RedHat DS on Solaris 10

not supported but works ;)

Prep

useradd ldap
groupadd ldap
add ldap to ldap group

#modify homedir to /var/ldap ###### verify with realpath

#relocate root homedir as per best practice (/root)
copy / mount the redhat solaris cd on the target server

now in /root create or modify the setup.inf as follows :

setup.inf

[General]
AdminDomain = company.ch
SuiteSpotGroup = ldap
ConfigDirectoryLdapURL = ldap://foo.company.ch:389/o=NetscapeRoot
ConfigDirectoryAdminID = admin
SuiteSpotUserID = ldap
[General]
AdminDomain = company.ch
SuiteSpotGroup = ldap
ConfigDirectoryLdapURL = ldap://foo.company.ch:389/o=NetscapeRoot
ConfigDirectoryAdminID = admin
SuiteSpotUserID = ldap
ConfigDirectoryAdminPwd = <set to a password>
FullMachineName = company.ch

[admin]
ServerAdminID = admin
ServerAdminPwd = <set to a password>
SysUser = ldap
ServerIpAddress = 0.0.0.0
Port = 9830

[slapd]
InstallLdifFile = suggest
ServerIdentifier = chur
ServerPort = 389
AddOrgEntries = Yes
RootDN = cn=Directory Manager
RootDNPwd = <set to a password>
SlapdConfigForMC = yes
Suffix = dc=company,dc=ch
UseExistingMC = 0
AddSampleEntries = No

System Parameters


## Perhaps not in a zone !!!
Edit /lib/svc/method/inet-init :

# Tuning for Red Hat Directory Server
/usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 30000
/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q0 1024
/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q 1024
/usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port 8192
#
limits
ulimit -n 4096
 

Java setup

Download latest JDK .. may work with stock ... but i needed it at 1.6 for other reasons.

#Install JDK and link to make default
cp jdk* /usr/jdk/instance
cd /usr/jdk/instance
sh jdk-6u16-solaris-sparc.sh   
sh jdk-6u16-solaris-sparcv9.sh

ln -s /usr/jdk/instances/jdk1.6.0_16/ /usr/jdk/jdk1.6.0
ln -s jdk1.6.0 latest

rm /usr/java
ln -s /usr/jdk/latest /usr/java

#test with java -version
#should reflect 1.6.0 or installed version

Now install all the redhat packages from CDROM

(i copyied the cd to ~/redhat)


cd ~/redhat/solaris9-rhdirserv-8.1-sparcv9-disc1/RedHat/PKGS
pkgadd -d . all
answer yes to all ... could wrap with an admin server install ... but time is short

cd ~/redhat

Setup the Admin server instance

setup-ds-admin.pl --keepcache --logfile ~/setup.log  --file setup.inf  --silent

#test console connection : point a webbrowser at the new server running on port 9830
#slapd-chur

#example output :
#Server Name: Directory Server (chur)
#Installation Date: Sep 21, 2009 11:29:35 AM CEST
#Port: 389
#Product Name: Red Hat Directory Server
#Vendor: Red Hat
#Version: 8.1.0
#Build Number: 2009.112.1644
#Security Level: domestic 

Convert init.d scripts to SMF

add exit 0 to the end of both dirsrv and dirsrv-admin as the exit var gets set to 1 and smf moans



cp /etc/init.d/dirsrv /var/svc/methods/rhds
cp /etc/init.d/dirsrv-admin /var/svc/methods/rhds-admin
rm /etc/init.d/dirsrv
rm /etc/init.d/dirsrv-admin

chown -R ldap:ldap /var/log/dirsrc


svcimport the following xml :

rhds.xml

<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">

<service_bundle type='manifest' name='vbox'>

<service
name='site/rhds'
type='service'
version='1.1'>

<!--   Wait for network interfaces to be initialized. -->
<dependency
name='network'
grouping='require_all'
restart_on='none'
type='service'>

<service_fmri value='svc:/milestone/network:default' />

</dependency>

<!--    Wait for all local filesystems to be mounted.    -->
<dependency
name='filesystem-local'
grouping='require_all'
restart_on='none'
type='service'>

<service_fmri value='svc:/system/filesystem/local:default' />

</dependency>

<exec_method
type='method'
name='start'
exec='/lib/svc/method/rhds admin start'
timeout_seconds='60'
/>

<exec_method
type='method'
name='stop'
exec='/lib/svc/method/rhds stop'
timeout_seconds='60'
/>

<instance name='chur' enabled='false'>

   <method_context working_directory='/etc/dirsrv'>
   <method_credential user='root' group='ldap' />
   </method_context>
</instance>


<stability value='Evolving' />

<template>
<common_name>
<loctext xml:lang='C'>Redhat Directory Server</loctext>
</common_name>
<documentation>
<manpage title='Redhat DS' section='1' />
</documentation>
</template>

</service>

</service_bundle>

 end rhds.xml

now the admin server instance

rhds-admin.xml


<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">

<service_bundle type='manifest' name='vbox'>

<service
name='site/rhds-admin'
type='service'
version='1.1'>

<!--   Wait for network interfaces to be initialized. -->
<dependency
name='network'
grouping='require_all'
restart_on='none'
type='service'>

<service_fmri value='svc:/milestone/network:default' />

</dependency>

<!--    Wait for all local filesystems to be mounted.    -->
<dependency
name='filesystem-local'
grouping='require_all'
restart_on='none'
type='service'>

<service_fmri value='svc:/system/filesystem/local:default' />

</dependency>

<exec_method
type='method'
name='start'
exec='/lib/svc/method/rhds-admin start'
timeout_seconds='60'
/>

<exec_method
type='method'
name='stop'
exec='/lib/svc/method/rhds-admin stop'
timeout_seconds='60'
/>

<instance name='admin' enabled='false'>

   <method_context working_directory='/etc/dirsrv'>
   <method_credential user='ldap' group='ldap' />
   </method_context>
</instance>


<stability value='Evolving' />

<template>
<common_name>
<loctext xml:lang='C'>Redhat Directory Server</loctext>
</common_name>
<documentation>
<manpage title='Redhat DS' section='1' />
</documentation>
</template>

</service>

</service_bundle>

end rhds-admin.xml


nisDomain.ldf - schema to allow solaris clients to bind - see proxy openlap pages

# add to schema dir and restart (/etc/dirsrv/slapd-xxx/schema)
## 62nisDomain.ldif to define the correct schema for solaris clients to bind
dn: cn=schema
attributeTypes: ( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top STRUCTURAL MUST nisDomain X-ORIGIN 'user defined' )