|
ldap2.phas.ubc.ca (ldap) 142.103.236.35 - 192.168.1.xx (server) |
Install RHEL 6.3
scp gamma.phas.ubc.ca:/wwws/sysadmin/Computers/00_Servers/rhel/satellite_setup.pl .
chmod +x satellite_setup.pl
./satellite_setup.pl
yum update
vim /etc/aliases
newaliases
cd /etc/postfix/
vim transport
(added the following line:
mail.phas.ubc.ca smtp:[mail.phas.ubc.ca]
)
postmap /etc/postfix/transport
vim main.cf
(added the following line:
transport_maps = hash:/etc/postfix/transport
)
postfix reload
mail root
yum install samba-common
yum install openldap-servers openldap-clients nss_ldap
vim /etc/selinux/*conf*
yum install openssl
yum install openssl-devel
yum install mod_ssl
yum install crypto-utils
cd /var/lib/ldap/
cp /usr/share/openldap-servers/DB_CONFIG.example DB_CONFIG
\rm -r slapd.d/*
\rm /var/lib/ldap/__db.00*
\rm /var/lib/ldap/alock
slaptest -f slapd.conf -F slapd.d
chown -R ldap:ldap /var/lib/ldap
service slapd start
vim /etc/selinux/*conf*
/usr/sbin/slaptest -f /etc/openldap/slapd.conf.bak -v
slapd -Tt
genkey --days 3650 ldap2.phas.ubc.ca
openssl x509 -in ldap2.phas.ubc.ca.crt -hash -noout
cp ldap2.phas.ubc.ca.crt e861377c.0
openssl verify -purpose sslserver -CAfile /etc/pki/tls/certs/ldap2.phas.ubc.ca.crt /etc/pki/tls/certs/ldap2.phas.ubc.ca.crt
openssl s_client -connect ldap2.phas.ubc.ca:389 -CAfile /etc/pki/tls/certs/ldap2.phas.ubc.ca.crt
ldapsearch -d 8 -ZZ -x -H ldap://ldap2.phas.ubc.ca/ -s base '(objectclass=*)'
ldapsearch -ZZ -x -H ldap://ldap2.phas.ubc.ca/ -s base '(objectclass=*)'
cd /etc/pki/tls/certs
make slapd.pem
ldapsearch -ZZ -x -W -D "cn=admin,cn=config" -H ldap://localhost -b "cn=config"
slaptest -f //etc/openldap/slapd.conf -v -u
./testSlapd
service slapd restart
vim initLDAP.ldif
[root@ldap2]# ldapadd -ZZ -x -h ldap2.phas.ubc.ca -D "cn=Manager,dc=phas,dc=ubc,dc=ca" -W -f /etc/openldap/initLDAP.ldif
Enter LDAP Password:
adding new entry "dc=phas,dc=ubc,dc=ca"
adding new entry "cn=Manager,dc=phas,dc=ubc,dc=ca"
adding new entry "ou=People,dc=phas,dc=ubc,dc=ca"
adding new entry "ou=Groups,dc=phas,dc=ubc,dc=ca"
adding new entry "ou=Computers,dc=phas,dc=ubc,dc=ca"
# Validate LDAP DIT: Query your LDAP DIT as anonymous user
[root@ldap2]# ldapsearch -xLLL -b dc=phas,dc=ubc,dc=ca
# How to add schemas:
ldapadd -ZZ -x -D "cn=admin,cn=config" -W -f /etc/ldap/schema/cosine.ldif
# LDAP ACCOUNT MANAGER (web interface)
Do an rpm install (fedora) from:
www.ldap-account-manager.org
yum install php php-common php-cli
[root@ldap2]# rpm -Uvh ldap-account-manager-3.9-0.fedora.1.noarch.rpm
warning: ldap-account-manager-3.9-0.fedora.1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID 2b2b199e: NOKEY
Preparing... ########################################### [100%]
1:ldap-account-manager ########################################### [100%]
Stopping httpd: [FAILED]
Starting httpd: [ OK ]
db_hotbackup -c -h /var/lib/ldap/ -b <backupDir>/db
#!/bin/bash
BACKUPDIR=/root/ldap.backup
KEEPDAYS=30
# Make sure that the directory exists
mkdir -p $BACKUPDIR
# Create a new backup (and compress it). Choose one of the following FILENAME
# patterns (or create your own). The first has the hour and minute while the
# second has only the date. You can run the second hourly to keep only one
# copy per day, but have it saved hourly.
#FILENAME=$BACKUPDIR/ldap.backup.$(date +%Y%m%d%H%M)
FILENAME=$BACKUPDIR/ldap.backup.$(date +%Y%m%d)
/usr/sbin/slapcat | gzip --best >${FILENAME}.new.gz
mv -f ${FILENAME}.new.gz ${FILENAME}.gz
# Delete old copies
OLD=$(find $BACKUPDIR/ -ctime +$KEEPDAYS -and -name 'ldap.backup.*')
[ -n "$OLD" ] && rm -f $OLD service ldap stop
rm /var/lib/ldap/*
cd /root/ldap.backup/
gunzip ldap.backup.20060101.gz
slapadd -l ldap.backup.20060101
chown ldap.ldap /var/lib/ldap/*
service ldap start
OpenLDAP comes with many utilities for modifying the LDAP database, including ldapmodify, ldappasswd, ldapsearch, ldapadd, and ldapdelete, which do as their name suggests.
