Centos 6.5 – Create a 389 Directory Server replication

These instructions show how to setup a Master – Slave replication with your 389 Server. This setup takes into account that self signed SSL certificates are being used. The slave server cannot update the master server.

Step 1) Install 389 on your slave server.

Install the EPEL/REMI repos by following these instructions 

Step 2) Prepare your server for the 389 Directory Service

vi /etc/hosts       ldap1.sfentona.lol      ldap1
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
vi /etc/sysctl.conf
net.ipv4.tcp_keepalive_time = 300
net.ipv4.ip_local_port_range = 1024 65000
fs.file-max = 64000
 vi /etc/security/limits.conf
*               soft     nofile          8192   
*               hard     nofile          8192

Continue reading

Share Button

Centos 6.5 – 389 Directory Server and SSL

The LDAP protocol does not use encryption by default. As a result all the information LDAP generates on the wire can be easily read if captured by a sniffer. However, you can use SSL in order to encrypt that data. In this example I am using a server by it self as my Certificate Authority (CA) in order to generate a certificate. Below are the steps in order to generate a certificate and install it on the 389 Directory Server. Continue reading

Share Button

Centos 6.5 – Install and Setup 389 Directory Server

The 389 Directory Service is the open source version of the Directory Service that comes with Red Hat. This post shows how to install and do the initial setup on the server and on the client in order to start using a LDAP environment. You will have to have at least 1GB of RAM.
Continue reading

Share Button