[[email protected] ldap]# cp /usr/share/openldap-servers/db_config.example /var/lib/ Ldap/db_config[[email protected] ldap]# chown -r ldap:ldap /etc/openldap/[[email protected] ldap]# chown -r ldap:ldap /var/lib/ldap/[[email protected] ldap]# chmod 700 /var/lib/ldap/[[email protected] ldap]#[[email protected] ldap]# ls /var/lib/ldap/db_config[[email protected] ldap]# SLAPTEST  -UCONFIG FILE TESTING SUCCEEDED[[EMAIL PROTECTED] LDAP] #最终的配置文件 [[ email protected] ldap]# egrep -v ' ^#|^.*# ' /etc/openldap/slapd.confinclude /etc/openldap/schema/corba.schemainclude/etc/openldap/schema/core.schemainclude/etc/openldap/schema/ cosine.schemainclude/etc/openldap/schema/duaconf.schemainclude/etc/openldap/schema/dyngroup.schemainclude/etc/ Openldap/schema/inetorgperson.schemainclude/etc/openldap/schema/java.schemainclude/etc/openldap/schema/misc.schemainclude/etc/openldap/schema/ nis.schemainclude/etc/openldap/schema/openldap.schemainclude/etc/openldap/schema/ppolicy.schemainclude/etc/ Openldap/schema/collective.schemaallow bind_v2pidfile/var/run/openldap/slapd.pidargsfile/var/run/openldap /slapd.argstlscacertificatepath /etc/openldap/certstlscertificatefile "\" OpenLDAP Server\ "" tlscertificatekeyfile /etc/openldap/certs/passwordaccess to *by self writeby Anonymous authby * readdatabasebdbsuffix "dc=etiantian,dc=org" Checkpoint2048 10rootdn "cn= Admin,dc=etiantian,dc=org "loglevel296cachesize1000directory/var/lib/ldapindex objectclass eq,presindex ou,cn,mail,surname,givenname eq,pres, Subindex uidnumber,gidnumber,loginshell eq,presindex uid,memberuid eq,pres,subindex Nismapname,nismapentry eq,pres, SUBROOTPW{SSHA}+OJQNIWD7VYZN9D9VRBYRE6KVI3HJRW1 Start ldap[[email protected] ldap]# /etc/init.d/ Slapd restart Stop slapd: [failed] is starting slapd: [Determine][[email protected] ldap]#[[email protected] ldap]# chkconfig slapd on[[email protected] ldap]# chkconfig --list Slapdslapd 0: Off 1: Off 2: Enable 3: Enable 4: Enable 5: Enable 6: off [[email protected] ldap]#[[email protected] ldap]# lsof -i:389command pid USER FD TYPE DEVICE SIZE/OFF NODE NAMEslapd 1470 ldap 7u IPv4 11434 0t0 TCP *:ldap (LISTEN) slapd 1470 ldap 8u ipv6 11435 0t0 tcp *: ldap (LISTEN) [[Email protected] ldap]#[[email protected] ldap]# ps -ef |grep ldapldap 1470 1 0 10:53 ? 00:00:00 /usr/sbin/slapd -h ldap:/// ldapi :/// -u ldaproot 1481 1287 0 10:55 pts/0 00:00:00 grep ldap[[email protected] ldap]#[ [email protected] ldap]# tail -f /var/log/ldap.logmar 25 10:59:51 ldap-server slapd[1603]: @ (#) $OpenLDAP: slapd 2.4.40 (may 10 2016 23:30:49) $ #012 #[email protected]:/builddir/build/build/openldap-2.4.40/openldap-2.4.40/ BUILD-SERVERS/SERVERS/SLAPD The boot checksum is correct: [[email protected] ldap]# ldapsearch -lll - w -x -h ldap://etiantian.org -d "cn=admin,dc=etiantian,dc=org" -b "Dc=etiantian,dc=orG "enter ldap password:ldap_bind: invalid credentials [[email protected]  LDAP] #解决办法:[email protected] ldap]# rm -rf /etc/openldap/slapd.d/*[[email protected] ldap]# slaptest -f /etc/openldap/slapd.conf -f /etc/openldap/slapd.d[[email protected] ldap]# chown -R ldap:ldap /etc/openldap/[[email protected] ldap]# /etc/init.d/slapd restart Stop slapd: [OK] starting slapd: [Determine][[ Email protected] ldap]#[[email protected] ldap]# ldapsearch -lll -w -x -H ldap://etiantian.org -D "cn=admin,dc=etiantian,dc=org" -b "dc=etiantian,dc=org" enter ldap password:no such object (+) #表示正确 [[email protected] ldap]#
This article is from the "Brick Blog" blog, please be sure to keep this source http://wsxxsl.blog.51cto.com/9085838/1910268
04-openldap-Database Configuration