LDAP next day-yum install LDAP + phpldapadmin

Last Update:2018-05-24 Source: Internet

Author: User

Tags ldap administrator password openldap

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

1. Install LDAP server and client, Migrationtools Toolkit

Yum Install -y openldap-servers openldap-clients migrationtools

2. Set OPENLDAP Administrator password

slappasswd
123456 123456

The encrypted password string is returned and the string is saved.
{Ssha} Gpezywuxyejxetnjc7ukxydxoercf3hb

3. Change the OPENLDAP configuration

See which files are installed

RPM-QL OpenLDAP
RPM-QL openldap-servers

Modify Configuration

Vim/etc/openldap/slapd.d/cn\=config\/olcdatabase\={2}hdb.ldif

Olcsuffix dc=mypaas,dc=  comolcrootdncn  =manager,dc=mypaas,dc=  com  #管理账号的用户名olcrootpw{SSHA}GPEZYWUXYEJXETNJC7UKXYDXOERCF3HB #管理账号的用户名

4. Change monitoring and certification configuration

Vim/etc/openldap/slapd.d/cn\=config\/olcdatabase\={1}monitor.ldif

Olcaccess: {0}to * by dn.base="gidnumber=0+uidnumber=0,cn=peercred,cn=extern Al,cn=auth "  dn.base= " cn=manager,dc=mypaas,dc=com " Read by * none

Same as Olcrootdn in Cn\=config\/olcdatabase\={2}hdb.ldif file

5. Set DB Cache

CP /usr/share/openldap-servers/db_config.example/var/lib/ldap/db_configchown -R ldap:ldap/var/lib/ldap/

6. Test configuration file

ConfigFile testing successed at the end of the show was successful.

7. Start OpenLDAP and Boot

Systemctl start Slapd.servicesystemctl Enable Slapd.service

8. Import templates

ls /etc/openldap/schema/*

III. installation of Web Management Services

1. Install HTTPD server

Yum Install httpd-y

2. Modify the configuration file httpd.conf

Find allowoverride row, modify none to all

<directory/>    allowoverride all    Require all denied</Directory>

If you want to modify the port number, modify the Listen 801 line

3. Start the service, test the page

systemctl start Httpd.servicesystemctl enable Httpd.servicecurl http: // 127.0.0.1/

4, Installation Phpldapadmin

Yum Install Phpldapadmin (if the package is not found, reset the yum source) Yum localinstall http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

5. Modify the configuration file

vim/etc/phpldapadmin/config.php

Find and cancel the comments for the following lines:

$servers->setvalue (' Server ', ' Host ', '127.0.  0.1'), $servers->setvalue (' Server ', ' Port ',389); $servers->setvalue (' Server ', ' base ', Array ('dc=mypaas,dc=com'));   # array Plus openldap config file set in olcsuffix$servers->setvalue ('login', ' Auth_type ', ' Session '); $ Servers->setvalue ('login

To comment out this line

# $servers->setvalue ('login', ' attr ', ' uid ');

6. Modify the access profile to allow any IP access

Vim/etc/httpd/conf.d/phpldapadmin.conf
Add a line of instructions to allow this IP segment to access

Require IP 192.168.0 #指定可访问的ip段 ( No access to this management tool is not required )

7. Create the base directory
Add base.ldif files under the/etc/openldap directory

cd/etc/openldap/
Vim Base.ldif

dn:dc=mypaas,dc=Como:ldapobjectclass:dcObjectobjectclass:organizationdc:mypaas

1. Create 1 admin accounts

[Email protected] ~]# vim test.ldif dn:dc=mypaas,dc=com
Objectclass:dcobject
Objectclass:organization
O:sys. Inc
Dc:mypaas

Dn:cn=manager,dc=mypaas,dc=com
Objectclass:organizationalrole
Cn:manager

"cn=manager,dc=mypaas,dc=com"-w-f test.ldif

Validation

'dc=mypaas,dc=com'(objectclass=*)'

2. Create 1 employees with departmental attributes edit ldif file

 [[email protected] ~]# vim test2.ldifdn:ou=it,dc=mypaas,dc=com 
 ou:it 
 objectclass:organizationalunit 
 
 Dn:cn=test1, ou=it,dc=mypaas,dc=com 
 Ou:it 
 cn:test1 
 sn:t1 
 Objectclass:inetorgperson 
 ObjectClass: Organizationalperson

# In fact, this is to create 1 departments "It", and then in the "it" department to create 1 employees, in fact, two commands.

Insert Database

"cn=manager,dc=mypaas,dc=com"-w-f test2.ldif

Validation

'dc=mypaas,dc=com'(objectclass=*)'

8. Restart HTTPD Service

Systemctl Restart Httpd.service

9. Access the Web management side

Access http://ip/phpldapadmin Login user name: cn=manager,dc=mypaas,dc=com

Iv. Frequently Asked Questions

1. httpd Cannot start

Check the logs with Systemctl status httpd first
1. If the port number is conflicting, modify the httpd.conf port number
2, Prompt no permissions: Check SELinux, whether the firewall is shut down or properly configured firewall

2, phpldapadmin user name password prompt error

Check if the parameters in the/etc/phpldapadmin/config.php are configured correctly

3. Phpldapadmin when creating sub-entries, the template cannot be selected

Do not import OpenLDAP schema file, execute the command under [section 1.8] to try

LDAP next day-yum install LDAP + phpldapadmin

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More