be more aggressively optimized to produce higher throughput.
For the defaut.java-home can probably use the running environment variable path instead of a hard code (saw it somewhere)
I don't want the java path in the serveradmin's environment variable, so I'll only temporarily setup a java path to run dsjavaproperties,
There is a bug that was resolved in the main start-ds, but as of 2.4.5 still exists with dsjavaproperties, the environment variable should be, OPENDJ_JAVA_HOME but dsjavaproperties still uses OPENDS_JAVA_HOME. Need to open up a new ticket.
So set the environment variable and then run the command,
export OPENDS_JAVA_HOME=/opt/opendj-java-runtime cd /opt/opendj.0/bin ./dsjavaproperties The operation was successful. The server commands will use the java arguments and java home specified in the properties file located in /opt/opendj.0/config/java.properties
Log off and log back on to wipe out the temporary environment variable.
Command Line Setup
Run the command line setup,
cd /opt/opends.0 ./setup --cli
The initial root user for the DN, the default is cn=Directory Manager, a well known account.
If you use the default, make sure to use a complex password. We'll use the standard T&R password on "Directory Manager".
For LDAP client port, unless you are running with root priviledges you cannot use ports 1 through 1024. So rather than use 389, use 1389.
Use the default 4444 port for Administration Connector.
Do you want to create base DNs in the server, select yes if you have a real DNS or use host entries on the server and client.
Provide the base DN for the directory data: [dc=example,dc=com]: dc=krypton,dc=com
Options for populating the database: 1) Only create the base entry
Do you want to enable SSL? (yes / no) [no]:
Do you want to enable Start TLS? (yes / no) [no]:
Say no to starting the server. We will verify the environment first before starting.
What would you like to do? 1) Set up the server with the parameters above
Enter choice [1]: See /tmp/opends-setup-774306341481213092.log for a detailed log of this operation. Configuring Directory Server ..... Done. Creating Base Entry dc=tin-pham,dc=com ..... Done. To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status
You can run the status command even if the server is off and verify the configuration.
Start and Stop
As a reference,
cd /opt/opendj.0/bin ./start-ds cd /opt/opendj.0/bin ./stop-ds # I think this is verbose mode but not finding docs on it ./start-ds -s
Start the server,
cd /opt/opendj.0/bin ./start-ds See /tmp/opends-setup-7855637320320628455.log for a detailed log of this operation. Configuring Directory Server ..... Done. Creating Base Entry dc=tin-pham,dc=com ..... Done. Starting Directory Server .......... Done. To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status
Create Data Stores
OpenAM uses two data stores,
- Configuration
- User
Be default we already have a branch for Users under dc=tin-pham,dc=com. So we'll create a new data store for open am itself called,
- openam
- opensso
Reference for the command.
./OpenDJ/bin/dsconfig create-backend --backend-name myOrgRoot --set base-dn:o=myOrg --set enabled:true
..
...
Relax the Restriction on Objects
Another bug in a sense. Carefully reading the manual,
If you decide to use an existing installation of OpenDJ for configuration data, then you must first relax the restriction on objects with multiple structural object classes, by using the OpenDJ *dsconfig* command before completing OpenAM configuration.
Enter this into the command line
cd /opt/opends.0./dsconfig -h opendj.tin-pham.com -p 4444 -D "cn=Directory Manager" -w ****** set-global-configuration-prop --set single-structural-objectclass-behavior:warn -X -n |
References
Not bad but not good manual setup - http://opendj.forgerock.org/doc/install-guide/OpenDJ-Install-Guide.html
https://bugster.forgerock.org/jira/browse/OPENDJ-330