To change passwords, it is simply a matter of running the following command:
$ ldappasswd -W -D 'cn=bmarshal,ou=People,dc=pisoftware,dc=com' 'uid=bmarshal'
This command binds as the user specified, asks for a password, then applies the search filter 'uid=bmarshal', which will find the appropriate account then changes the password.
For more generic modifications, or for bulk data changes ldapmodify is more useful. It is used in the following manner:
$ ldapmodify -W -r -D "cn=Manager,dc=pisoftware,dc=com" < bmarshal.ldif
As above, this binds as the given distinguished name, asks for a password, and then replaces the entries with the data in the ldif file.
To view the data in LDIF format, for example for doing backups, or creating a skeleton for bulk modifications, ldapsearch is used as follows:
$ ldapsearch -L -W -D "cn=Manager,dc=pisoftware,dc=com" 'uid=*'
This binds as the manager, prompts for the password, outputs in LDIF format, and applies the search filter (in this case 'uid=*').
|
root@ldapclient$ ldapsearch -x -H ldaps://ldap.phas.ubc.ca/ -b "dc=phas,dc=ubc,dc=ca" '(objectclass=*)' root@ldapclient$ ldapsearch -x -H ldaps://ldap.phas.ubc.ca/ -b "dc=phas,dc=ubc,dc=ca" '(uid=rapugrad)' root@ldapclient$ ldapsearch -x -H ldaps://ldap.phas.ubc.ca/ -s base '(objectclass=*)' Test using TLS: root@ldapclient$ ldapsearch -x -ZZ -H ldap://ldap.phas.ubc.ca/ -s base '(objectclass=*)' Test using SSL: root@ldapclient$ ldapsearch -x -H ldaps://ldap.phas.ubc.ca/ -s base '(objectclass=*)' Test using debugging with SSL: root@ldapclient$ ldapsearch -d-8 -x -H ldaps://ldap.phas.ubc.ca/ -s base '(objectclass=*)' root@ldapclient$ getent passwd root@ldapclient$ id rapugrad |
|
[root@ldap ~]# ldapsearch -H ldap://ldap.phas.ubc.ca -x -b "" -s base -LLL supportedSASLMechanisms dn: supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 upportedSASLMechanisms: CRAM-MD5 i.e. PLAIN and LOGIN are not available over un-encrypted connections. [root@ldap ~]# ldapsearch -H ldap://ldap.phas.ubc.ca -x -b "" -s base -LLL -ZZ supportedSASLMechanisms dn: supportedSASLMechanisms: PLAIN supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: LOGIN root@hyper$ ldapsearch -H ldaps://ldap.phas.ubc.ca -x -b "" -s base -LLL supportedSASLMechanisms dn: supportedSASLMechanisms: PLAIN supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: LOGIN |
|
rap@spyder:~$ ldapsearch -x -v -D "uid=rapugrad,ou=people,dc=phas,dc=ubc,dc=ca" -W -b "dc=phas,dc=ubc,dc=ca" "(cn=ron)" -H ldaps://ldap.phas.ubc.ca
ldap_initialize( ldap://ldap.phas.ubc.ca ) ldap_bind: Server is unwilling to perform (53) additional info: Unauthenticated binds are not allowed |
|
rap@spyder:~$ ldapsearch -x -v -b "dc=phas,dc=ubc,dc=ca" "(cn=ron)" -H ldaps://ldap.phas.ubc.ca
ldap_initialize( ldaps://ldap.phas.ubc.ca:636/??base ) filter: (cn=ron) requesting: All userApplication attributes # extended LDIF # # LDAPv3 # base # filter: (cn=ron) # requesting: ALL # # search result search: 2 result: 50 Insufficient access # numResponses: 1 |
|
rap@spyder:~$ ldapsearch -ZZ -x -D "uid=rapugrad,ou=people,dc=phas,dc=ubc,dc=ca" -W -b "dc=phas,dc=ubc,dc=ca" "(uid=rap)" -H ldap://ldap.phas.ubc.ca
