Management system, the administrator can be encrypted to operate, enhance security. Lam supports managed account types with SAMBA2/3, UNIX address Book interfaces, and computer-required information, including NIS maps, e-mail aliases, MAC addresses, and so on.
LDAP Account Manager Powerful features
1. Using Lam, users, user groups, and computer system accounts stored in an LDAP directory can be easily and intuitively managed through a web interface.
2, the management of UNIX users, user groups, host, domain name.
3, powerful filtering and sorting function.
4, Account Number property management.
5, many constructs the attribute.
6, visual tree view mode.
7, plan to view the mode.
8, through the file upload to create an account.
9, all accounts can be exported to PDF file format.
10. Manage users, user groups, quotas, and automatically create a home directory for deleted users.
11, support LDAP+SSL encryption mode.
12, multinational language support, such as Catalan, Chinese (traditional) and so on.
Installation Requirements
1, PHP5 language environment and Perl language environment.
2, OpenLDAP2.0 or later.
3, support the CSS Web browser.
4, Apache WebServer, it is recommended to install SSL, Php-module (Php-module with LDAP, Gettext, XML, Mcrypt+mhash) and other modules.
Following the installation of the previous article, this article installs the LDAP account Manager (LAM)
1. Extend PHP LDAP
The code is as follows |
Copy Code |
python[root@itchenyi-04 ~]# CD php-5.3.5/ext/ldap/ [Root@itchenyi-04 ldap]#/software/php/bin/phpize Configuring for: PHP Api version:20090626 Zend Module Api no:20090626 Zend Extension Api no:220090626 [root@itchenyi-04 ldap]#./configure--with-php-config=/software/php/bin/php-config--with-ldap=/software/openldap --with-ldap-sasl=/software/sasl2/ [Root@itchenyi-04 ldap]# make && Make install [root@itchenyi-04 ldap]# echo-e ' nextension = ldap.so ' >> /software/php/etc/php.ini [root@itchenyi-04 ldap]# Service php-fpm restart Gracefully shutting down php-fpm. Done Starting php-fpm Done
|
2. Install Lam (LDAP account Manager)
code is as follows |
copy code |
python[ root@itchenyi-04 mnt]# tar jxf ldap-account-manager-4.4.tar.bz2 [root@itchenyi-04 mnt]# CD ldap-account-manager-4.4 [root@itchenyi-04 ldap-account-manager-4.4]#./configure--with-httpd-user=www-- With-httpd-group=www--with-web-root=/data/www.itchenyi.com/lam [root@itchenyi-04 ldap-account-manager-4.4]# Make install LAM files installed Make[1]: Entering directory '/mnt/ldap-account-manager-4.4 ' Make[1]: Leaving directory '/mnt/ldap-account-manager-4.4 ' HTML docs installed in/usr/local/lam/html Cat install.sh >install chmod a+x install |
Configure it
The code is as follows |
Copy Code |
python[root@itchenyi-04 ldap-account-manager-4.4]# cd/data/www.itchenyi.com/lam/config/ [root@itchenyi-04 config]# CP config.cfg_sample config.cfg [root@itchenyi-04 config]# CP lam.conf_sample lam.conf [root@itchenyi-04 config]# Cat lam.conf | Egrep-v "^#|^$" serverurl:ldap://1.1.1.5:389 Admins:cn=manager,dc=itchenyi,dc=com passwd: {ssha}rjbrujctxzedcbjpqdrbkdasqey= iuelea== Treesuffix:dc=itchenyi,dc=com Defaultlanguage:en_gb.utf8:utf-8:english (Great Britain) ScriptPath: Scriptserver: scriptrights:750 Cachetimeout:5 searchlimit:0 modules:posixaccount_minuid:10000 modules:posixaccount_maxuid:30000 modules:posixaccount_minmachine:50000 modules:posixaccount_maxmachine:60000 modules:posixgroup_mingid:10000 modules:posixgroup_maxgid:20000 Modules:posixGroup_pwdHash:SSHA Modules:posixAccount_pwdHash:SSHA Activetypes:user,group,host,smbdomain Types:suffix_user:ou=people,dc=itchenyi,dc=com Types:attr_user: #uid; #givenName #sn; #uidNumber; #gidNumber Types:modules_user:inetorgperson,posixaccount,shadowaccount,sambasamaccount Types:suffix_group:ou=group,dc=itchenyi,dc=com Types:attr_group: #cn; #gidNumber #memberUID; #description Types:modules_group:posixgroup,sambagroupmapping Types:suffix_host:ou=machines,dc=itchenyi,dc=com Types:attr_host: #cn; #description #uidNumber; #gidNumber Types:modules_host:account,posixaccount,sambasamaccount Types:suffix_smbdomain:dc=itchenyi,dc=com Types:attr_smbDomain:sambaDomainName:Domain Name;sambasid:domain SID Types:modules_smbDomain:sambaDomain Lampromailsubject:your Password was reset Lampromailtext:dear @ @givenName @@ @ @sn @@,+::++::+your password is reset to: @ @newPassword @@+::++::++::+best regards+: : ++::+deskside support+::+ [root@itchenyi-04 config]# chown www:www/data/www.itchenyi.com/lam/-R |
First login to remind you to create according to the preset organizational relationships in the configuration file!
