Novell Home

Installing and Configuring eDirectory 8.8.x on Ubuntu Linux

Novell Cool Solutions: AppNote
By Jon Hardman

Digg This - Slashdot This

Posted: 22 Aug 2007
 

Overview
  Prerequisites
  Recommended Items
Installing and Configuring Ubuntu Linux
eDirectory Installation
eDirectory Configuration
Installing eDirectory NMAS Methods
Installing Security Services updates
Removing eDirectory
Conclusion
Bash Scripts

Overview

This document describes how to install and configure eDirectory 8.8.x on Ubuntu Linux. While Ubuntu Linux is not a supported eDirectory platform, it is a very popular distribution. As a result of its widespread use as both a desktop development and server platform, it was logical to test the validity of installing eDirectory 8.8.x on this platform.

eDirectory offers several enhanced features over competing LDAP directories. Among these mature features are automatic multi-mastering, replication, failover, built-in CA and secure authentication, as well as object referential integrity. eDirectory 8.8.x also supports advanced features such as encrypted attributes to protect sensitive information, an easily extensible schema, auxiliary classes and attributes, multiple authentication mechanisms via Novell NMAS, GSSAPI authentication, and multiple eDirectory instance installations on the same physical hardware/OS.

The installation and configuration of eDirectory 8.8.x was performed on 32-bit versions of Ubuntu. The tested Ubuntu versions were Ubuntu 6.06.1 LTS and Ubuntu 7.04.

The Ubuntu versions tested were:

  • Ubuntu 6.06.1 LTS x86
  • Ubuntu 7.04 x86

The eDirectory versions tested were:

  • eDirectory 8.8.1 for Linux
  • eDirectory 8.8.2 Beta 5

Note: This installation process also works for Ubuntu 7.10 'gutsy gibbon' i386 using eDirectory 8.8.2.

Prerequisites

  • Ubuntu Linux, version 6.06.1 or 7.04, server or desktop edition
  • x86 architecture
  • alien, rpm, libstdc++5, and gcc packages installed
  • eDirectory 8.8.1 or 8.8.2 installation files
  • Sufficient disk space to copy eDirectory installation .iso to hard disk, create .deb package files, and install eDirectory (approximately 500 megabytes)

Recommended Items

Installing and Configuring Ubuntu Linux

1. Install Ubuntu Linux, server or desktop version, 32-bit (x86) architecture.

2. After the installation completes, log in and run the updates to get the latest Operating System updates.

3. When the updates have completed, set the root password with 'sudo passwd root'.

4. Enter your password, then set the root user's new password. You will need this password later to 'su' to root.

5. Install the "alien", "rpm", "libstdc++5", and "gcc" packages. From a console, run 'sudo apt-get -f install alien gcc libstdc++5'. This should install alien, rpm, libstdc++, and gcc packages for you.

eDirectory Installation

1. Download the eDirectory 8.8.x iso from download.novell.com.

2. "su" to root ('su' in console, enter root password).

3. Create a system directory for the installation files such as "/tmp/88x/" ('mkdir /tmp/88x').

4. Mount the eDirectory installation .iso as /media/cdrom ('mount -t iso9660 -o loop eDir_88XXXX.iso /media/cdrom').

5. Copy all of the files from the mounted eDirectory installation .iso to /tmp/88x/ ('cp -var /media/cdrom/* /tmp/88x/').

6. cd into /tmp/88x/setup (this may also be "/tmp/88x/eDirectory/setup", depending on the eDirectory version). For example: 'cd /tmp/88x'

7. Download the nds debian scripts: nds-install-88-deb, nds-uninstall-88-deb, and nmas-addmethod-deb (see links above).

8. Copy these files to /tmp/88x/setup (same location as the novell-NDS rpms).

9. Execute './nds-install-88-deb'.

This step will take a little time to finish, as it runs "alien" against the eDirectory rpm's, installs rpm's, and runs 'dpkg -i' on the .deb files. This script will also build the default rpm database if it doesn't exist.

The eDirectory installation is now complete. You can now configure your eDirectory tree using the ndsconfig eDirectory utility.

eDirectory Configuration

1. Set your system PATH for the nds binaries/libraries by issuing this command from the console: '. /opt/novell/eDirectory/bin/./ndspath' (Note that the command starts with dot-space.)