Enter LDAP Password: # extended LDIF # # LDAPv3 # base # filter: (uid=rap) # requesting: ALL # # rap, People, phas.ubc.ca dn: uid=rap,ou=People,dc=phas,dc=ubc,dc=ca objectClass: posixAccount objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: shadowAccount uid: rap cn: Ron Parachoniak uidNumber: 1000 gidNumber: 337 homeDirectory: /home/rap loginShell: /bin/bash gecos: Ron Parachoniak sn: Parachoniak givenName: Ron mail: rap@phas.ubc.ca shadowLastChange: 11053 # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 root@ldap$ |
Client Configuration:
(cf LDAPClientAuthentication)
cacert.asc was copied from ldap.phas.ubc.ca:/etc/dirsrv/slapd-ldap/cacert.asc Put the passwd for rootbinddn (i.e. cn=manager,dc=phas,dc=ubc,dc=ca) in /etc/ldap.secret Make sure /etc/ldap.secret is only readable by root. |
DISASTER RECOVERY
|
$ openssl verify pem-file $ openssl s_client -showcerts -connect www.example.com:443 $ openssl version -dAnother option is to get certificate from the CA repository:
$ wget https://certs.godaddy.com/repository/gd_bundle.crt -O ~/.cert/www.example.com/gd.pemFinally, create a symbolic link to files named by the hash values using c_rehash, enter:
$ c_rehash ~/.cert/www.example.com/To confirm you have the correct and working certificates, enter:
$ openssl s_client -CApath ~/.cert/mail.example.com/ -connect www.example.com:443
SYNOPSIS
c_rehash [directory] ...
DESCRIPTION
c_rehash scans directories and takes a hash value of each .pem and .crt
file in the directory. It then creates symbolic links for each of the
files named by the hash value. This is useful as many programs require
directories to be set up like this in order to find the certificates
they require.
If any directories are named on the command line then these directories
are processed in turn. If not then and the environment variable
SSL_CERT_DIR is defined then that is consulted. This variable should be
a colon (:) separated list of directories, all of which will be
processed. If neither of these conditions are true then
/usr/lib/ssl/certs is processed.
[root@ldap openldap]# ldapsearch -x -H ldaps://ldap.phas.ubc.ca/ -b "dc=phas,dc=ubc,dc=ca" '(objectclass=*)' ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) [root@ldap openldap]# ldapsearch -x -ZZ -H ldap://ldap.phas.ubc.ca/ -s base '(objectclass=*)' ldap_start_tls: Connect error (-11)Turn on debugging:
[root@ldap openldap]# ldapsearch -d-8 -x -H ldaps://ldap.phas.ubc.ca/ -s base '(objectclass=*)' TLS: did not find any valid CA certificates in /etc/openldap/cacerts TLS: could perform TLS system initialization. TLS: error: could not initialize moznss security context - error -5939:No more entries in the directory TLS: can't create ssl handle. ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)Turn on more debugging:
[root@ldap cacerts]# ldapsearch -d-1 -x -H ldaps://ldap.phas.ubc.ca/ -s base '(objectclass=*)' ... TLS: file server.crt does not end in [.0] - does not appear to be a CA certificate directory file with a properly hashed file name - skipping.Fixed this by doing the following:
[root@ldap cacerts]# cd /etc/openldap/cacerts [root@ldap cacerts]# cp /etc/pki/tls/certs/ldap.phas.ubc.ca.crt . [root@ldap cacerts]# openssl x509 -in ldap.phas.ubc.ca.crt -hash -noout e0e97619 [root@ldap cacerts]# cp ldap.phas.ubc.ca.crt e0e97619.0
/etc/cron.daily/0logwatch: Cannot find shared script applybaculadatesolution:
cd /usr/share/logwatch/scripts/shared/ scp zeta:/opt/etc/logwatch/scripts/shared/applybaculadate .
