Absrtact: Recent departments need to integrate all the systems, so the leadership said that through the OPENLDAP database to achieve the unified management of all systems, so the need to configure the server on the LDAP service, we choose here is the openldap service, I searched the internet a lot, the beginning has not been configured successfully, Finally, after several attempts to successfully configure the success, now make a record, convenient to see again later.
Server environment: CentOS6.4
Pre-Configuration preparation:
Turn off Iptables and SELinux first to avoid errors during configuration.
[Plain] View Plaincopy # service iptables Stop # Setenforce 0 # Vi/etc/sysconfig/selinux Modify selinux=disabled, as shown in the following figure:
One: OpenLDAP service-side configuration:
(1). Install the OpenLDAP service, the Yum installation that I use here, the packages that need to be installed are as follows:
[Plain] View plaincopy openldap-devel-2.4.23-26.el6.x86_64 openldap-clients-2.4.23-26.el6.x86_64 Openldap-2.4.23-26.el6.x86_64 openldap-servers-2.4.23-26.el6.x86_64 (2). Yun installation OpenLDAP service commands are as follows: (This must be your Linux machine can be networked , otherwise the words cannot be installed successfully. )
[Plain] View Plaincopy # yum install openldap-*-y
(3). After the installation of the OpenLDAP service completes, copy the LDAP profile to the LDAP directory:
[Plain] View Plaincopy # cd/etc/openldap/# cp/usr/share/openldap-servers/slapd.conf.obsolete slapd.conf (4). The CentOS6.4 version configuration file has a backup in the home directory:
[Plain] View Plaincopy # cd/etc/openldap/# cp Slapd.conf.bak slapd.conf (5). Create LDAP Administrator password:
[Plain] View Plaincopy # SLAPPASSWD Here I entered the password is redhat, after entering the password, return a string of ciphertext, first saved to the Clipboard
{Ssha} Ak5d0xqldrjupt3b4c1tqbnzwrtzyllt
(6). Compiling the configuration file:
[Plain] View Plaincopy # vi/etc/openldap/slapd.conf found 115 rows, default as shown:
The following red box for the password you just generated (after the encryption).
The Permissions section of the last few lines of the configuration file we also need to make the corresponding changes:
Save and exit.
(7). Copy db_config file to the specified directory:
# Cp/usr/share/openldap-servers/db_config.example/var/lib/ldap/db_config
(8). Delete all the contents below the default/ETC/OPENLDAP/SLAPD.D, otherwise you will be able to make an error when using Ldapadd:
# rm-rf/etc/openldap/slapd.d/*
(9). Start the LDAP SLAPD service and set the self-boot:
[Plain] View Plaincopy # service SLAPD Restart # chkconfig on (10). Give the configuration directory the appropriate permissions:
[Plain] View Plaincopy # chown-r Ldap:ldap/var/lib/ldap # chown-r ldap:ldap/etc/openldap/
(11). Test and generate the configuration file:
[Plain] View plaincopy slaptest-f/etc/openldap/slapd.conf-f/etc/openldap/slapd.d.*
Returns config file testing succeeded, the configuration is successful. (12). Give the generated configuration file permission and restart: