DNS
Ensure that your dns entry is also in your host file.
OpenDJ replication requires that you use fully qualified domain names, such as opendj.example.com so we'll use,
opendj1.krypton.com www.opendj1.krypton.com
Install Required Package
For some reason fontconfig is required for a proper install otherwise you get this error message,
Code Block | ||
---|---|---|
| ||
Fontconfig error: Cannot load default config file See /tmp/opends-setup-2789148880898957298.log for a detailed log of this operation. |
Install fontconfig
Code Block | ||
---|---|---|
| ||
sudo apt-get install fontconfig |
Configure Java
Panel |
---|
If your default Java environment is not appropriate, set |
What? Why have two variables? Anyway,
When you try to run the setup,
Code Block | ||
---|---|---|
| ||
cd /opt/opends.0 ./setup --cli Please set OPENDS_JAVA_HOME to the root of a Java 6 update 10 (or higher) installation or edit the java.properties file and then run the dsjavaproperties script to specify the Java version to be used. |
What is dsjavaproperties? According to the inline comments in java.properties goes and updates all the different scripts with the new settings made in java.properties.
However, the funny thing is you need to set OPENDS_JAVA_HOME to even run dsjavaproperties.
Made the following changes to config/java.properties,
Code Block | ||
---|---|---|
| ||
start-ds.java-args=-server -Xms256m overwrite-env-java-home=true overwrite-env-java-args=true default.java-home=/opt/opendj-java-runtime |
-server - Per Oracle OpenDS manual, selects server application runtime optimizations. The directory server will take longer to start and “warm up” but will be more aggressively optimized to produce higher throughput.
For the defaut.java-home can probably use the running environment variable path instead of a hard code (saw it somewhere)
I don't want the java path in the serveradmin's environment variable, so I'll only temporarily setup a java path to run dsjavaproperties,
Warning |
---|
There is a bug that was resolved in the main start-ds, but as of 2.4.5 still exists with dsjavaproperties, the environment variable should be, OPENDJ_JAVA_HOME but dsjavaproperties still uses OPENDS_JAVA_HOME. Need to open up a new ticket. |
So set the environment variable and then run the command,
Code Block | ||
---|---|---|
| ||
export OPENDS_JAVA_HOME=/opt/opendj-java-runtime cd /opt/opendj.0/bin ./dsjavaproperties The operation was successful. The server commands will use the java arguments and java home specified in the properties file located in /opt/opendj.0/config/java.properties |
Log off and log back on to wipe out the temporary environment variable.
Note |
---|
Ok this is stupid, they wipe file after install so I have to put it back in after... so maybe just use the environment variable and then turn around and modify the file after. |
Command Line Setup
Run the command line setup,
Code Block | ||
---|---|---|
| ||
cd /opt/opends.0 ./setup --cli |
The initial root user for the DN, the default is cn=Directory Manager, a well known account.
If you use the default, make sure to use a complex password. We'll use the standard T&R password on "Directory Manager".
For LDAP client port, unless you are running with root priviledges you cannot use ports 1 through 1024. So rather than use 389, use 1389.
Use the default 4444 port for Administration Connector.
Do you want to create base DNs in the server, select yes if you have a real DNS or use host entries on the server and client.
Provide the base DN for the directory data: [dc=example,dc=com]: dc=krypton,dc=com
Options for populating the database: 1) Only create the base entry
Do you want to enable SSL? (yes / no) [no]:
Do you want to enable Start TLS? (yes / no) [no]:
Say no to starting the server. We will verify the environment first before starting.
What would you like to do? 1) Set up the server with the parameters above
Code Block | ||
---|---|---|
| ||
Enter choice [1]: See /tmp/opends-setup-774306341481213092.log for a detailed log of this operation. Configuring Directory Server ..... Done. Creating Base Entry dc=tin-pham,dc=com ..... Done. To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status |
You can run the status command even if the server is off and verify the configuration.
Start and Stop
As a reference,
Code Block | ||
---|---|---|
| ||
cd /opt/opendj.0/bin ./start-ds cd /opt/opendj.0/bin ./stop-ds # I think this is verbose mode but not finding docs on it ./start-ds -s |
Start the server,
Code Block | ||
---|---|---|
| ||
cd /opt/opendj.0/bin ./start-ds See /tmp/opends-setup-7855637320320628455.log for a detailed log of this operation. Configuring Directory Server ..... Done. Creating Base Entry dc=tin-pham,dc=com ..... Done. Starting Directory Server .......... Done. To see basic server configuration status and configuration you can launch /opt/opendj.0/bin/status |
Create Data Stores
OpenAM uses two data stores,
- Configuration
- User
Be default we already have a branch for Users under dc=tin-pham,dc=com. So we'll create a new data store for open am itself called,
- openam
- opensso
Reference for the command.
Code Block | ||
---|---|---|
| ||
./OpenDJ/bin/dsconfig create-backend --backend-name myOrgRoot --set base-dn:o=myOrg --set enabled:true |
..
Note |
---|
K this is getting ridiculous... for now let's just use the internal data store for the configurations. |
...
Relax the Restriction on Objects
Another bug in a sense. Carefully reading the manual,
If you decide to use an existing installation of OpenDJ for configuration data, then you must first relax the restriction on objects with multiple structural object classes, by using the OpenDJ *dsconfig* command before completing OpenAM configuration.
Enter this into the command line
cd /opt/opends. 0 ./dsconfig -h opendj.tin-pham.com -p 4444 -D "cn=Directory Manager" -w ****** set-global-configuration-prop --set single-structural-objectclass-behavior:warn -X -n |
References
Not bad but not good manual setup - http://opendj.forgerock.org/doc/install-guide/OpenDJ-Install-Guide.html
https://bugster.forgerock.org/jira/browse/OPENDJ-330