LDAP Third Day MYSQL+LDAP installation

Source: Internet
Author: User
Tags ldap create database openldap

https://www.easysoft.com/applications/openldap/back-sql-odbc.html OPENLDAP uses SQL Server and Oracle databases.

https://www.cnblogs.com/bigbrotherer/p/7251372.html CentOS7 Installation Openldap+mysql+phpldapadmin

1. Installing and setting up the database

Under CentOS7, the default installed database is MARIADB, which belongs to a branch of the MySQL database, so I still use mariadb. The installation commands are:

Install Mariadb-server-y

Then start the database service:

[[Email protected] ~// Set boot start 

Make some basic settings for the database:

[Email protected] ~]# mysql_secure_installation

In the initial case, no password, direct return, it will automatically prompt you to reset the password, you can set your own database password. After the password is set to some other basic settings, are directly ' y ' or ' n ' can be solved, and control the hints given by it can be set. Then set the character set in the settings under/etc:

[[email protected] ~]# vim/etc/my.cnf# Add the following under the [Mysqld] tab: default-storage-engine =4096collation-server = utf8_general_cicharacter-set-server = utf8[[email protected] ~]# vim/etc/my.cnf.d/client.cnf# in [client] Under the label, add the following: default-character-set=utf8[[email protected] ~]# vim/etc/my.cnf.d/mysql-clients.cnf# in [MySQL] Below the label, add the following: Default-character-set=utf8       

Then restart the service:

[Email protected] ~]# systemctl restart MARIADB

The installation and setup of the database will probably be completed at this time. Because the database is to be finished with the LDAP backend database, create a new user LDAP and database LDAP as the database that connects to LDAP:

[Email protected] ~]# mysql-uroot-p

Add the LDAP user, set the password to LDAP, add the permissions to the LDAP user, and create a new database LDAP:

MariaDB [(None)]> CREATE DATABASE LDAP;
MariaDB [(None)]> CREATE USER‘Ldap‘@‘%' Identified by‘Ldap‘; MariaDB [(None)]> GRANT all privileges on ldap.* to‘Ldap "@" % ' ; MariaDB [(None)]> CREATE USER ' ldap ' @ ' localhost" Identified by "ldap" ; MariaDB [(None)]> GRANT all privileges on ldap.* to ' ldap "@" localhost ' ; MariaDB [(None)]> show databases;

Then exit the database and take the second step.

2. Install ODBC and configure the LDAP database

Direct Yum Installation:

Install UnixODBC MYSQL-CONNECTOR-ODBC

To create a connection profile Odbc.ini:

[[email protected] ~]# vim/etc/odbc.ini# Add the following [ldap]description = Ldaptomysqldriver = Mysqldatabase =  127.0.0.1User = Ldappassword =3306       

Verify that the connection is successful:

[[email protected] ~]# Isql-v LDAP

Enter the following interface:

Enter the command to view the database:

sql> show databases;


Connection Successful!

3. Download the installation and configure the OpenLDAP

Install LDAP into the/OPT directory:

[Email protected] ~]#YumInstallWgetMakeGCC Mysql-devel unixodbc-devel Groff-Y[[email protected] ~]# CD/Opt[[email protected] opt]#WgetFtp://Mirror.switch.ch/mirror/openldap/openldap-release/openldap-2.4.43.tgz[[email protected] opt]#Tar zxvf openldap-*. Tgz[[email Protected] opt]#RM-RF openldap-*.tgz[[email protected] opt]# MV Openldap-* openldap[[email protected] opt]# cd/opt/openldap[[email  protected] openldap]#./configure--prefix=/usr--exec-prefix=/usr--bindir=/usr/bin--sbindir=/usr/sbin-- Sysconfdir=/etc--datadir=/usr/share--localstatedir=/var--mandir=/usr/share/man-- Infodir=/usr/share/info--enable-sql--disable-bdb--disable-ndb--disable-hdb[[email protected] openldap]# make  depend[[email protected] openldap]# make[[email protected] openldap]# make install             

Now that the installation is complete, configure LDAP and first generate your own LDAP password:

[Email protected] openldap]# SLAPPASSWD

After you enter the password, it returns to an encrypted password, similar to "{ssha}xdett6s3mtzrsbhejl7olroqk0w1by1x". Then open the LDAP configuration file, which is in the/ETC/OPENLDAP directory:

