频道导航

OpenLDAP服务端+PhpLdapAdmin 基本安装与配置

2020-06-09 Bash 前端之家

前端之家收集整理的这篇文章主要介绍了OpenLDAP服务端+PhpLdapAdmin 基本安装与配置，前端之家小编觉得挺不错的，现在分享给大家，也给大家做个参考。

转载：http://blog.csdn.net/post_yuan/article/details/53129735

参考了一些其他人写的一些关于安装配置OpenLDAP的文章，于是乎手痒痒也自己动手尝试了一下安装与配置OpenLDAP，并安装PHPLdapAdmin用来通过WEB界面去管理LDAP。

下面就详细介绍如何一步步安装配置LDAP服务器，仅供参考~

1 yum安装OpenLDAP

[html]view plaincopy 
    
 <spanstyle="font-size:14px;">[root@ha-3yum.repos.d]#yuminstallopenldapopenldap-*-y
 [root@ha-3yum.repos.d]#rpm-qa|grepopenldap
 openldap-servers-2.4.40-12.el6.x86_64
 openldap-devel-2.4.40-12.el6.x86_64
 openldap-servers-sql-2.4.40-12.el6.x86_64
 openldap-clients-2.4.40-12.el6.x86_64
 openldap-2.4.40-12.el6.x86_64
 </span>

2 配置ldap，包括准备DB_CONFIG和slapd.conf

copy 
     
    

[root@ha-3yum.repos.d]#cp/usr/share/openldap-servers/DB_CONFIG.example/var/lib/ldap/DB_CONFIG

[root@ha-3yum.repos.d]#cp/usr/share/openldap-servers/slapd.conf.obsolete/etc/openldap/slapd.conf>

3 生成ldap管理员密码

copy 
     
    

[root@ha-3yum.repos.d]#slappasswd-sldap123

{SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ>

4 修改slapd.conf，主要配置dc和rootpw，rootpw配置为上述步骤中的密码

copy 
     
    

databasebdb

suffix"dc=esgyn,dc=com"
checkpoint102415
rootdn"cn=Manager,dc=esgyn,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> #Cleartextpasswords,especiallyfortherootdn,should
#beavoided.Seeslappasswd(8)andslapd.conf(5)fordetails.
#USEOfstrongauthenticationencouraged.
#rootpwsecret
#rootpw{crypt}ijFYNcSNctBYg
rootpw{SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ>

5 检测并重新生成ldap数据库

copy 
     
    

[root@cent-1slapd.d]#ls

cn=configcn=config.ldif
[root@cent-1slapd.d]#rm-rf*
[root@cent-1slapd.d]#slaptest-f/etc/openldap/slapd.conf-F/etc/openldap/slapd.d/
configfiletestingsucceeded>

6 修改相关ldap文件权限

copy 
     
    

[root@ha-3yum.repos.d]#chown-Rldap:ldap/var/lib/ldap/

[root@ha-3yum.repos.d]#chown-Rldap:ldap/etc/openldap/>

7 启动slapd服务

copy 
     
    

[root@cent-1~]#serviceslapdstatus

slapdisstopped
[root@cent-1~]#serviceslapdstart
Startingslapd:[OK]>

8 yum安装migrationtools

copy 
     
    

[root@cent-1slapd.d]#yuminstallmigrationtools-y

9 编辑/usr/share/migrationtools/migrate_common.ph并修改相关配置

copy 
     
    

#DefaultDNSdomain

$DEFAULT_MAIL_DOMAIN="esgyn.com";
#Defaultbase
$DEFAULT_BASE="dc=esgyn,dc=com";
>

10 生成base.ldif

copy 
     
    

[root@cent-1slapd.d]#/usr/share/migrationtools/migrate_base.pl

base.ldif

11 添加base.ldif到ldap

copy 
     
    

[root@cent-1migrationtools]#ldapadd-x-D"

Manager

com

"-W-f./base.ldif

EnterLDAPPassword:
addingnewentry"dc=esgyn,dc=com"
addingnewentry"ou=Hosts,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Rpc,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Services,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"nisMapName=netgroup.byuser,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Mounts,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Networks,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=People,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Group,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Netgroup,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Protocols,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"ou=Aliases,108); list-style-type:decimal-leading-zero; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important; list-style-position:outside!important"> addingnewentry"nisMapName=netgroup.byhost,dc=com">

12 检查ldapadd是否成功

copy 
     
    

[root@cent-1migrationtools]#ldapsearch-x-D"

Manager

=com"-b"

=Aliases,

com

"-W

#extendedLDIF
#
#LDAPv3
#base<ouou=Aliases,dc=com>withscopesubtree
#filter:(objectclass=*)
#requesting:ALL
#
#Aliases,hadoop.com
dn:ou=Aliases,dc=com
ou:Aliases
objectClass:top
objectClass:organizationalUnit
#searchresult
search:2
result:0Success
#numResponses:2
#numEntries:1>

13 yum安装httpd及PHPLdapAdmin

copy 
     
    

[root@cent-1migrationtools]#yuminstallhttpdPHPldapadmin-y

14 配置/etc/httpd/conf.d/PHPldapadmin.conf允许从远程访问

copy 
     
    

Alias/PHPldapadmin/usr/share/PHPldapadmin/htdocs

Alias/ldapadmin/usr/share/PHPldapadmin/htdocs
Directory/usr/share/PHPldapadmin/htdocs>
OrderDeny,Allow
Allowfromall
Directory>>

15 修改/etc/PHPldapadmin/config.PHP配置用DN登录

copy 
     
    

$servers-

setValue('login','attr','dn');

//$servers->

16 启动httpd服务

copy 
     
    

[root@cent-1migrationtools]#servicehttpdstatus

httpdisstopped
[root@cent-1migrationtools]#servicehttpdstart
Startinghttpd:httpd:Couldnotreliablydeterminetheserver'sfullyqualifieddomainname,using192.168.0.16forServerName
[OK]>

17 打开Web UI并登录LDAP

原文链接：https://www.f2er.com/bash/391834.html