Académique Documents
Professionnel Documents
Culture Documents
Attach ISO with server and mount it into your Linux server
createrepo -v /var/ftp/pub/
firewall-cmd –reload
vi /etc/sysconfig/modules/ftp.modules
#!/bin/sh
chmod +x /etc/sysconfig/modules/ftp.modules
setsebool -P ftp_home_dir=1
[localrepo]
baseurl = ftp://192.168.139.130/pub
enabled = 1
Because This Server is installed in minimal version ( which I recommended ) so you have to
install following packages in your utility server
firewall-cmd --reload
options {
allow-query { any; };
below recursive
forward only;
dnssec-validation no;
zone "example.com" {
type master;
file "example.com.zone";
};
zone "139.168.192.in-addr.arpa" {
type master;
file "example.com.revzone";
allow-update { none; };
};
$TTL 86400
2016121501 ; Serial
1d ; refresh
2h ; retry
4w ; expire
1h ) ; min cache
IN NS dns.example.com.
IN MX 10 mail.example.com.
gateway IN A 192.168.139.2
dns IN A 192.168.139.130
mail IN A 192.168.139.130
reposrv IN A 192.168.139.130
node-1 IN A 192.168.139.140
node-2 IN A 192.168.139.141
workstation8 IN A 192.168.139.150
2016121501 ; Serial
1d ; refresh
2h ; retry
4w ; expire
1h ) ; min cache
IN NS dns.example.com.
2 IN PTR gateway.example.com.
named-checkconf
Result should be OK
firewall-cmd –reload
vi /etc/postfix/main.cf
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
postfix check
postconf -n
setsebool -P allow_postfix_local_write_mail_spool = 1
echo " This is Root, testing email " | mail -s "Test" amman@example.com
su – amman
Now Insall and Configure a LDAP directory service for user authentication task
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
Slaptest
Now start the configuration of the LDAP server, add the cosine & nis LDAP schemas
cd /etc/openldap/schema/
vi /etc/openldap/changes.ldif
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=com
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=Manager,dc=example,dc=com
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}Yk7jC+noIYXT1w+xKMAKgaBb07j70L8/
changetype: modify
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/certs/cert.pem
dn: cn=config
changetype: modify
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/certs/priv.pem
dn: cn=config
changetype: modify
replace: olcLogLevel
olcLogLevel: -1
dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
vi /etc/openldap/base.ldif
dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain
ou: People
objectClass: top
objectClass: organizationalUnit
dn: ou=Group,dc=example,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit
mkdir /home/guests
passwd ldapuser01
passwd ldapuser02
cd /usr/share/migrationtools/
vi migrate_common.ph
$DEFAULT_MAIL_DOMAIN = "example.com";
$DEFAULT_BASE = "dc=example,dc=com";
Now
firewall-cmd --reload
Vi /etc/rsyslog.conf
local4.* /var/log/ldap.log
# extended LDIF
# LDAPv3
# requesting: ALL
dn: uid=ldapuser01,ou=People,dc=example,dc=com
uid: ldapuser01
cn: ldapuser01
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JGtyWUNydnlNJFhJQUpLNXZKNkpCVDZEbXNuU3NpelRVZ0RlUGd
oVTRPQlQ4b25ibjNSalRKSjVtT0tmWjd4RjIySk03anlVSUU0NEsvSXNtaUFCUEM3bkI0TlYyY2gv
shadowLastChange: 17150
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1002
gidNumber: 1002
homeDirectory: /home/guests/ldapuser01
dn: cn=ldapuser01,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser01
userPassword:: e2NyeXB0fXg=
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
firewall-cmd --reload
mkdir /home/srvshare/
mkdir /www
restorecon -R /home/srvshare
restorecon -R /home/guests
restorecon -R /www
setsebool -P nfs_export_all_rw on
setsebool -P nfs_export_all_ro on
setsebool -P use_nfs_home_dirs on
vi /etc/exports
/home/srvshare reposrv.example.com(rw,no_root_squash)
/home/guests reposrv.example.com(rw,no_root_squash)
exportfs –avr
showmount -e localhost
firewall-cmd --reload
mv /etc/samba/smb.conf /etc/samba/smb.conf.bk
vi /etc/samba/smb.conf
[global]
workgroup = MYGROUP
interfaces = lo,ens33,192.168.139.0/24
security = user
[shared]
browseable = yes
path = /shared
writable = yes
mkdir /shared
firewall-cmd --reload
useradd sarah
ssh-keygen -t rsa
ssh root@192.168.139.140
ssh root@192.168.139.141
ssh root@192.168.139.142
ssh root@192.168.139.143
Note: This Server is built for Red Hat Exams Modifications are not allowed. If anything need to
change please let me know?
End