[Email protected] openldap]# vim/etc/openldap/slapd.conf# below line 5th add the following content include/etc/openldap/schema/cosine.schemainclude/etc/openldap/schema/inetorgperson.schema# Modify the 55th row of the contents of the database sql# modify the 56th, 57 rows of the DC value (preferably set to example, Because you want to use LDAP database data later, if there are other values here, then the corresponding to the database to get rid of all the DN) suffix  " dc=example,dc=com " RootDN  "cn=manager,dc=example,dc=com"  #修改第61行rootpw的值, which is the previously acquired encryption password ROOTPW {ssha}hg2lg6bptgmgs/ dy7wo1f3exsky3vmbl# comment out the contents of line 65th and 67 #directory/var/openldap-data#index objectClass eq# In line 61st ROOTPW, add the following ROOTPW {ssha}xdett6s3mtzrsbhejl7olroqk0w1by1xdbname ldapdbuser ldapdbpasswd ldaphas_ldapinfo_dn _ru nosubtree_cond  "ldap_entries.dn like CONCAT ('% ',?)             

About the DC (domaincomponent) problem, in the https://www.bbsmax.com/A/WpdKKPaodV/This article explains very well, my installation configuration also learned from here.

In this case, the installation and configuration of OpenLDAP is complete, but LDAP cannot be run at this time because there is no corresponding table structure in the database, although LDAP can use a database other than BDB, but it must use the table structure it defines. The corresponding table structure in the /opt/openldap/servers/slapd/back-sql/rdbms_depend/ directory, the directory has a variety of database table structure, including MySQL, Oracle and PGSQL, etc. Into the MySQL directory, there are several SQL files:


Backsql_create.sql is the underlying table structure, no matter what other tables have, these tables must have; Testdb_create.sql is the table structure of the test, containing several table structures such as the person table; testdb_ Data.sql is the data in the test table; Testdb_metadata.sql is the data in the underlying table. Execute these SQL files into the database:

[Email protected] ~]# MYSQL-ULDAP-Penter Password:welcome to the MariaDB Monitor. Commands End With; or \g.your MariaDB connectionID is8Server version:5.5.52-MariaDB MariaDB Servercopyright (c)2000,2016, Oracle, MariaDB Corporation Ab and others. Type‘Help "or " \h" for help. Type  ' \c to clear The current input statement. MariaDB [(none)]> use ldapmariadb [ldap]> source/opt/openldap/servers/slapd/ Back-sql/rdbms_depend/mysql/backsql_create.sqlmariadb [ldap]> source/opt/ Openldap/servers/slapd/back-sql/rdbms_depend/mysql/testdb_create.sqlmariadb [LDAP] > Source/opt/openldap/servers/slapd/back-sql/rdbms_depend/mysql/testdb_ DATA.SQLMARIADB [ldap]> Source/opt/openldap/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql 

At this point, run LDAP:

'ldap:///ldapi:///'-f/etc/openldap/slapd.conf & 
4. Install and configure the LDAP management tool phpldapadmin

First install Apache and PHP:

Install httpd php php-ldap php-gd php-mbstring php-pear php-bcmath php-xml

Then install Phpldapadmin:

Install epel-Install phpldapadmin

Then modify the configuration file:

[Email protected] ~]# vim/etc/phpldapadmin/config.php#397 line uncomment, 398 lines add Comment $servers->setvalue (‘Login ",  ' attr",  ' dn " Span style= "color: #000000"); // $servers->setvalue (' login ', ' attr ', ' uid '); [[email protected] ~]# vim/etc/httpd/conf.d/ Phpldapadmin.conf// modify configuration <ifmodule mod_authz_core.c ># Apache 2.4require local# add a line of content, specify an accessible IP segment (not to run this administrative tool, I directly write the local IP) Require IP 192.168.85.132</IFMODULE>            

Set up boot and start Apache:

[[Email protected] ~]# systemctl enable Httpd[[email protected] ~]# systemctl start httpd
At this point phpldapadmin can access but may not be able to log on, this is related to the system SELinux, if SELinux is closed, there will be an error:
Error Unable to connect to LDAP server cloud-Lab.Comerror:Can't contact LDAP Server ( -1) for usererror Fa Iled to authenticate to Serverinvalid Username or Password.   

To open this configuration:

[Email protected] ~]# getsebool httpd_can_connect_ldaphttpd_can_connect_ldap-- off[[email protected] ~]# Setsebool-P httpd_can_connect_ldap on[[email protected] ~]# getsebool Httpd_can_connect_ldaphttpd_can_ Connect_ldap    -On

Browser Access Phpldapadmin:

http://(localhost or server address)/phpldapadmin/ 

Login phpldapadmin, user name password can be found in the Database LDAP table persons.

Login Successful Interface:

LDAP Third Day MYSQL+LDAP installation

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.