OpenLDAP服务端+PhpLdapAdmin 基本安装与配置

Bash 前端之家
前端之家收集整理的这篇文章主要介绍了OpenLDAP服务端+PhpLdapAdmin 基本安装与配置前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

转载:http://blog.csdn.net/post_yuan/article/details/53129735


参考了一些其他人写的一些关于安装配置OpenLDAP的文章,于是乎手痒痒也自己动手尝试了一下安装与配置OpenLDAP,并安装PHPLdapAdmin用来通过WEB界面去管理LDAP。

下面就详细介绍如何一步步安装配置LDAP服务器,仅供参考~


1 yum安装OpenLDAP

[html] view plain copy
  1. <spanstyle="font-size:14px;">[root@ha-3yum.repos.d]#yuminstallopenldapopenldap-*-y
  2. [root@ha-3yum.repos.d]#rpm-qa|grepopenldap
  3. openldap-servers-2.4.40-12.el6.x86_64
  4. openldap-devel-2.4.40-12.el6.x86_64
  5. openldap-servers-sql-2.4.40-12.el6.x86_64
  6. openldap-clients-2.4.40-12.el6.x86_64
  7. openldap-2.4.40-12.el6.x86_64
  8. </span>

2 配置ldap,包括准备DB_CONFIG和slapd.conf

copy
    >[root@ha-3yum.repos.d]#cp/usr/share/openldap-servers/DB_CONFIG.example/var/lib/ldap/DB_CONFIG
  1. [root@ha-3yum.repos.d]#cp/usr/share/openldap-servers/slapd.conf.obsolete/etc/openldap/slapd.conf>

3 生成ldap管理员密码

copy
    >[root@ha-3yum.repos.d]#slappasswd-sldap123
  1. {SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ>

4 修改slapd.conf,主要配置dc和rootpw,rootpw配置为上述步骤中的密码

copy
    >databasebdb
  1. suffix"dc=esgyn,dc=com"
  2. checkpoint102415
  3. rootdn"cn=Manager,dc=esgyn,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> #Cleartextpasswords,especiallyfortherootdn,should
  4. #beavoided.Seeslappasswd(8)andslapd.conf(5)fordetails.
  5. #USEOfstrongauthenticationencouraged.
  6. #rootpwsecret
  7. #rootpw{crypt}ijFYNcSNctBYg
  8. rootpw{SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ>

5 检测并重新生成ldap数据库

copy
    >[root@cent-1slapd.d]#ls
  1. cn=configcn=config.ldif
  2. [root@cent-1slapd.d]#rm-rf*
  3. [root@cent-1slapd.d]#slaptest-f/etc/openldap/slapd.conf-F/etc/openldap/slapd.d/
  4. configfiletestingsucceeded>

6 修改相关ldap文件权限

copy
    >[root@ha-3yum.repos.d]#chown-Rldap:ldap/var/lib/ldap/
  1. [root@ha-3yum.repos.d]#chown-Rldap:ldap/etc/openldap/>

7 启动slapd服务

copy
    >[root@cent-1~]#serviceslapdstatus
  1. slapdisstopped
  2. [root@cent-1~]#serviceslapdstart
  3. Startingslapd:[OK]>
8 yum安装migrationtools

copy
    >[root@cent-1slapd.d]#yuminstallmigrationtools-y>
9 编辑/usr/share/migrationtools/migrate_common.ph并修改相关配置

copy
    >#DefaultDNSdomain
  1. $DEFAULT_MAIL_DOMAIN="esgyn.com";
  3. #Defaultbase
  4. $DEFAULT_BASE="dc=esgyn,dc=com";
  5. >
10 生成base.ldif

copy
    >[root@cent-1slapd.d]#/usr/share/migrationtools/migrate_base.pl>base.ldif>
11 添加base.ldif到ldap

