1) the following four RPM packages must be installed:
Openldap-2.0.25-1.i386.rpm
Openldap-servers-2.0.25-1.i386.rpm
Openldap-clients-2.0.25-1.i386.rpm
Openldap-devel-2.0.25-1. i386.rpm
Openldap-2.0 * is a required suite, must first install; openldap-servers * is the server suite; openldap-clients * is the operating program suite; openldap-devel * is the development tool suite.
If you need to use LDAP for some advanced applications, you also need to install the following suite:
Auth_ldap *
Nss_ldap *
Php_ldap *
2) The next step is to configure
The configuration file is usually under/etc/OpenLDAP:
Ldapfilter. conf LDAP. conf
Ldapsearchprefs. conf schema ldaptemplates. conf slapd. conf
The slapd. conf file is used to set the LDAP server connection, enter the file, and modify the corresponding part:
In include/etc/OpenLDAP/Schema /......
Add the complete scheme, that is, all the schemes under the schema directory.
In the "ldbm database definitions" section, run the suffix command to set the basic search path (BDN) of the LDAP server ):
Suffix "DC = buct, Dc = edu.cn"
Rootdn "CN = root, Dc = buct, Dc = edu.cn"
Rootpw 123456
Most of the other default settings are appropriate.
Then, check the two files to ensure that the server and client can be operated on the same machine:
/Etc/hosts:
127.0.0.1 localhost. localdomain localhost
202. XXX buct.edu.cn
/Etc/OpenLDAP/ldap. conf:
Host 202.4.155.91
Base Dc = buct, Dc = edu.cn
3) test Server:
# Service LDAP start
# Ldapsearch-X-B '-s base' (objectclass = *)'
Namingcontexts
If the configuration is correct, the following output should appear:
Version: 2
# Filter (objectclass = *)
# Requesting: namingcontexts
DN:
Namingcontexts: DC = buct, Dc = edu.cn
# Search result
Search: 2
Result: 0 success
# Numresponses: 2
# Numentries: 1
If an error message is displayed, return and check the configuration.
4) The last step is to set some basic access control. RedHat adds the acl to the slapd. conf file:
# Define ACLs ...... Access Control Definitions
Access to DN = ". *, Dc = buct, Dc = edu.cn" ATTR = Password
By DN = "CN = root, Dc = buct, Dc = edu.cn" write
By self write
By * read
Access to DN = ". *, Dc = buct, Dc = edu.cn"
By * read
Restart the LDAP server.
Sorry, I want to ask when slapd. conf is set.
Suffix "DC = buct, Dc = edu.cn"
Rootdn "CN = root, Dc = buct, Dc = edu.cn"
What is DC? What does it mean? Should I fill in "RENEWAL?
What else should I set? Sorry, I'm weak.
/Etc/hosts:
127.0.0.1 localhost. localdomain localhost
202. XXX buct.edu.cn
/Etc/OpenLDAP/ldap. conf:
Host 202.4.155.91
Base Dc = buct, Dc = edu.cn
It doesn't matter. Let's learn it together!
Suffix "DC = buct, Dc = edu.cn"
Rootdn "CN = root, Dc = buct, Dc = edu.cn"
Is to define your LDAP search path. The DC mode is defined by domain name, and there is also the O = (organization), c = (region) mode. You can look at the relevant information more, these are the basis for building LDAP server data and should be well mastered.
/Etc/hosts:
127.0.0.1 localhost. localdomain localhost (this is the default host address in Linux and should be the same)
202. XXX buct.edu.cn (here is the IP address of your LDAP server and the baseline path you have defined)
/Etc/OpenLDAP/ldap. conf:
Host 202. XXX (IP address of the LDAP server)
Base Dc = buct, Dc = edu.cn