2. Configure your eDirectory tree from the command line using ndsconfig. For example:

ndsconfig new -t MYTREE -a cn=admin.o=novell -n o=novell -S myserver -i -e -D /var/opt/novell/instance0 -d 
/var/opt/novell/instance0/data/dib -w password --config-file /var/opt/novell/nds0.conf

The '-i' option ignores duplicate tree lookup, and '-e' enables the LDAP clear-text password. If you want to keep the default secure ldaps connection setting, omit the '-e' switch and use either SSL to TLS to connect via LDAP.

You may also just use 'ndsconfig new -i' and enter options from the command line when prompted. The '-i' option will skip the duplicate tree name lookup which will fail if slp is not running. You may omit this option if you start the slpuasa service with '/etc/init.d/slpuasa start'

3. Once eDirectory configuration is complete, you can verify that ndsd is up and running with 'ndsstat'.

Installing eDirectory NMAS Methods

At this time, you may want to install additional NMAS methods provided with eDirectory. To to so, use the 'nmas-addmethod-deb' script as follows (for this example):

1. If not done earlier, cd into the /tmp/88x/setup directory and copy the nmas-addmethod-deb script to /tmp/88x/setup (the same location as the nds-install-88-deb script and the NDS rpm's).

2. Execute "ndsstat" and note the eDirectory tree name.

3. Execute the nmas-addmethod-deb script, passing in the eDirectory admin DN in dot notation, eDirectory admin password, eDirectory tree name, and the ip-address:port that the eDirectory service is listening on. (The port information is optional and will default to port 524.) For example:

./nmas-addmethod-deb -a admin.novell -w password -t MYTREE -P 192.168.1.1:524

The '-P' ip address option should match whatever interface your eDirectory tree is listening on. "ndsconfig get" will show you the list of interfaces.

4. You will be prompted if you want to add each NMAS method found by its config.txt file. Entering a "y" at the command line will attempt to add the method, "n" will skip the method, and "q" will quit.

Installing Security Services Updates

As per recommendations, you may also want to install Novell Security Services updates to your eDirectory server if you are installing eDirectory 8.8.1. At the time of this writing, the latest Security Services update is SS204.

1. Download the Security Services update file from download.novell.com.

2. Extract the archive ('tar -xzvf ss204_SLAH.tgz').

3. Shut down ndsd with 'ndsmanage stopall'.

4. Run the SS204 install script with a --force option ('./install.sh --force').

The installation will report many warnings, but it will succeed.

5. Restart ndsd with 'ndsmanage startall'.

Removing eDirectory

The script "nds-uninstall-88-deb" has been provided to facilitate removal of eDirectory from your Ubuntu box.

1. 'su' to root.

2. cd to the '/tmp/88x/setup' directory.

3. Set the PATH for nds ('. /opt/novell/eDirectory/bin/./ndspath').

4. Deconfigure your tree using ndsconfig ('ndsconfig rm -a <admin.dn>')

While not necessary on a single-server installation, running 'ndsconfig rm' will keep your tree "clean" in a multi-server environment.

5. Run './nds-uninstall-88-deb'. This script will remove all of the eDirectory .deb packages, as well as all of the eDirectory rpm's, and it will remove the eDirectory directories from your server.

Conclusion

You should now have a fully functional eDirectory installation on your Ubuntu Linux machine. Other utilities such as 'ndstrace' or 'ndsrepair' have not been fully tested, but are expected to work as well.

Bash Scripts

	--------------- nds-install-88-deb ---------------
#!/bin/sh 
	# build the rpm db in needed 
	if [ ! -d /var/lib/rpm ] 
  	then 
		echo "building rpm database" 
		mkdir /var/lib/rpm 
		rpm --rebuilddb 
	fi 


	if [ ! -f nici*.deb ] 
  	then 
		echo "Generating .deb packages from .rpm's..." 
		alien -d --scripts *.rpm 
	fi 

	if [ -f nici*.deb ] 
  	then 
		echo ".deb packages seem to exist..." 
		rpm -ivh --nodeps nici-*.rpm 
		rm -f nici*.deb 
		rpm -ivh --nodeps novell-NDSbase*.rpm 
		rm -f novell-ndsbase*.deb 
		rpm -ivh --nodeps novell-NDSserv*.rpm 
		rm -f novell-ndsserv*.deb 
		rpm -ivh --nodeps novell-NDScommon*.rpm 
		rm -f novell-ndscommon*.deb 
		rpm -ivh --nodeps novell-NDSimon*.rpm 
		rm -f novell-ndsimon* 
		rpm -ivh --nodeps novell-NOVLsnmp*.rpm 
		rm -f novell-novlsnmp*.deb 
		rpm -ivh --nodeps --force novell-NDSbase*.rpm 

	fi 
	dpkg -i *.deb 
	cd ../nmas/NmasMethods/ 
	alien -d --scripts *.rpm 
	dpkg -i *.deb 
	# ndspath expects awk as /bin/awk
	if [ -f /usr/bin/awk ] 
  	then 
		echo "Linking /usr/bin/awk to /bin/awk..." 
		ln -s /usr/bin/awk /bin/awk 
	fi
	--------------- nds-install-88-deb ---------------