cd /opt/sysadmin cd /tmp wget --no-check-certificate --user=rap --ask-password https://www.phas.ubc.ca/sysadmin/Computers/00_Servers/rhel/satellite_setup.pl chmod +x satellite_setup.pl ./satellite_setup.pl yum update yum grouplist | less yum groupinstall "MySQL Database server" yum groupinstall "General Purpose Desktop" chkconfig mysqld on service mysqld startAdded "RHEL Server Optional (v. 6 for 32-bit x86)" to subscribed channels using web interface (https://satellite.it.ubc.ca/rhn/systems/details/Overview.do?sid=1000014649)
wget http://mirror.csclub.uwaterloo.ca/fedora/epel/6/i386/epel-release-6-5.noarch.rpm
rpm -Uvh http://mirror.csclub.uwaterloo.ca/fedora/epel/6/i386/epel-release-6-5.noarch.rpm
rpm -q php --qf "%{NAME} %{INSTALLTIME:date}\n"
rpm -q php --provides
yum install php-mbstring
yum install phpMyAdmin
yum install bacula-common bacula-console bacula-director-common bacula-director-mysql bacula-storage-common bacula-storage-mysql bacula-traymonitor
root@ldap:/tmp]$ rpm -qa | grep -i java java-1.4.2-gcj-compat-1.4.2.0-40jpp.115 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5 root@ldap:/tmp]$ rpm -qa | grep -i jdk ldapjdk-4.18-2jpp.3.el5 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5 root@ldap:/tmp]$ java -version java version "1.6.0" OpenJDK Runtime Environment (build 1.6.0-b09) OpenJDK 64-Bit Server VM (build 1.6.0-b09, mixed mode)Download and install JDK from Sun
Link to sun page: https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewFilteredProducts-SingleVariationTypeFilter;pgid=yYdgaHqkkjVSR0EUPIQsoQ3D00000rX5sEk-;sid=CUii2G7iLIyi2CWyo9rq3YFKlDKMZ6OnXKptGXP83UpC7w==?DLWidget=true&AutoWidgetDL=Install JDK:
root@ldap:/tmp]$ ./jdk-6u18-linux-x64-rpm.binUninstall openjdk:
root@ldap:/tmp]$ rpm -e java-1.4.2-gcj-compat-1.4.2.0-40jpp.115 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5
error: Failed dependencies:
jaas is needed by (installed) ldapjdk-4.18-2jpp.3.el5.x86_64
java is needed by (installed) jss-4.2.5-1.fc6.x86_64
java >= 1:1.6.0 is needed by (installed) idm-console-framework-1.1.3-1.fc6.noarch
java >= 1:1.6.0 is needed by (installed) 389-console-1.1.3-3.el5.noarch
java-gcj-compat >= 1.0.64 is needed by (installed) gjdoc-0.7.7-12.el5.x86_64
java-gcj-compat is needed by (installed) antlr-2.7.6-4jpp.2.x86_64
java-gcj-compat is needed by (installed) ldapjdk-4.18-2jpp.3.el5.x86_64
jndi is needed by (installed) ldapjdk-4.18-2jpp.3.el5.x86_64
jsse is needed by (installed) ldapjdk-4.18-2jpp.3.el5.x86_64
root@ldap:/tmp]$ rpm -e java-1.4.2-gcj-compat-1.4.2.0-40jpp.115 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5 java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5 --nodeps
rpm -Uv http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm (replace the x86_64 with i386 if it's 32bit system) yum install phpMyAdmin scp omega:/etc/httpd/conf.d/ssl_phpMyAdmin_conf edit /etc/httpd/conf.d/ssl.conf to add line: Include conf.d/ssl.phpMyAdmin_conf
root@ldap:/usr/local/sbin/LdapImport]$ diff LdapConnectionManager.pm LdapConnectionManager.pm.orig
558,560d557
< /389-Directory/ && do {
< $self->{'servertype'} = "FEDORA";
< };
Now run LdapImport.pl:
root@ldap:/usr/local/sbin/LdapImport]$ ./LdapImport.pl root@ldap:/usr/local/sbin/LdapImport/test]$ ./LdapImport.pl LDAP Migration Utility (c) 2005-2009 Babel Com Australia Pty Ltd ====================== Version 1.25 License: GPL Logging ======= Log file name [LdapImport.log] ? Destination LDAP Server ======================= Destination LDAP Server Name [localhost] ? I am guessing that this is a FEDORA server. Root DN to bind to localhost [cn=Directory Manager] ? Password for cn=Directory Manager [] ? xxxxxxxxxxxxxx OU to contain users in localhost [ou=People, dc=phas, dc=ubc, dc=ca] ? OU to contain groups in localhost [ou=Groups, ou=TopologyManagement, o=NetscapeRoot] ? email domain [netscaperoot] ? phas.ubc.ca Source Information ================== Source type -- Files/Winbind/Server [f/w/s] [s] ? f Should I migrate user accounts (y/n) [y] ? /etc/passwd file location [/etc/passwd] ? /etc/passwd.rhel (all system entries removed) /etc/shadow file location [/etc/shadow] ? /etc/shadow.rhel Should I migrate groups (y/n) [y] ? /etc/group file location [/etc/group] ? Note: all system entries removed from passwd.rhel, shadow.rhel, group.rhel Schema ====== Should I replace existing entries (y/n) [y] ? Should I trim objects to match the destination schema (y/n) [y] ? Should I map posixGroups to groupOfUniqueNames / groupOfNames (y/n) [y] ? Should I print progress dots (y/n) [y] ? Migration progress key: . = entry added to destination server successfully. o = entry replaced in destination directory (successful). x = entry not added to destination (already exists). X = entry not added to destination (schema verification error). # = entry not added to destination (other error). * = entry not replaced in destination directory (failure). Migrating user objects: .............................................................. ....................................................................................o. ........................................................................................ Migrating group objects: ............................................................. .......................................................................................o.. Migration Complete.
