Chapter 3. Setting up a new instance using the web console

download PDF

If you prefer a browser-based interface to set up Directory Server, you can use the Directory Server web console.

3.1. Prerequisites

3.2. Using the web console to set up a new Directory Server instance

This section describes how to use the web console to set up a new Directory Server instance.


  • The cockpit web console package is installed.
  • The cockpit.socket systemd unit is enabled and started.
  • You opened port 9090 in the local firewall to allow accessing the web console.


  1. Use a browser to connect to the web console running on port 9090 on the Directory Server host:
  2. Log in as the root user or as a user with sudo privileges.
  3. Select the Red Hat Directory Server entry.
  4. Create a new instance:

    • If no instance exists on the server, click the Create New Instance button.
    • If the server already runs existing instances, select Actions and click Create New Instance.
  5. Complete the fields of the Create New Server Instance form:

    • Instance Name: Sets the name of the instance. Note that you cannot change the name of an instance after it has been created.
    • Port: Sets the port number of the LDAP protocol. The port must not be in use by another instance or service. The default port is 389.
    • Secure Port: Sets the port number of the LDAPS protocol. The port must not be in use by another instance or service. The default port is 636.
    • Create Self-Signed TLS Certificate DB: Enables TLS encryption in the instance, and creates a self-signed certificate.

      For increased security, Red Hat recommends that you create the new instance with the self-signed certificate and TLS enabled. Note that you can replace the self-signed certificate with a certificate issued by a Certificate Authority (CA) at a later date.

    • Directory Manager DN: Sets the distinguished name (DN) of the administrative user of the instance. The default value is cn=Directory Manager.
    • Directory Manager Password: Sets the password of the administrative user of the instance.
    • Confirm Password: Must be set to the same value as in the Directory Manager Password field.
    • Create Database: Select this field to automatically create a suffix during instance creation.


      If you do not create a suffix during instance creation, you must create it later manually before you can store data in this instance.

      If you enabled this option, fill the addition fields:

      • Database Suffix: Sets the suffix for the back end.
      • Database Name: Sets the name of the back end database.
      • Database Initialization: Set this field to Create Suffix Entry.
  6. Click Create Instance.

    The new instance starts and is configured to start automatically when the system boots.

  7. Open the required ports in the firewall:

    # firewall-cmd --permanent --add-port={389/tcp,636/tcp}
  8. Reload the firewall configuration:

    # firewall-cmd --reload
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.