copy
    >[root@cent-1migrationtools]#ldapadd-x-D"cn=Manager,dc=com"-W-f./base.ldif
  1. EnterLDAPPassword:
  2. addingnewentry"dc=esgyn,dc=com"
  4. addingnewentry"ou=Hosts,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Rpc,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Services,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"nisMapName=netgroup.byuser,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Mounts,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Networks,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=People,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Group,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Netgroup,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Protocols,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Aliases,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"nisMapName=netgroup.byhost,dc=com">
12 检查ldapadd是否成功

copy
    >[root@cent-1migrationtools]#ldapsearch-x-D"cn=Manager,dc=com"-b"ou=Aliases,dc=com"-W
  1. #extendedLDIF
  2. #
  3. #LDAPv3
  4. #base<ouou=Aliases,dc=com>withscopesubtree
  5. #filter:(objectclass=*)
  6. #requesting:ALL
  7. #
  8. #Aliases,hadoop.com
  9. dn:ou=Aliases,dc=com
  10. ou:Aliases
  11. objectClass:top
  12. objectClass:organizationalUnit
  13. #searchresult
  14. search:2
  15. result:0Success
  16. #numResponses:2
  17. #numEntries:1>
13 yum安装httpd及PHPLdapAdmin

copy
    >[root@cent-1migrationtools]#yuminstallhttpdPHPldapadmin-y>
14 配置/etc/httpd/conf.d/PHPldapadmin.conf允许从远程访问

copy
    >Alias/PHPldapadmin/usr/share/PHPldapadmin/htdocs
  1. Alias/ldapadmin/usr/share/PHPldapadmin/htdocs
  2. Directory/usr/share/PHPldapadmin/htdocs>
  3. OrderDeny,Allow
  4. Allowfromall
  5. Directory>>

15 修改/etc/PHPldapadmin/config.PHP配置用DN登录

copy
    >$servers->setValue('login','attr','dn');
  1. //$servers->
16 启动httpd服务

copy
    >[root@cent-1migrationtools]#servicehttpdstatus
  1. httpdisstopped
  2. [root@cent-1migrationtools]#servicehttpdstart
  3. Startinghttpd:httpd:Couldnotreliablydeterminetheserver'sfullyqualifieddomainname,using192.168.0.16forServerName
  4. [OK]>

17 打开Web UI并登录LDAP


猜你在找的Bash相关文章

Vim常用操作总结
普通模式 >G 增加当前行到文档末尾处的缩紧层级 $ 移动到本行的末尾 . ...
SpaceVim 语言模块 elixir
原文连接: https://spacevim.org/cn/layers/lang/elixir/ 模块简介 功能特性 启用模块 快...
SpaceVim 语言模块 dart
原文连接: https://spacevim.org/cn/layers/lang/dart/ 模块简介 功能特性 依赖安装及启用...
shell 操作符详解
 =   赋值操作符,可以用于算术和字符串赋值 +        加法计算     -     ...
adb shell 查看内存信息
1.根据包名来查看指定的APP指定数据 adb shell "top | grep com.xxx.xxx" 由于这样...
salt-api安装以及简单实使用
1、安装说明   操作系统版本:CentOS Linux release 7.5.1804 (Core)   saltstack版本...
lunix 思维导图
yum仓库搭建
实验目的: 在系统中安装yum仓库,解决用rpm安装软件包时会产生依赖包而导致安装失败的问题...
shell 括号的区别
$()   用于命令交换      里面会会执行命令,如果你写其他的:      会直接报错...
纸小墨ink简洁主题story爱上你的故事
主题介绍 为纸小墨写的一款主题,该主题移植自Yumoe Demo ink-theme-story 主题的一些食用说...
LinuxWindowsCentOSUbuntuNginxWebServiceScalaMemcacheApacheRedisDockerBashAzureTomcatLNMPShell数据结构服务器运维网络安全
xebugnodemondocker-copydcoselasticsearcwindows-contdocker-windodocker-awsamazon-cloudenvoyproxyhashicorp-vaswisscomdevkafka-pythonzscalerphoton-osdocker-swarmkamongoogle-cloudconcoursewso2-ampersistent-vapi-managerprocess-manamanjarojenkins-workhypriotremoteapikeystonejsbitcoindbitcoin-test