	--------------- nmas-addmethod-deb ---------------
	#!/bin/sh 
	while getopts s:t:a:w:P:p:h:12n:l:L:d:c:C:D:V:f:OS:NI:Xy:W: c 
	do 
		case $c in 
			s) SERVER=$OPTARG;; 
			t) TREE=$OPTARG;; 
			a) ADMIN=$OPTARG;; 
			w) ADMINPWD=$OPTARG;; 
			c) CONTEXT=$OPTARG;; 
			p) 
				if [ "$LDAPPORT" = "389" ] ; then 
					LDAPPORT=`expr $OPTARG + 1` 
				fi 
				if [ "$LDAPSSLPORT" = "636" ] ; then 
					LDAPSSLPORT=`expr $OPTARG + 2` 
				fi 
				if [ "$DEBUGPORT" = "1900" ] ; then 
					DEBUGPORT=`expr $OPTARG + 3` 
				fi 
				if [ "$HTTPPORT" = "10080" ] ; then 
					HTTPPORT=`expr $OPTARG + 4` 
				fi 
				if [ "$HTTPSPORT" = "10443" ] ; then 
					HTTPSPORT=`expr $OPTARG + 5` 
				fi 
				PORT=$OPTARG ;; 
			P) IPADDR=$OPTARG;; 
			O) SETUPHTTP=0;; 
			1) PRIMARYSERVER=1;; 
			2) PRIMARYSERVER=0;; 
			n) NDS_CONF=$OPTARG 
		  	export NDS_CONF 
		  	readconf 
		 	;; 
			l) LDAPPORT=$OPTARG;; 
			L) LDAPSSLPORT=$OPTARG;; 
			C) CONFIGDIR=$OPTARG;; 
			D) DIBDIR=$OPTARG;; 
			V) VARDIR=$OPTARG;; 
			X) LIBDIR=$OPTARG;; 
			f) LICENSE=$OPTARG;; 
			d) DEBUGPORT=$OPTARG;; 
			S) SERVERDIR=$OPTARG;; 
			N) CONFIGNMAS=1;; 
			I) INTERFACE=$OPTARG;; 
			y) CACHE=$OPTARG;; 
				W) NDSDBINI_APPENDS=$OPTARG;; 
				\? | h) dumpUsage 
				exit 2;; 
			default) echo $OPTARG 
		esac 
	done 



	if [ "$ADMIN" = "" ] || [ "$ADMINPWD" = "" ] || [ "$TREE" = "" ] || [ "$IPADDR" = "" ] ; 
  		then 
			echo "./nmas-addmethod-deb -a <ADMIN.DN> -w <PASSWORD> -t <TREENAME> -P <server-ip>:<ncp-port>" 
			echo "example: './nmas-addmethod-deb -a cn=admin.o=novell -w password -t 	MYTREE -P 192.168.1.1:524'" 
		exit 
	fi 

	ckyorn() 
	{	 
 		shift 
 		ckyornstr="$@" 
 		ans="" 
 		while [ -z "$ans" ] || [ "$ans" = "ERRVAL" ] 
 			do 
   				#write_log "$@" 
   				#echo_sameline "$ckyornstr '[y/n/q] ? '" 
 
  				read ans 
  				ans=`echo $ans | tr "[:upper:]" "[:lower:]"` 
  				case $ans in 
   				y|yes) return 1 ;; 
   				n|no) return 0 ;; 
   				q|quit) exit 1 ;; 
   				*) str1=`gettext install "Invalid option : "` 
   				echo "$instr $str1$ans" 
   				ans="ERRVAL" ;; 
  			esac 
 		done 
	}	 

