Chapter 3. Setting up a new instance using the web console
If you prefer a browser-based interface to set up Directory Server, you can use the Directory Server web console.
3.1. Prerequisites
- The server meets the requirements of the latest Red Hat Directory Server version as described in the Red Hat Directory Server 12 Release Notes.
3.2. Installing the Directory Server packages
Use the following procedure to install the Directory Server packages.
Prerequisites
- You registered the system to the Red Hat subscription management service.
- You have a valid Red Hat Directory Server subscription in your Red Hat account.
-
The RHEL default repositories,
BaseOS
andAppStream
, are enabled.
Procedure
List the available subscriptions in your Red Hat account that provide a Red Hat Directory Server subscription, and note the pool ID:
# subscription-manager list --all --available --matches 'Red Hat Directory Server' ... Subscription Name: Example Subscription Provides: ... Red Hat Directory Server ... Pool ID: 5ab6a8df96b03fd30aba9a9c58da57a1 Available: 1 ...
Attach the Red Hat Directory Server subscription to the system using the its pool ID:
# subscription-manager attach --pool=5ab6a8df96b03fd30aba9a9c58da57a1 Successfully attached a subscription for: Example Subscription
Enable the
dirsrv-12-for-rhel-9-x86_64-rpms
repository:# subscription-manager repos --enable=dirsrv-12-for-rhel-9-x86_64-rpms Repository 'dirsrv-12-for-rhel-9-x86_64-rpms' is enabled for this system.
Install the
redhat-ds:12
module:# dnf module install redhat-ds:12
This command automatically installs all required dependencies.
Additional resources
3.3. Using the web console to set up a new Directory Server instance
This section describes how to use the web console to set up a new Directory Server instance.
Prerequisites
-
The
cockpit
web console package is installed. -
The
cockpit.socket
systemd unit is enabled and started. -
You opened port
9090
in the local firewall to allow accessing the web console.
Procedure
Use a browser to connect to the web console running on port 9090 on the Directory Server host:
https://server.example.com:9090
-
Log in as the
root
user or as a user with sudo privileges. - Select the Red Hat Directory Server entry.
Create a new instance:
- If no instance exists on the server, click the Create New Instance button.
- If the server already runs existing instances, select Actions and click Create New Instance.
Complete the fields of the
Create New Server Instance
form:-
Instance Name
: Sets the name of the instance. Note that you cannot change the name of an instance after it has been created. -
Port
: Sets the port number of the LDAP protocol. The port must not be in use by another instance or service. The default port is 389. -
Secure Port
: Sets the port number of the LDAPS protocol. The port must not be in use by another instance or service. The default port is 636. Create Self-Signed TLS Certificate DB
: Enables TLS encryption in the instance, and creates a self-signed certificate.For increased security, Red Hat recommends that you create the new instance with the self-signed certificate and TLS enabled. Note that you can replace the self-signed certificate with a certificate issued by a Certificate Authority (CA) at a later date.
-
Directory Manager DN
: Sets the distinguished name (DN) of the administrative user of the instance. The default value iscn=Directory Manager
. -
Directory Manager Password
: Sets the password of the administrative user of the instance. -
Confirm Password
: Must be set to the same value as in theDirectory Manager Password
field. Create Database
: Select this field to automatically create a suffix during instance creation.ImportantIf you do not create a suffix during instance creation, you must create it later manually before you can store data in this instance.
If you enabled this option, fill the addition fields:
-
Database Suffix
: Sets the suffix for the back end. -
Database Name
: Sets the name of the back end database. -
Database Initialization
: Set this field toCreate Suffix Entry
.
-
-
Click Create Instance.
The new instance starts and is configured to start automatically when the system boots.
Open the required ports in the firewall:
#
firewall-cmd --permanent --add-port={389/tcp,636/tcp}
Reload the firewall configuration:
#
firewall-cmd --reload
Additional resources