Chapter 1. Setting up a new instance on the command line using a .inf file
When you set up Directory Server using a .inf file on the command line you can customize advanced settings. For example, you can customize in the .inf file the following settings:
-
The user and group the
ns-slapdDirectory Server process uses after the service has started. Note that, if you use a different user and group, you must manually create the user and group before you start the installation. - Paths, such as the configuration, backup, and data directory.
- Certificate validity.
1.1. Prerequisites
- The server meets the requirements of the latest Red Hat Directory Server version as described in the Red Hat Directory Server 12 Release Notes.
1.2. Installing the Directory Server packages
Use the following procedure to install the Directory Server packages.
Prerequisites
- You registered the system to the Red Hat subscription management service.
- You have a valid Red Hat Directory Server subscription in your Red Hat account.
-
The RHEL default repositories,
BaseOSandAppStream, are enabled.
Procedure
List the available subscriptions in your Red Hat account that provide a Red Hat Directory Server subscription, and note the pool ID:
# subscription-manager list --all --available --matches 'Red Hat Directory Server' ... Subscription Name: Example Subscription Provides: ... Red Hat Directory Server ... Pool ID: 5ab6a8df96b03fd30aba9a9c58da57a1 Available: 1 ...
Attach the Red Hat Directory Server subscription to the system using the its pool ID:
# subscription-manager attach --pool=5ab6a8df96b03fd30aba9a9c58da57a1 Successfully attached a subscription for: Example Subscription
Enable the
dirsrv-12-for-rhel-9-x86_64-rpmsrepository:# subscription-manager repos --enable=dirsrv-12-for-rhel-9-x86_64-rpms Repository 'dirsrv-12-for-rhel-9-x86_64-rpms' is enabled for this system.Install the
redhat-ds:12module:# dnf module install redhat-ds:12This command automatically installs all required dependencies.
Additional resources
1.3. Creating a .inf file for a Directory Server instance installation
Create a .inf file for the dscreate utility, and adjust the file to your environment. In a later step, you will use this file to create the new Directory Server instance.
Prerequisites
-
You installed the
redhat-ds:12module.
Procedure
Use the
dscreate create-templatecommand to create a template.inffile. For example, to store the template in the/root/instance_name.inffile, enter:# dscreate create-template /root/instance_name.infThe created file contains all available parameters including descriptions.
Edit the file that you created in the previous step:
Uncomment the parameters that you want to set to customize the installation.
All parameters have defaults. However, Red Hat recommends that you customize certain parameters for a production environment. For example, set at least the following parameters in the
[slapd]section:instance_name = instance_name root_password = password
To automatically create a suffix during instance creation, set the following parameters in the
[backend-userroot]section:create_suffix_entry = True suffix = dc=example,dc=com
ImportantIf you do not create a suffix during instance creation, you must create it later manually before you can store data in this instance.
Optional: Uncomment other parameters and set them to appropriate values for your environment. For example, use these parameters to specify replication options, such as authentication credentials and changelog trimming, or set different ports for the LDAP and LDAPS protocols.
NoteBy default, new instances that you create include a self-signed certificate and TLS enabled. For increased security, Red Hat recommends that you do not disable this feature. Note that you can replace the self-signed certificate with a certificate issued by a Certificate Authority (CA) at a later date.
Additional resources
1.4. Using a .inf file to set up a new Directory Server instance
This section describes how to use a .inf file to set up a new Directory Server instance using the command line.
Prerequisites
-
You created a
.inffile for the Directory Server instance.
Procedure
Pass the
.inffile to thedscreate from-filecommand to create the new instance:# dscreate from-file /root/instance_name.inf Starting installation ... Validate installation settings ... Create file system structures ... Create self-signed certificate database ... Perform SELinux labeling ... Perform post-installation tasks ... Completed installation for instance: slapd-instance_name
The
dscreateutility automatically starts the instance and configures RHEL to start the service when the system boots.Open the required ports in the firewall:
# firewall-cmd --permanent --add-port={389/tcp,636/tcp}Reload the firewall configuration:
# firewall-cmd --reload