	list=`find .././ -name config.txt` 
	for file in $list 
  		do 
			echo "add nmas method $file ?(y/n/q)" 
			ckyorn -p "install $file (y/n/q)" 
			ans=`echo $ans | tr "[:upper:]" "[:lower:]"` 
	   		if [ "$ans" = "n" ] || [ "$ans" = "no" ] 
	   			then 
	    			echo "skipping $file..." 
	   		fi 
	   		if [ "$ans" = "y" ] || [ "$ans" = "yes" ] 
	   			then 
					echo "attempting to add method $file to $TREE as '$ADMIN' with passwd '$ADMINPWD' on host '$IPADDR' 	..." 
	    			nmasinst -addmethod $ADMIN $TREE $file -h $IPADDR -w $ADMINPWD 
	   		fi 
	 
  		done 

	--------------- nmas-addmethod-deb ---------------


	--------------- nds-uninstall-88-deb ---------------
	#!/bin/sh 
dpkg -r nici 
	dpkg -r novell-ncpenc 
	dpkg -r novell-ndsbase 
	dpkg -r novell-ndscommon 
	dpkg -r novell-ndsimon 
	dpkg -r novell-ndsmasv 
	dpkg -r novell-ndsrepair 
   dpkg -r novell-ndsserv 
   dpkg -r novell-ndsslp 
   dpkg -r novell-nldapbase 
   dpkg -r novell-nldapsdk 
   dpkg -r novell-nmas 
   dpkg -r novell-novlembox 
   dpkg -r novell-novlice 
   dpkg -r novell-novlldif2dib 
   dpkg -r novell-novllmgnt 
   dpkg -r novell-novlsas 
   dpkg -r novell-novlsnmp 
   dpkg -r novell-novlsubag 
   dpkg -r novell-novlxis 
   dpkg -r novell-npkiapi 
   dpkg -r novell-npkit 
   dpkg -r novell-ntls 
   dpkg -r novell-pkiserver 
   dpkg -r novell-nmas-methods 
   dpkg -r google-perftools 

   dpkg --purge nici 
   dpkg --purge novell-ncpenc 
   dpkg --purge novell-ndsbase 
   dpkg --purge novell-ndscommon 
   dpkg --purge novell-ndsimon 
   dpkg --purge novell-ndsmasv 
   dpkg --purge novell-ndsrepair 
   dpkg --purge novell-ndsserv 
   dpkg --purge novell-ndsslp 
   dpkg --purge novell-nldapbase 
   dpkg --purge novell-nldapsdk 
   dpkg --purge novell-nmas 
   dpkg --purge novell-novlembox 
   dpkg --purge novell-novlice 
   dpkg --purge novell-novlldif2dib 
   dpkg --purge novell-novllmgnt 
   dpkg --purge novell-novlsas 
   dpkg --purge novell-novlsnmp 
   dpkg --purge novell-novlsubag 
   dpkg --purge novell-novlxis 
   dpkg --purge novell-npkiapi 
   dpkg --purge novell-npkit 
   dpkg --purge novell-ntls 
   dpkg --purge novell-pkiserver 
   dpkg --purge novell-nmas-methods 
   dpkg --purge google-perftools 

	rpm -ev --nodeps novell-NDSbase 
	rpm -ev --nodeps novell-NDScommon 
	rpm -ev --nodeps novell-NDSimon 
	rpm -ev --nodeps novell-NDSserv 
	rpm -ev --nodeps nici 
	rpm -ev --nodeps novell-NOVLsnmp 

	if [ -d /var/opt/novell ] 
  		then 
			echo "removing /var/opt/novell..." 
			rm -rf /var/opt/novell 
			rm -rf /var/novell/nici 
	fi 

	if [ -d /opt/novell/eDirectory ] 
  		then 
			echo "removing /opt/novell/eDirectory..." 
    		rm -rf /opt/novell/eDirectory 
	fi 

	if [ -d /etc/opt/novell ] 
  		then 
			echo "removing /etc/opt/novell..." 
    		rm -rf /etc/opt/novell 
	fi 
	#clean up nici
	if [ -d /var/novell/nici ] 
  		then 
    		echo "removing /var/novell/nici..." 
    		rm -rf /var/novell/nici 
	fi 

	if [ -f /var/novell/nici ] 
  		then 
    		echo "removing /var/novell/nici..." 
    		rm -rf /var/novell/nici 
	fi 



	# remove link for /bin/awk
	if [ -f /bin/awk ] 
  	then 
		echo "removing /bin/awk..." 
		rm -f /bin/awk 
	fi
	--------------- nds-uninstall-88-deb ---------------


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell