LDAPInstall – Grouper

Context Navigation

← Previous Version
View Latest Version
Next Version →

Version 1 (modified by uaguest_SPatel1@…, 11 years ago) (diff)
--

This document explains the steps to install and configure the Oracle DSEE on grinnell. Note that the DSCC has not been configured on grinnell yet.

Install packages to help with debugging.

yum install openldap-clients*
yum install telnet
yum install nmap

Download the x86-64 bit version of Oracle Directory Server Enterprise Edition (11.1.1.7.0).

Extract contents into /var/tmp/ldap/.

The extracted contents contain a ZIP file called sun-dsee7.zip. Simply unzipping this file installs the Oracle DSEE.

unzip -qq sun-dsee7.zip -d /srv/

Install required 32-bit packages.

yum install libstdc++-4.4.7-3.el6.i686

Prepare creation of directory server instance.

mkdir /srv/servers
chown oracle /srv/servers/
su - oracle

Create directory server instance

[oracle@grinnell ~]$ /srv/dsee7/bin/dsadm create /srv/servers/slapd-grouper-test
Choose the Directory Manager password:
Confirm the Directory Manager password:
Use command 'dsadm start '/srv/servers/slapd-grouper-test'' to start the instance

Start instance

[oracle@grinnell ~]$ /srv/dsee7/bin/dsadm start /srv/servers/slapd-grouper-test
Directory Server instance '/srv/servers/slapd-grouper-test' started: pid=16604

Set ssl-cipher-family property. This is based on existing UA documentation the production directory servers.

[oracle@grinnell ~]$ /srv/dsee7/bin/dsconf set-server-prop -h localhost -p 1389 ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA ssl-cipher-family:TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA ssl-cipher-family:TLS_DHE_RSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_DHE_DSS_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_ECDH_RSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_RSA_WITH_CAMELLIA_256_CBC_SHA ssl-cipher-family:TLS_RSA_WITH_AES_256_CBC_SHA ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_RC4_128_SHA ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_ECDHE_RSA_WITH_RC4_128_SHA ssl-cipher-family:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA ssl-cipher-family:TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA ssl-cipher-family:TLS_DHE_DSS_WITH_RC4_128_SHA ssl-cipher-family:TLS_DHE_RSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_DHE_DSS_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_ECDH_RSA_WITH_RC4_128_SHA ssl-cipher-family:TLS_ECDH_RSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_ECDH_ECDSA_WITH_RC4_128_SHA ssl-cipher-family:TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_RSA_WITH_SEED_CBC_SHA ssl-cipher-family:TLS_RSA_WITH_CAMELLIA_128_CBC_SHA ssl-cipher-family:SSL_RSA_WITH_RC4_128_MD5 ssl-cipher-family:SSL_RSA_WITH_RC4_128_SHA ssl-cipher-family:TLS_RSA_WITH_AES_128_CBC_SHA ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:SSL_RSA_WITH_3DES_EDE_CBC_SHA ssl-cipher-family:SSL_CK_RC4_128_WITH_MD5 ssl-cipher-family:SSL_CK_RC2_128_CBC_WITH_MD5 ssl-cipher-family:SSL_CK_DES_192_EDE3_CBC_WITH_MD5 ssl-cipher-family:SSL_CK_DES_64_CBC_WITH_MD5
Certificate "CN=grinnell.alaska.edu, CN=1636, CN=Directory Server, O=Sun Microsystems" presented by the server is not trusted.
Type "Y" to accept, "y" to accept just once, "n" to refuse, "d" for more details: Y
Enter "cn=Directory Manager" password:
Before setting SSL configuration, export Directory Server data.
Do you want to continue [y/n] ?  y
Directory Server must be restarted for changes to take effect.

Download in other formats:

Plain Text