Redhat Directory Server

Port Numbers:
- The Directory Server instance (LDAP) has a default port number of 389.
- Administration Server port number has a default number of 9830. If the default port number for either server is in use, then the setup program randomly generates a port number larger than 1024 to use as the default.
- For LDAPS (LDAP with TLS/SSL), the default port number is 636.

Directory Manager:
- Directory Server setup creates a special user called the Directory Manager.
- A unique, powerful entry that is used to administer all user and configuration tasks.
- access controls. password policy, and database limits for size, time, and lookthrough limits do not apply to the Directory Manager.
- It is used only for authentication.
- The Directory Server setup process prompts for a distinguished name (DN) and a password for the Directory Manager.
- The default value for the Directory Manager DN is cn=Directory Manager.

Directory Administrator
- The Directory Administrator is the "super user" that manages all Directory Server and Administration Server instances through the Directory Server Console.

Administration Server User
- By default, the Administration Server runs as the same non-root user as the Directory Server.

There are important differences between the Directory Administrator and the Directory Manager:
* The administrator cannot create top level entries for a new suffix through an add operation. either adding an entry in the Directory Server Console or using ldapadd, a tool provided with OpenLDAP. Only the Directory Manager can add top-level entries by default. To allow other users to add top-level entries, create entries with the appropriate access control statements in an LDIF file, and perform an import or database initialization procedure using that LDIF file.
* Password policies do apply to the administrator, but you can set a user-specific password policy for the administrator.
* Size, time, and lookthrough limits apply to the administrator, but you can set different resource limits for this user.

setup-ds-admin.pl
- The Directory Server and Administration Server instances are created and configured through a script call setup-ds-admin.pl.
- to set the machine name, suffix, and Directory Server port of the new instance, the command is as follows:
/usr/sbin/setup-ds-admin.pl General.FullMachineName=ldap.example.com “slapd.Suffix=dc=example, dc=com” slapd.ServerPort=389
- When the setup-ds-admin.pl finishes, it generates a log file in the /tmp directory called setupXXXXXX.log where XXXXXX is a series of random characters.
-