wget http://search.cpan.org/CPAN/authors/id/M/MS/MSCHILLI/Log-Log4perl-1.26.tar.gz tar zxf Log-Log4perl-1.26.tar.gz cd Log-Log4perl-1.26 perl Makefile.PL make make test make install cd /usr/local/sbin wget http://wiki.babel.com.au/uploads/LdapImport.tgz tar zxf LdapImport.tgz chown -R root:root LdapImport* cd /usr/local/sbin/LdapImport yum install perl-LDAP
perl -MCPAN -e shell CPAN> install Bundle::CPAN
root@ldap:/etc]$ service dirsrv stop root@ldap:/etc]$ service dirsrv-admin stop root@ldap:/etc]$ mv /etc/dirsrv /etc/dirsrv.old root@ldap:/etc]$ mv /usr/lib64/dirsrv /usr/lib64/dirsrv.old root@ldap:/etc]$ mv /var/lib/dirsrv /var/lib/dirsrv.old root@ldap:/etc]$ mv /var/lock/dirsrv /var/lock/dirsrv.old root@ldap:/etc]$ yum reinstall 389-ds 389-admin 389-admin-console 389-admin-console-doc 389-adminutil 389-console 389-ds-base 389-ds-console 389-ds-console-doc 389-dsgw perl-Mozilla-LDAP root@ldap:/etc]$ /usr/sbin/setup-ds-admin.pl
root@ldap:~]$ vi /etc/sysctl.conf added the following lines: # beginning of local additions - rdp 09-12-11 net.ipv4.tcp_keepalive_time = 300 net.ipv4.ip_local_port_range = 1024 65000 fs.file-max = 64000
root@ldap:~]$ sysctl -p net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_keepalive_time = 300 net.ipv4.ip_local_port_range = 1024 65000 fs.file-max = 64000
root@ldap:~]$ vi /etc/security/limits.conf # local additions - rdp 09-12-11 * - nofile 8192
root@ldap:/tmp]$ vi /etc/pam.d/login added the following line: session required pam_limits.so
root@ldap:/tmp]$ /usr/sbin/setup-ds-admin.pl (all but essential output deleted...) Choose a setup type [2]: Computer name [ldap.phas.ubc.ca]: System User [nobody]: ldap System Group [nobody]: ldap configuration directory server? [no]: Configuration directory server administrator ID [admin]: Password: Administration Domain [phas.ubc.ca]: Directory server network port [389]: Directory server identifier [ldap]: Suffix [dc=phas, dc=ubc, dc=ca]: Directory Manager DN [cn=Directory Manager]: Password: Administration port [9830]: Creating directory server . . . Your new DS instance 'ldap' was successfully created. Creating the configuration directory server . . . Beginning Admin Server creation . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . Starting admin server . . . The admin server was successfully started. Admin server was successfully created, configured, and started. Exiting . . . Log file is '/tmp/setupG2Bhc8.log'
[root@ldap ~]# wget -O - http://port389.org/sources/idmcommon.repo | sed -e 's/$releasever/6/g;' > /etc/yum.repos.d/idmcommon.repo [root@ldap ~]# wget -O - http://port389.org/sources/dirsrv.repo | sed -e 's/$releasever/6/g;' > /etc/yum.repos.d/dirsrv.repo [root@ldap ~]# rpm --import 'http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA7B02652' [root@ldap ~]# yum install 389-ds Loaded plugins: rhnplugin, security Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package 389-ds.noarch 0:1.1.3-4.el5 set to be updated --> Processing Dependency: 389-ds-console-doc for package: 389-ds --> Processing Dependency: 389-ds-base for package: 389-ds --> Processing Dependency: 389-admin-console-doc for package: 389-ds --> Processing Dependency: 389-admin-console for package: 389-ds --> Processing Dependency: 389-dsgw for package: 389-ds --> Processing Dependency: 389-admin for package: 389-ds --> Processing Dependency: 389-console for package: 389-ds --> Processing Dependency: idm-console-framework for package: 389-ds --> Processing Dependency: 389-ds-console