Task 2
Setup the internal DNS server, NFS server, and
OpenLDAP server on the Enterprise server
Task 2.1 Setup internal DNS server on the enterprise server (Difficulty
= 2.5)
- Use the net?.hkntec.net as your network's
DNS domain where net? is your group no
- Setup the primary server on the entperise server
- Setup the slave server on the enterprise client
- Setup the firewall, enterprise server and client as the DNS clients
of your internal DNS server
- Record all the ip addresses of the firewall, enterprise server and
enterprise client in the DNS.
Task 2.2 Setup NFS server on the enterprise server (Difficulty = 1)
- Create /data on enterprise server
- share this directory to the enterprise client
- On enterprise client, mount the /data directory of the enterprise server
as /data
Task 2.3 Setup OpenLDAP server on the enterprise server and use it for
system auth of the enterprise server and enterprise client (Difficulty
= 3)
- Use the dc=net?,dc=hkntec,dc=net as your
openldap domain where net? is your group no.
- you can get any missed packages at ftp://ftp.erg.cuhk.edu.hk:/pub/iews/yr2
or you can compile your own openldap server from http://www.openldap.org
- Be sure to read the openldap links given in the related reference section
carefully before starting. Moreover, from my experience, there's some
mistake in the documentation of openldap in the internet. The example
given in the docs may not work. Use your expertise to work around this.
- You are required to use the encrypted password of rootpw in the slapd.conf
of rootpw. Send the password to sfluk@ie.cuhk.edu.hk together with your group
no.
- Config both the enterprise server and enterprise as the ldap client
of your server
- Create an user a/c : cto2 in your openldap directory and the home directory
as /data/cto2 so that cto2 can logon both the enterprise server and enterprise
client as a normal user. Send the cto2 password to sfluk@ie.cuhk.edu.hk together
with your group no. Moreover, make sure cto2 can change his/her ldap password.
- Configure your firewall to port forward ldap server port to enterprise
server so that user can make query on your ldap server within IE.
Checklist
- You can nslookup ip address of your firewall, server and client and
vice vera. eg: nslookup ntec12-46 or 172.16.120.1 will give your result.
- Enterprise cleint can mount /data from enterprise server
- user cto2 is created in ldap directory can be used to logon enterprise
server and enterprise client. Moreover cto2 can change his/her ldap password.
- port forwared ldap service port to enterprise server on firewall so
that user can access your ldap server outside your enterprise network.
Related References :
Last updated : 2003/4/24