Openldap configuration manual-Linux Enterprise Application-Linux server application information. See the following for details. Recently has been in the installation of opneldap-2.0.25, and now finally done, so to share with you, if you have any opinions, you can discuss:
1) the following four rpm packages must be installed:
Openldap-2.0.25-1.i386.rpm
Openldap-servers-2.0.25-1.i386.rpm
Openldap-clients-2.0.25-1.i386.rpm
Openldap-devel-2.0.25-1. i386.rpm
Openldap-2.0 * is a required suite, must first install; Openldap-servers * is the server suite; openldap-clients * is the operating program suite; openldap-devel * is the development tool suite.
If you need to use ldap for some advanced applications, you also need to install the following suite:
Auth_ldap *
Nss_ldap *
Php_ldap *
2) The next step is to configure
The configuration file is usually under/etc/openldap:
Ldapfilter. conf ldap. conf
Ldapsearchprefs. conf schema ldaptemplates. conf slapd. conf
The slapd. conf file is used to set the ldap server connection, enter the file, and modify the corresponding part:
In include/etc/openldap/schema /......
Add the complete scheme, that is, all the schemes under the schema directory.
In the "ldbm database definitions" section, run the suffix command to set the basic search path (BDN) of the ldap server ):
Suffix "dc = buct, dc = edu.cn"
Rootdn "cn = root, dc = buct, dc = edu.cn"
Rootpw 123456
Most of the other default settings are appropriate.
Then, check the two files to ensure that the server and client can be operated on the same machine:
/Etc/hosts:
127.0.0.1 localhost. localdomain localhost
202. xxx buct.edu.cn
/Etc/openldap/ldap. conf:
HOST 202.4.155.91
BASE dc = buct, dc = edu.cn
3) test Server:
# Service ldap start
# Ldapsearch? X? B '-s base' (objectclass = *)'
NamingContexts
If the configuration is correct, the following output should appear:
Version: 2
# Filter (objectclass = *)
# Requesting: namingContexts
Dn:
NamingContexts: dc = buct, dc = edu.cn
# Search result
Search: 2
Result: 0 success
# NumResponses: 2
# NumEntries: 1
If an error message is displayed, return and check the configuration.
4) The last step is to set some basic access control. Redhat adds the acl to the slapd. conf file:
# Define ACLs ...... Access control definitions
Access to dn = ". *, dc = buct, dc = edu.cn" attr = password
By dn = "cn = root, dc = buct, dc = edu.cn" write
By self write
By * read
Access to dn = ". *, dc = buct, dc = edu.cn"
By * read
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