for package: 389-ds --> Running transaction check ---> Package 389-admin.x86_64 0:1.1.8-4.el5 set to be updated --> Processing Dependency: perl(Mozilla::LDAP::Utils) for package: 389-admin --> Processing Dependency: perl-Mozilla-LDAP for package: 389-admin --> Processing Dependency: mod_nss for package: 389-admin --> Processing Dependency: perl(Mozilla::LDAP::API) for package: 389-admin --> Processing Dependency: perl(Mozilla::LDAP::Conn) for package: 389-admin --> Processing Dependency: libadmsslutil.so.1()(64bit) for package: 389-admin --> Processing Dependency: libadminutil.so.1()(64bit) for package: 389-admin ---> Package 389-admin-console.noarch 0:1.1.4-1.el5 set to be updated ---> Package 389-admin-console-doc.noarch 0:1.1.4-1.el5 set to be updated ---> Package 389-console.noarch 0:1.1.3-3.el5 set to be updated --> Processing Dependency: java >= 1:1.6.0 for package: 389-console ---> Package 389-ds-base.x86_64 0:1.2.2-1.el5 set to be updated --> Processing Dependency: db4-utils for package: 389-ds-base --> Processing Dependency: mozldap-tools for package: 389-ds-base --> Processing Dependency: cyrus-sasl-gssapi for package: 389-ds-base --> Processing Dependency: cyrus-sasl-md5 for package: 389-ds-base ---> Package 389-ds-console.noarch 0:1.2.0-4.el5 set to be updated ---> Package 389-ds-console-doc.noarch 0:1.2.0-4.el5 set to be updated ---> Package 389-dsgw.x86_64 0:1.1.4-1.el5 set to be updated ---> Package idm-console-framework.noarch 0:1.1.3-1.fc6 set to be updated --> Processing Dependency: jss >= 4.2 for package: idm-console-framework --> Processing Dependency: ldapjdk for package: idm-console-framework --> Running transaction check ---> Package 389-adminutil.x86_64 0:1.1.8-3.el5 set to be updated ---> Package cyrus-sasl-gssapi.x86_64 0:2.1.22-5.el5 set to be updated ---> Package cyrus-sasl-md5.x86_64 0:2.1.22-5.el5 set to be updated ---> Package db4-utils.x86_64 0:4.3.29-10.el5 set to be updated ---> Package java-1.6.0-openjdk.x86_64 1:1.6.0.0-1.7.b09.el5 set to be updated ---> Package jss.x86_64 0:4.2.5-1.fc6 set to be updated ---> Package ldapjdk.x86_64 0:4.18-2jpp.3.el5 set to be updated ---> Package mod_nss.x86_64 0:1.0.3-8.el5 set to be updated --> Processing Dependency: httpd >= 2.0.52 for package: mod_nss ---> Package mozldap-tools.x86_64 0:6.0.5-1.el5 set to be updated ---> Package perl-Mozilla-LDAP.x86_64 0:1.5.2-4.el5 set to be updated --> Running transaction check ---> Package httpd.x86_64 0:2.2.3-31.el5_4.2 set to be updated --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================== Package Arch Version Repository Size ======================================================================================================== Installing: 389-ds noarch 1.1.3-4.el5 dirsrv-noarch 8.6 k Installing for dependencies: 389-admin x86_64 1.1.8-4.el5 dirsrv 377 k 389-admin-console noarch 1.1.4-1.el5 dirsrv-noarch 201 k 389-admin-console-doc noarch 1.1.4-1.el5 dirsrv-noarch 39 k 389-adminutil x86_64 1.1.8-3.el5 dirsrv 69 k 389-console noarch 1.1.3-3.el5 idmcommon-noarch 72 k 389-ds-base x86_64 1.2.2-1.el5 dirsrv 1.8 M 389-ds-console noarch 1.2.0-4.el5 dirsrv-noarch 1.4 M 389-ds-console-doc noarch 1.2.0-4.el5 dirsrv-noarch 53 k 389-dsgw x86_64 1.1.4-1.el5 dirsrv 1.1 M cyrus-sasl-gssapi x86_64 2.1.22-5.el5 rhel-x86_64-server-5 29 k cyrus-sasl-md5 x86_64 2.1.22-5.el5 rhel-x86_64-server-5 47 k db4-utils x86_64 4.3.29-10.el5 rhel-x86_64-server-5 122 k httpd x86_64 2.2.3-31.el5_4.2 rhel-x86_64-server-5 1.2 