Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: IDS-4545: Remove init.d references - code review fixes

...

Note
titleEnable LDAPS

The easiest way to enable LDAPS for OpenLDAP is to first finish basic install process for SSO and then enable LDAPS following: Enable ldaps for SSO


Note
titleRed Hat 9 support

Red Hat 9 requires SSO 9.4 or higher as the SysVinit service support has been deprecated in favour of systemd

Check Java and set system wide environment variables

...

Code Block
languagebash
mkdir -p /usr/local/ubisecure
tar -xzvf sso-x.x.x-unix.tar.gz -C /usr/local/ubisecure

Install dependencies

Linux standard base package is needed for sysVinit script dependency (/etc/init.d -scripts)

Code Block
languagebash
yum install lsb

Modify the configuration template

...

If the OpenLDAP install script prompts for LDAP Password, type secret and press return. 

...

In RedHat 7 install.sh script fails.

As a workaround, start OpenLDAP from shell by executing:

Code Block
languagebash
./start.sh

After OpenLDAP has started, open a new shell and execute the following commands:

Code Block
languagebash
./import.sh ../cnroot.ldif
 ./import.sh ../uas.ldif
 ./import.sh ../secrets.ldif
 ./import.sh ../system-password.ldif
 ./import.sh groups.ldif

...


Note

When using LDAPS, cacert.pem, server certificate and server certificate key needs to be located at /usr/local/ubisecure/ubilogin-sso/openldap/etc/openldap/ and TLSCACertificateFile, TLSCertificateFile and TLSCertificateKeyFile needs to be uncommented from slapd.conf.

...