System version: CENTOS6
Installation configuration Openldap:yum install OpenLDAP openldap-servers openldap-clients openldap-devel compat-openldap-y
cp/usr/share/openldap-servers/slapd.conf.obsolete/etc/openldap/slapd.conf #拷贝配置文件
Cp/usr/share/openldap-servers/db_config.example/var/lib/ldap/db_config; Chown-r Ldap.ldap/var/lib/ldap
[Email protected] ~]# slappasswd #创建管理员密码
New Password:
Re-enter new password:
{SSHA}0TSMZUXWZ4ZV3EHRQA0YQ0DVFGNKZHPH
To modify the configuration file slapd.conf:
Suffix "dc=my-domain,dc=com"
Checkpoint 1024 15
RootDN "Cn=manager,dc=my-domain,dc=com"
Switch
Suffix "dc=LDAP, dc=xxxxx,dc=net" #basedn
Checkpoint 1024 15
RootDN "cn=manager,dc=ldap,dc=xxxxx,dc=net" #rootdn
ROOTPW {ssha}0tsmzuxwz4zv3abqa0yq0dvfggkzhph #管理员修改密码 need to adjust this configuration
After configuration, check the following configuration:
[Email protected] openldap]# slaptest-f slapd.conf
Config file testing succeeded
Start LDAP Service:/ETC/INIT.D/SLAPD start
Migrating user data to OpenLDAP
Installation Configuration Migration Tool: Yum install http://mirror.centos.org/centos/6/os/x86_64/Packages/migrationtools-47-7.el6.noarch.rpm-y
cd/usr/share/migrationtools/&& Vim migrate_common.ph
# Default DNS Domain
$DEFAULT _mail_domain = "ldap.xxxxx.net";
72
# Default Base
$DEFAULT _base = "dc=ldap,dc=xxxxx,dc=net";
Key concepts:
DN: Unique distinguished Name
DC: The area in which it belongs
OU: Affiliated Organizations
Cn/uid: Full name/login ID
#运行脚本 migrate_base.pl, it creates a root entry that does not create a lower-level organizational unit, such as Hosts, networks, group, and people, and is designated as a base.ldif file
./migrate_base.pl >base.ldif
Ldapadd-d "Cn=manager,dc=ldap,dc=xxxxx,dc=net"-w-x-F Base.ldif
Installing Phpldapadmin
Yum Install phpldapadmin-y #要有epel源
Modify the httpd configuration file: Vim/etc/httpd/conf.d/phpldapadmin.conf Modify to the following
ServerName ldap.xxxx.net
Alias/phpldapadmin/usr/share/phpldapadmin/htdocs
Alias/ldapadmin/usr/share/phpldapadmin/htdocs
<Directory/usr/share/phpldapadmin/htdocs>
<ifmodule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<ifmodule!mod_authz_core.c>
# Apache 2.2
Order Deny,allow
Allow from all
</IfModule>
</Directory>
Modify Phpldapadmin configuration file: vim/etc/phpldapadmin/config.php
$servers->setvalue (' login ', ' attr ', 'dn');
$servers->setvalue (' login ', ' attr ', 'uid');
Web Access Phpldapadmin
Configuration is complete.
Build LDAP server and Web Management Service--phpldapadmin