OVD is a Java-based app and one of the limitations for Java-based servers is that if you want to run the service on a port under 1024 on Unix - you have to run it as root. The reason is that by default Unix requires anything on those ports to be run as root. In C-based applications - there is a switch-user API call that lets you start as root and then switch to another user.
Java never mapped this call and so there is lots of different schemes for dealing with it. For example in app servers - you might run Apache as a proxy running on 80 to Weblogic running on 7001.
I stumbled on another way to do this - at least on Linux. And that is to use iptables.
Here is how you can map 389 to 6501 (OVD 11g default non-SSL port):
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 389 -j REDIRECT --to-port 6501
Here is how can you map 636 to 7501 (OVD 11g default SSL port):
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 636 -j REDIRECT --to-port 7501
Posted via email from Virtual Identity Dialogue