LDAP next day-yum install LDAP + phpldapadmin

Source: Internet
Author: User
Tags ldap administrator password openldap

1. Install LDAP server and client, Migrationtools Toolkit

Yum Install -y openldap-servers openldap-clients migrationtools

2. Set OPENLDAP Administrator password

slappasswd
123456 123456

The encrypted password string is returned and the string is saved.
{Ssha} Gpezywuxyejxetnjc7ukxydxoercf3hb

3. Change the OPENLDAP configuration

See which files are installed

RPM-QL OpenLDAP
RPM-QL openldap-servers

Modify Configuration

Vim/etc/openldap/slapd.d/cn\=config\/olcdatabase\={2}hdb.ldif

Olcsuffix dc=mypaas,dc=  comolcrootdncn  =manager,dc=mypaas,dc=  com  #管理账号的用户名olcrootpw{SSHA}GPEZYWUXYEJXETNJC7UKXYDXOERCF3HB #管理账号的用户名 

4. Change monitoring and certification configuration

Vim/etc/openldap/slapd.d/cn\=config\/olcdatabase\={1}monitor.ldif

Olcaccess: {0}to * by dn.base="gidnumber=0+uidnumber=0,cn=peercred,cn=extern Al,cn=auth "  dn.base= " cn=manager,dc=mypaas,dc=com " Read by * none

Same as Olcrootdn in Cn\=config\/olcdatabase\={2}hdb.ldif file

5. Set DB Cache

CP /usr/share/openldap-servers/db_config.example/var/lib/ldap/db_configchown -R ldap:ldap/var/lib/ldap/

6. Test configuration file

ConfigFile testing successed at the end of the show was successful.

7. Start OpenLDAP and Boot

Systemctl start Slapd.servicesystemctl Enable Slapd.service

8. Import templates

ls /etc/openldap/schema/*

III. installation of Web Management Services

1. Install HTTPD server

Yum Install httpd-y

2. Modify the configuration file httpd.conf

Find allowoverride row, modify none to all

<directory/>    allowoverride all    Require all denied</Directory>

If you want to modify the port number, modify the Listen 801 line

3. Start the service, test the page

systemctl start Httpd.servicesystemctl enable Httpd.servicecurl http: // 127.0.0.1/

4, Installation Phpldapadmin

Yum Install Phpldapadmin (if the package is not found, reset the yum source) Yum localinstall http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

5. Modify the configuration file

vim/etc/phpldapadmin/config.php

Find and cancel the comments for the following lines:

$servers->setvalue (' Server ', ' Host ', '127.0.  0.1'), $servers->setvalue (' Server ', ' Port ',389); $servers->setvalue (' Server ', ' base ', Array ('dc=mypaas,dc=com'));   # array Plus openldap config file set in olcsuffix$servers->setvalue ('login', ' Auth_type ', ' Session '); $ Servers->setvalue ('login

To comment out this line

# $servers->setvalue ('login', ' attr ', ' uid ');

6. Modify the access profile to allow any IP access

Vim/etc/httpd/conf.d/phpldapadmin.conf
Add a line of instructions to allow this IP segment to access

Require IP 192.168.0 #指定可访问的ip段 ( No access to this management tool is not required )

7. Create the base directory
Add base.ldif files under the/etc/openldap directory

cd/etc/openldap/
Vim Base.ldif

dn:dc=mypaas,dc=Como:ldapobjectclass:dcObjectobjectclass:organizationdc:mypaas
1. Create 1 admin accounts

[Email protected] ~]# vim test.ldif dn:dc=mypaas,dc=com
Objectclass:dcobject
Objectclass:organization
O:sys. Inc
Dc:mypaas

Dn:cn=manager,dc=mypaas,dc=com
Objectclass:organizationalrole
Cn:manager

"cn=manager,dc=mypaas,dc=com"-w-f test.ldif 
Validation
'dc=mypaas,dc=com'(objectclass=*)'   
2. Create 1 employees with departmental attributes edit ldif file
 [[email protected] ~]# vim test2.ldifdn:ou=it,dc=mypaas,dc=com 
ou:it
objectclass:organizationalunit

Dn:cn=test1, ou=it,dc=mypaas,dc=com
Ou:it
cn:test1
sn:t1
Objectclass:inetorgperson
ObjectClass: Organizationalperson

# In fact, this is to create 1 departments "It", and then in the "it" department to create 1 employees, in fact, two commands.

Insert Database
"cn=manager,dc=mypaas,dc=com"-w-f test2.ldif 
Validation
'dc=mypaas,dc=com'(objectclass=*)'   

8. Restart HTTPD Service

Systemctl Restart Httpd.service

9. Access the Web management side

Access http://ip/phpldapadmin Login user name: cn=manager,dc=mypaas,dc=com

Iv. Frequently Asked Questions

1. httpd Cannot start

Check the logs with Systemctl status httpd first
1. If the port number is conflicting, modify the httpd.conf port number
2, Prompt no permissions: Check SELinux, whether the firewall is shut down or properly configured firewall

2, phpldapadmin user name password prompt error

Check if the parameters in the/etc/phpldapadmin/config.php are configured correctly

3. Phpldapadmin when creating sub-entries, the template cannot be selected

Do not import OpenLDAP schema file, execute the command under [section 1.8] to try

LDAP next day-yum install LDAP + phpldapadmin

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.