AdamSaleh · May 16, 2014 15:46
diff --git a/gistfile1.sh b/gistfile1.sh
 # First Add these iptable rules to  /etc/sysconfig/iptables
 # -A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
 # -A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
 # -A INPUT -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
 service iptables restart
 yum install -y 389-ds openldap-clients
 useradd dsuser

 setup-ds-admin.pl 
 #^ this command will ask you lots of questions, I loosely based my answers on http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/
 # I chose suffix dc=usersys,dc=redhat,dc=com, because it complies \w qetetello02 domain
 # with every password set to password :)
 # in the process it shall ask you to give it an unprivileged user, that was created previously.

 chkconfig dirsrv on
 chkconfig dirsrv-admin on
 ldapsearch -x -b "dc=usersys,dc=redhat,dc=com"
 #^ this should output lots of empty groups as per default 389ds settings :) 
diff --git a/gistfile2.txt b/gistfile2.txt
 #On your local machine
 sudo yum -y install 389-console    
 389-console
 # type in the username and password, and when typing in the ds_admin adress, dont forget that it runs on port 9830
 # in console, find the gui tab with users and groups, and with a button next to bottom corner create an user.
 # created user should be automatically put ldap organization unit people.

 # then in https://qetello02.usersys.redhat.com/auth_source_ldaps you can add this server
 # it is not necessary to supply username or password, 389ds should allow anonymous reads.
 # if you were to add an ldap account to facilitate access for foreman, don;t forget that you need the full name,
 # i.e.  cn=Directory Manager,dc=usersys,dc=redhat,dc=com .
 # but it wasn't necessary in my case.

 # http://theforeman.org/manuals/1.5/index.html#4.1WebInterface
 # http://projects.theforeman.org/projects/foreman/wiki/Configure_FreeIPA_for_Authentication
	# First Add these iptable rules to /etc/sysconfig/iptables
	# -A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
	# -A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
	# -A INPUT -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
	service iptables restart
	yum install -y 389-ds openldap-clients
	useradd dsuser

	setup-ds-admin.pl
	#^ this command will ask you lots of questions, I loosely based my answers on http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/
	# I chose suffix dc=usersys,dc=redhat,dc=com, because it complies \w qetetello02 domain
	# with every password set to password :)
	# in the process it shall ask you to give it an unprivileged user, that was created previously.

	chkconfig dirsrv on
	chkconfig dirsrv-admin on
	ldapsearch -x -b "dc=usersys,dc=redhat,dc=com"
	#^ this should output lots of empty groups as per default 389ds settings :)
	#On your local machine
	sudo yum -y install 389-console
	389-console
	# type in the username and password, and when typing in the ds_admin adress, dont forget that it runs on port 9830
	# in console, find the gui tab with users and groups, and with a button next to bottom corner create an user.
	# created user should be automatically put ldap organization unit people.

	# then in https://qetello02.usersys.redhat.com/auth_source_ldaps you can add this server
	# it is not necessary to supply username or password, 389ds should allow anonymous reads.
	# if you were to add an ldap account to facilitate access for foreman, don;t forget that you need the full name,
	# i.e. cn=Directory Manager,dc=usersys,dc=redhat,dc=com .
	# but it wasn't necessary in my case.

	# http://theforeman.org/manuals/1.5/index.html#4.1WebInterface
	# http://projects.theforeman.org/projects/foreman/wiki/Configure_FreeIPA_for_Authentication