Directory Services 7.4.2

Unpack files

The following procedures only unpack the server files. You must then run the setup command to set up the server:

Unpack the cross-platform zip

You can use the .zip delivery on any supported operating system.

  1. Review requirements for installation.

  2. Unpack the cross-platform .zip file in the file system directory where you want to install the server.

    Perform this step as a user with the same file system permissions as the user who will run the setup command.

    The setup command uses the directory where you unzipped the files as the installation directory. It does not ask you where to install the server. If you want to install elsewhere on the file system, unzip the files in that location.

    Unzipping the .zip file creates a top-level opendj directory in the directory where you unzipped the file. On Windows systems if you unzip the file with Right-Click > Extract All, remove the trailing opendj-7.4.2-20240422170454-4479d6639a7cd2be7fa2765d7ad48f403369b3fc directory from the folder you specify.

Use the Debian package

On Debian and related Linux distributions, such as Ubuntu, you can unpack files using the Debian package:

  1. Review requirements for installation.

    In particular, install a Java runtime environment (JRE) if none is installed yet. The following example uses the java11-runtime virtual package:

    $ sudo apt-get install java11-runtime
  2. Install the server package:

    $ sudo dpkg -i DS*.deb

    The Debian package:

    • Installs server files in the /opt/opendj directory.

    • Adds documentation files under the /usr/share/doc/opendj directory.

    • Adds man pages under the /opt/opendj/share/man directory.

    • Generates systemd service files /etc/default/opendj and /etc/systemd/system/opendj.service.

    By default, the system superuser (root) owns the files. The DS server can listen on privileged ports like 389 and 636.

  3. (Optional) Change the systemd configuration:

    • Edit /etc/default/opendj directly to set any environment variables DS requires.

      For example, set environment variables for property value substitutions.

    • Use the systemctl edit command to change the service configuration; for example, to run DS as a specific user.

      The command makes the changes in a new override.conf file that systemd reads automatically.

    The changes you make in this way are independent of upgrades and changes to the package defaults. To avoid compatibility problems, don’t edit /etc/systemd/system/opendj.service directly.

  4. Set up the server with the setup command, sudo /opt/opendj/setup.

Use the RPM package

On Red Hat and related Linux distributions, such as Fedora and CentOS, you can unpack files using the RPM package:

  1. Review requirements for installation.

    In particular, install a Java runtime environment (JRE) if none is installed yet. You might need to download an RPM to install the Java runtime environment, and then install the RPM by using the rpm command:

    $ su
    Password:
    root# rpm -ivh jre-*.rpm
  2. Install the server package:

    root# rpm -i DS*.rpm

    The RPM package:

    • Installs server files in the /opt/opendj directory.

    • Adds man pages under the /opt/opendj/share/man directory.

    • Generates systemd service files /etc/default/opendj and /etc/systemd/system/opendj.service.

    By default, the system superuser (root) owns the files. The DS server can listen on privileged ports like 389 and 636.

  3. (Optional) Change the systemd configuration:

    • Edit /etc/default/opendj directly to set any environment variables DS requires.

      For example, set environment variables for property value substitutions.

    • Use the systemctl edit command to change the service configuration; for example, to run DS as a specific user.

      The command makes the changes in a new override.conf file that systemd reads automatically.

    The changes you make in this way are independent of upgrades and changes to the package defaults. To avoid compatibility problems, don’t edit /etc/systemd/system/opendj.service directly.

  4. Set up the server with the setup command, /opt/opendj/setup.

    By default, the server starts in run levels 2, 3, 4, and 5.

Use the Windows MSI

Make sure you can log on as Windows Administrator to install the files and run the setup.bat command.

Prevent antivirus and intrusion detection systems from interfering with DS software.

Before using DS software with antivirus or intrusion detection software, consider the following potential problems:

Interference with normal file access

Antivirus and intrusion detection systems that perform virus scanning, sweep scanning, or deep file inspection are not compatible with DS file access, particularly write access.

Antivirus and intrusion detection software have incorrectly marked DS files as suspect to infection, because they misinterpret normal DS processing.

Prevent antivirus and intrusion detection systems from scanning DS files, except these folders:

C:\path\to\opendj\bat\

Windows command-line tools

/path/to/opendj/bin/

Linux command-line tools

/path/to/opendj/extlib/

Optional .jar files used by custom plugins

/path/to/opendj/lib/

Scripts and libraries shipped with DS servers

Port blocking

Antivirus and intrusion detection software can block ports that DS uses to provide directory services.

Make sure that your software does not block the ports that DS software uses. For details, refer to Administrative access.

Negative performance impact

Antivirus software consumes system resources, reducing resources available to other services including DS servers.

Running antivirus software can therefore have a significant negative impact on DS server performance. Make sure that you test and account for the performance impact of running antivirus software before deploying DS software on the same systems.

GUI

  1. Review requirements for installation.

  2. Start the wizard as Windows Administrator:

    1. If you are logged on as Administrator, double-click the Windows installer package, DS-7.4.2.msi.

    2. If you are logged on as a regular user, hold the shift key while right-clicking DS-7.4.2.msi, select Run as different user, and run the installer as Windows Administrator.

  3. (Optional) Set the Destination Folder to the location for DS server files.

    • The default location is under Program Files on the system drive.

      For example, if the system drive is C:, the default location is C:\Program Files (x86)\ForgeRock Directory Services\.

    • The Windows installer has 32-bit dependencies but DS runs as a 64-bit Java application.

  4. Complete the wizard.

    The installation program writes DS server files to the destination folder.

    You must run the setup.bat command in the destination folder as Administrator to set up DS.

PowerShell

  1. Review requirements for installation.

  2. Start PowerShell as Windows Administrator:

    1. If you are logged on as Windows Administrator, double-click Start > Windows PowerShell.

    2. If you are logged on as a regular user, hold the shift key while right-clicking Start > Windows PowerShell and select Run as Administrator.

  3. Use the Microsoft msiexec.exe command to install the files.

    The following example installs DS server files under C:\Users\opendj\ds. It writes an install.log file in the current folder:

    C:\> msiexec /i C:\Users\opendj\Downloads\DS-7.4.2.msi /l* install.log /q OPENDJ="C:\Users\opendj\ds"

    The installation program writes DS server files to the destination folder.

    You must run the setup.bat command in the destination folder as Administrator to set up DS.