-
Create an organizational structure
The LDAP account Manager provides a number of functions, such as a tree-like structure
Create a new group from the Web
Create a new user, generalize to a new group
View User ~
Query for all data under the root domain:
The code is as follows |
Copy Code |
python[root@itchenyi-04 config]#/software/openldap/bin/ldapsearch-x-B "dc=itchenyi,dc=com"-P 389-h 1.1.1.5 # extended LDIF # # LDAPv3 # base <dc=itchenyi,dc=com> with scope subtree # Filter: (objectclass=*) # Requesting:all # # itchenyi.com Dn:dc=itchenyi,dc=com Objectclass:dcobject Objectclass:organization O:www.itchenyi.com,blog. Dc:itchenyi # Manager, itchenyi.com Dn:cn=manager,dc=itchenyi,dc=com Objectclass:organizationalrole Cn:manager # people, itchenyi.com Dn:ou=people,dc=itchenyi,dc=com Objectclass:organizationalunit Ou:people # Group, itchenyi.com Dn:ou=group,dc=itchenyi,dc=com Objectclass:organizationalunit Ou:group # test-itcy, group, itchenyi.com Dn:cn=test-itcy,ou=group,dc=itchenyi,dc=com Objectclass:posixgroup Description:test OpenLDAP gidnumber:10000 Cn:test-itcy # Itchenyi, People, itchenyi.com Dn:cn=itchenyi,ou=people,dc=itchenyi,dc=com Objectclass:posixaccount Objectclass:inetorgperson Objectclass:organizationalperson Objectclass:person HomeDirectory:/home/itchenyi Loginshell:/bin/bash Uid:itchenyi Cn:itchenyi uidnumber:10000 gidnumber:10000 Description:test Sn:itchenyi Postofficebox:itchenyi@gmail.com # machines, itchenyi.com Dn:ou=machines,dc=itchenyi,dc=com Objectclass:organizationalunit Ou:machines # Search Result Search:2 result:0 Success # Numresponses:8 # numentries:7 |
Query SN matches data at the beginning of Itchenyi:
The code is as follows |
Copy Code |
python[ root@itchenyi-04 config]#/software/openldap/bin/ldapsearch-x-B "dc=itchenyi,dc=com" "sn=itchenyi*"-P 389-h 1.1.1.5< br> # extended LDIF # # LDAPv3 # base <dc=itchenyi,dc=com> with scope subtree # filter:sn=i tchenyi* # Requesting:all # # Itchenyi, people, itchenyi.com Dn:cn=itchenyi,ou=people,dc=itchenyi, dc=com Objectclass:posixaccount Objectclass:inetorgperson Objectclass:organizationalperson Objectclass:person HomeDirectory:/home/itchenyi Loginshell:/bin/bash Uid:itchenyi Cn:itchenyi uidnumber:10000 gidnumber:10000 description:test Sn:itchenyi postofficebox:itchenyi@gmail.com p># Search Result search:2 result:0 Success # numresponses:2 # numentries:1 |
That's it, my demand is not this, mainly to help care about my Bo friends, mainly or time limit people, otherwise you can share, learn together, hehe ~ ~ ~ ~