Tuesday, October 11, 2011

Two Directory servers listening on ports 389/636, on one server

The following procedure outlines how to configure a two (or more instances) of Sun Java Directory Server, both listening on non-secure port 389 and secure port 636.
This is useful in application testing where all applications require port 389/636 but you need two distinct Directories to ensure that data and configurations do not collide.
This procedure requires that you add a second virtual network interface.

View the current network settings
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
dmfe0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.200.131.36 netmask ffffff00 broadcast 10.200.131.255
ether 0:3:ba:7a:bb:ed

Create the second virtual interface
# ifconfig dmfe0:1 plumb

Assign an ip address to it
# ifconfig dmfe0:1 10.200.131.82 up

Add the secondhostname to /etc/hosts(or DNS)
# Internet host table
#
127.0.0.1 localhost
10.200.132.101 10.200.132.101
10.200.131.36 firsthostname.example.com firsthostname loghost
10.200.131.82 secondhostname.example.com secondhostname


Confirm the network interface is working
# ping 10.200.131.82
10.200.131.82 is alive

# ping secondhostname
secondhostname is alive

Create an instance of DSEE.
  • Ensure that you specify the second host name with the -h parameter
  • Temporarily provide a secure and non-secure port that is not in use (otherwise the create command will fail since ports 389 and 636 are already in use)

#/opt/SUNWdsee/ds6/bin/dsadm create -h secondhostname -p 1389 -P 1636 /var/opt/SUNWdsee/dsins2


Edit the dse.ldif of the new instance
  • Add the two lines in blue below
  • Change the the port numbers to 389 and 636 respectively.
#vi /var/opt/SUNWdsee/dsins2/config/dse.ldif

dn: cn=config
cn: config
.
.
.
nsslapd-enquote-sup-oc: off
nsslapd-listenhost: secondhostname
nsslapd-securelistenhost: secondhostname
nsslapd-localhost: secondhostname
nsslapd-schemacheck: on
nsslapd-syntaxcheck: off
nsslapd-requires-bind-password: on
nsslapd-rewrite-rfc1274: off
nsslapd-return-exact-case: on
nsslapd-port: 389
nsslapd-localuser: root
.
.
.
nsslapd-security: on
nsslapd-secureport: 636


Start the second instance
#/opt/SUNWdsee/ds6/bin/dsadm start /var/opt/SUNWdsee/dsins2
# Waiting for server to start...
Server started: pid=9570
Posted by Identity Solutions at 11:53 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)