M idm-console-framework noarch 1.1.3-1.fc6 idmcommon-noarch 1.0 M java-1.6.0-openjdk x86_64 1:1.6.0.0-1.7.b09.el5 rhel-x86_64-server-5 27 M jss x86_64 4.2.5-1.fc6 idmcommon 681 k ldapjdk x86_64 4.18-2jpp.3.el5 rhel-x86_64-server-5 907 k mod_nss x86_64 1.0.3-8.el5 rhel-x86_64-server-5 83 k mozldap-tools x86_64 6.0.5-1.el5 rhel-x86_64-server-5 146 k perl-Mozilla-LDAP x86_64 1.5.2-4.el5 rhel-x86_64-server-5 178 k Transaction Summary ======================================================================================================== Install 21 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 37 M Is this ok [y/N]: y Downloading Packages: (1/21): 389-ds-1.1.3-4.el5.noarch.rpm | 8.6 kB 00:00 (2/21): cyrus-sasl-gssapi-2.1.22-5.el5.x86_64.rpm | 29 kB 00:00 (3/21): 389-admin-console-doc-1.1.4-1.el5.noarch.rpm | 39 kB 00:00 (4/21): cyrus-sasl-md5-2.1.22-5.el5.x86_64.rpm | 47 kB 00:00 (5/21): 389-ds-console-doc-1.2.0-4.el5.noarch.rpm | 53 kB 00:00 (6/21): 389-adminutil-1.1.8-3.el5.x86_64.rpm | 69 kB 00:00 (7/21): 389-console-1.1.3-3.el5.noarch.rpm | 72 kB 00:00 (8/21): mod_nss-1.0.3-8.el5.x86_64.rpm | 83 kB 00:00 (9/21): db4-utils-4.3.29-10.el5.x86_64.rpm | 122 kB 00:00 (10/21): mozldap-tools-6.0.5-1.el5.x86_64.rpm | 146 kB 00:00 (11/21): perl-Mozilla-LDAP-1.5.2-4.el5.x86_64.rpm | 178 kB 00:00 (12/21): 389-admin-console-1.1.4-1.el5.noarch.rpm | 201 kB 00:00 (13/21): 389-admin-1.1.8-4.el5.x86_64.rpm | 377 kB 00:00 (14/21): jss-4.2.5-1.fc6.x86_64.rpm | 681 kB 00:00 (15/21): ldapjdk-4.18-2jpp.3.el5.x86_64.rpm | 907 kB 00:00 (16/21): idm-console-framework-1.1.3-1.fc6.noarch.rpm | 1.0 MB 00:01 (17/21): 389-dsgw-1.1.4-1.el5.x86_64.rpm | 1.1 MB 00:01 (18/21): httpd-2.2.3-31.el5_4.2.x86_64.rpm | 1.2 MB 00:00 (19/21): 389-ds-console-1.2.0-4.el5.noarch.rpm | 1.4 MB 00:01 (20/21): 389-ds-base-1.2.2-1.el5.x86_64.rpm | 1.8 MB 00:01 (21/21): java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.x86_64.rpm | 27 MB 00:02 -------------------------------------------------------------------------------------------------------- Total 2.1 MB/s | 37 MB 00:17 Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing : java-1.6.0-openjdk 1/21 Installing : perl-Mozilla-LDAP 2/21 Installing : 389-adminutil 3/21 Installing : ldapjdk 4/21 Installing : jss 5/21 Installing : cyrus-sasl-gssapi 6/21 Installing : db4-utils 7/21 Installing : mozldap-tools 8/21 Installing : cyrus-sasl-md5 9/21 Installing : 389-ds-base 10/21 Installing : httpd 11/21 Installing : idm-console-framework 12/21 Installing : mod_nss 13/21 mod_nss certificate database generated. Installing : 389-admin 14/21 Installing : 389-admin-console 15/21 Installing : 389-ds-console 16/21 Installing : 389-dsgw 17/21 Installing : 389-ds-console-doc 18/21 Installing : 389-admin-console-doc 19/21 Installing : 389-console 20/21 Installing : 389-ds 21/21 Installed: 389-ds.noarch 0:1.1.3-4.el5 Dependency Installed: 389-admin.x86_64 0:1.1.8-4.el5 389-admin-console.noarch 0:1.1.4-1.el5 389-admin-console-doc.noarch 0:1.1.4-1.el5 389-adminutil.x86_64 0:1.1.8-3.el5 389-console.noarch 0:1.1.3-3.el5 389-ds-base.x86_64 0:1.2.2-1.el5 389-ds-console.noarch 0:1.2.0-4.el5 389-ds-console-doc.noarch 0:1.2.0-4.el5 389-dsgw.x86_64 0:1.1.4-1.el5 cyrus-sasl-gssapi.x86_64 0:2.1.22-5.el5 cyrus-sasl-md5.x86_64 0:2.1.22-5.el5 db4-utils.x86_64 0:4.3.29-10.el5 httpd.x86_64 0:2.2.3-31.el5_4.2 idm-console-framework.noarch 0:1.1.3-1.fc6 java-1.6.0-openjdk.x86_64 1:1.6.0.0-1.7.b09.el5 jss.x86_64 0:4.2.5-1.fc6 ldapjdk.x86_64 0:4.18-2jpp.3.el5 mod_nss.x86_64 0:1.0.3-8.el5 mozldap-tools.x86_64 0:6.0.5-1.el5 perl-Mozilla-LDAP.x86_64 0:1.5.2-4.el5 Complete! [root@ldap ~]#
