As you can read on GOsa website: “GOsa² provides a powerful GPL’ed framework for managing accounts and systems in LDAP databases. Using GOsa² allows system administrators to easily manage users and groups…”. The installation on Red Hat Enterprise Linux/CentOS is a bit tricky and here you will find how to install it.
First you need to set SELinux in permissive mode (if you have enabled it) and configure the firewall to let other systems to connect to port 80/443 (HTTP and HTTPs) and 389 (LDAP server port) using the commandline tool
# system-config-securitylevel-tui
Now we need to get some more RPM repos to work:
//First the CentOS testing repo
# cd /etc/yum.repos.d/
# wget http://dev.centos.org/centos/5/CentOS-Testing.repo
//Then the RPMForge repo
# rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
//And last the GOsa RPM repo
# cat >> GOsa.repo << EOF
> [GOsa-Repository]
> name=GOsa Repository
> baseurl=ftp://oss.gonicus.de/pub/gosa/redhat
> enabled=0
> gpgcheck=0
> EOF
As we want the system as stable as possible without many packages from externarl repositories please verify that the files CentOS-Testing.repo and rpmforge.repo both contain the line ‘enabled=0‘. Now let’s check the new repositories for new packages to install and install them:
# yum –enablerepo=rpmforge,GOsa-Repository,c5-testing check-update
//Install LDAP
# yum install openldap openldap-servers
//Install PHP 5.2 from CentOS Testing
# yum –enablerepo=c5-testing install php-common php-imap php-snmp php-mysql php-mbstring php-pdo
//Install perl-Crypt-SmbHash from RPMForge
# yum –enablerepo=rpmforge install perl-Crypt-SmbHash
//Install GOsa RPMs
# yum –enablerepo=GOsa-Repository install gosa-help-en.noarch gosa-plugin-addressbook.noarch gosa-plugin-ldapmanager.noarch gosa-plugin-mail.noarch gosa-plugin-rolemanagement.noarch gosa-plugin-systems.noarch gosa-schema.noarch gosa-plugin-goto
Now we need to be sure that Apache HTTPD and LDAP servers start at boot:
# chkconfig httpd on
# chkconfig ldap on
At this point, before configuring GOsa, you need to add specific GOsa schemas to your ldap using as reference a part of the beginning of my own /etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/gosa/rfc2307bis.schema
include /etc/openldap/schema/gosa/gofax.schema
include /etc/openldap/schema/gosa/gofon.schema
include /etc/openldap/schema/gosa/samba.schema
include /etc/openldap/schema/gosa/gosystem.schema
include /etc/openldap/schema/gosa/goto.schema
include /etc/openldap/schema/gosa/samba3.schema
include /etc/openldap/schema/gosa/gosa-samba3.schema
include /etc/openldap/schema/gosa/goserver.schema
include /etc/openldap/schema/gosa/goto-mime.schema
include /etc/openldap/schema/gosa/trust.schema
Restart your openldap and finally we can connect to GOsa web interface and configure it pointing your browser at
http://<hostname>/gosa/
Now you should have a fully functional GOsa install on your CentOS5: please let me know if you found error in this tutorial or even if you found it useful.
[...] How to install GOsa on RHEL/CentOS 5 [...]
Hello! your blog is very interesting. The content is really great, but sorry i don’t like your website theme, maybe you find better wp themes when you search on ask for “the best wordpress themes”.
Hi this blog entry was very usefull for me. But it was really hard to find it with google. Maybe you should improve it with seo plugins for wordpress like WP seo.
the follow error appeare when restarting ldap:
service ldap restart
Stopping slapd: [ OK ]
Checking configuration files for slapd: /etc/openldap/schema/gosa/rfc2307bis.schema: line 23: Duplicate attributeType: “1.3.6.1.1.1.1.2″
slaptest: bad configuration file!
[FAILED]
I have to comment this line in /etc/openldap/slapd.conf:
#include /etc/openldap/schema/gosa/rfc2307bis.schema
Where is my error?
thanks in advance
best regards
john
Greetings from Colorado! I’m bored to death at work so I decided to browse your blog on my iphone during lunch break. I really like the information you provide here and can’t wait to take a look when I get home. I’m amazed at how quick your blog loaded on my mobile .. I’m not even using WIFI, just 3G .. Anyways, excellent blog!
Hello,
Thanks for this. We have an exsitsing OpenLDAP server running centos 5.5 If i were to install Gosa will it mess up my current config/users? I would like sometihng just connect to my exsiting ldap server.
Hi,
I really think that GOSA needs its own LDAP schema and I do not think it is easy portable to other schemas. I do not think it will mess your current config/users but also I think it will not work with your current setup.
When I used it I started from scratch.
Let me know your experience.
Bye
APiero
John your error is caused because another schema already provides attribute 1.3.6.1.1.1.1.2 (probably nis.schema).
Your best bet is to grep for that to find what schema file provides that. You can probably try hashing it out in /etc/openldap/slapd.conf and try again:
/bin/grep “1.3.6.1.1.1.1.2″ /etc/openldap/schema/*