LSI Logic Corp MPT IME BIOS
MPTBIOS-IME-5.10.01
LSI Logic MPT SCSI Setup Utility Ver MPTBIOS-IME-5.10.01
LSI Logic Host Bus Adapters
Adapter PCI Dev/ Part IRQ NVM Boot LSI Logic RAID
BUS Fun. No. Order Controller Status
lis1030 2="" "" A800 7 yes 1 Enabled - -
lis1030 2="" "" A400 7 yes 0 Enabled Optimal
Adapter Properties
LSI 2 29
Host SCSI ID=7
SCSI Bus Scan Order Low to High 0...Max
Removable Media Support None
CHS mapping SCSI Plug & Play mapping
Spinup delay (secs) 2
Secondary Cluster Server No
Termination Control Auto
..same as above for LSI 2 28
RAID PROPERTIES
SCSI Device Identifier Array Hot Status Predict Size
ID Disk Spare Failure
0 Seagate ST373307LC 0007 Yes No OK No 69878
1 Seagate ST373307LC 0007 Yes No Primary No 69878
BOOT ADAPTER LIST
Adapter PCI Dev/ Boot Current Next
Bus Fun order Status Boot
LSI1030 2 28 0 on on
LSI1030 2 29 1 on on
Global Properties
Parse when boot alert displayed - No
Boot info Display Mode - Verbose
Negotiate with devices - supported
Video mode - color
Support Interrupt - Hook interrupt, the default
Disable integrated RAID - No
HBA ID LUN Vendor Product----- Rev SYNC Wide Capacity
0 0 0 LSI Logic 1030 IM 1000 16 73277 MB
0 6 0 ESG-SHV SCA HSBP M29 1.06
0 7 0 LSI-Logic LSI 1030[ 402] 1030F00 320.0 16
1 7 0 LSI-Logic LSI 1030[ 402] 1030F00 320.0 16
BIOS SETUP - F2
Main
System Overview
AMIBIOS
Version: SE75020JR22.86B.P.06.0069
Build date: 12/16/04
PROCESSOR
Type: Intel Xeon CPU 3.00 GHz
Speed: 3000 MHz
Count: 2
SYSTEM MEMORY
Size: 2048 MB
SERVER BOARD MCH STEPPING
Stepping: 2
Advanced
MAX CPUID Value Limit: Disabled
Hyperthreading : Enabled
IDE Configuration
On board P-ATA channels: (both)
On board S-ATA channels: [enabled]
Configure S-ATA as RAID: Disabled
S-ATA Ports definition: [A0-3rd M/A1 - 4th M]
Mixed P-ATA / SATA
Primary IDE Master Not detected
Slave Not detected
Secondary IDE Master ATAPI CDROM
Slave Not detected
Third IDE Master Not detected
Fourth IDE Master Not detected
Hard Disk write protect - Disabled
IDE detect Time Out (sec) - 35
ATA(PI) 80 Pin Cable Detection [ Host + Device]
PCI Configuration
Onboard video - E
Dual Monitor video - D
Onboard NIC - E
Onboard NIC1 ROM - E
Onboard NIC2 ROM - E
Onboard SCSI - E
Onboard SCSI ROM - E
Onboard SCSI Mode - (IM/IME)
PCI priority Arbitration - D
MMIO above 4GB - E
MEMORY Configuration
DIMM 1A installed
DIMM 1B installed
DIMM 2A installed
DIMM 2B installed
DIMM 3A not installed
DIMM 3B not installed
Externded Memory Test - D
Memory Retest - D
Memory remap feature - E
Memory sparing feature - D
BOOT SETTINGS
Quick Boot - E
Quit boot - D
Boot up numlock off
PS/2 mouse support auto
Post Error pause - E
Hit Msg Ddisp - E
Scan User Flash area - D
BOOT DEVICE PRIORITY
1st SM-SR244U
2nd #228 ID00 LUN0 LSI
3rd Disabled
Hard Disk Drives
1st Drive #228 ID00 LUN0 LSI
Server Settings
System Mgmt
Server Board Part No. C53662-502
Server Baord Serail No. B2JR44475332
NIC 1 MAC 00-0E-0C-4E-6B-9C
NIC 2 MAC 00-0E-0C-4E-6B-9D
BIOS Version SE7520JR22.86B.P.06.00.0069
BMC Device ID 20
Firmware Rev 0240
Device Rev 01
PIA Rev 4F00
FRUSDR Package Rev 6.5.1
Assert NMI on SERR - E
PERR - E
Resume on AC Power Loss - Power On
FRB-2 Policy - Retry on next boot
Late POST Timeout - D
PXE OS boot - D
OS Watchdog Time Policy - Stay On
Platform Event Filtering - E
| webmaster@phas.ubc.ca | [Dept. Home Page] | last updated: Dec 4, 2009 |