参考了一些其他人写的一些关于安装配置OpenLDAP的文章,于是乎手痒痒也自己动手尝试了一下安装与配置OpenLDAP,并安装PhpLdapAdmin用来通过WEB界面去管理LDAP。
下面就详细介绍如何一步步安装配置LDAP服务器,仅供参考~
1 yum安装OpenLDAP
- <span style="font-size:14px;">[root@ha-3 yum.repos.d]# yum install openldap openldap-* -y
- [root@ha-3 yum.repos.d]# rpm -qa | grep openldap
- openldap-servers-2.4.40-12.el6.x86_64
- openldap-devel-2.4.40-12.el6.x86_64
- openldap-servers-sql-2.4.40-12.el6.x86_64
- openldap-clients-2.4.40-12.el6.x86_64
- openldap-2.4.40-12.el6.x86_64
- </span>
2 配置ldap,包括准备DB_CONFIG和slapd.conf
- <span style="font-size:14px;">[root@ha-3 yum.repos.d]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
- [root@ha-3 yum.repos.d]# cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf</span>
3 生成ldap管理员密码
- <span style="font-size:14px;">[root@ha-3 yum.repos.d]# slappasswd -s ldap123
- {SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ</span>
4 修改slapd.conf,主要配置dc和rootpw,rootpw配置为上述步骤中的密码
- <span style="font-size:14px;">database bdb
- suffix "dc=esgyn,dc=com"
- checkpoint 1024 15
- rootdn "cn=Manager,dc=esgyn,dc=com"
- # Cleartext passwords, especially for the rootdn, should
- # be avoided. See slappasswd(8) and slapd.conf(5) for details.
- # Use of strong authentication encouraged.
- # rootpw secret
- # rootpw {crypt}ijFYNcSNctBYg
- rootpw {SSHA}iVje00GFFMDTkymLvxTF3lA7aRgiWRwZ</span>
5 检测并重新生成ldap数据库
- <span style="font-size:14px;">[root@cent-1 slapd.d]# ls
- cn=config cn=config.ldif
- [root@cent-1 slapd.d]# rm -rf *
- [root@cent-1 slapd.d]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d/
- config file testing succeeded</span>
6 修改相关ldap文件权限
- <span style="font-size:14px;">[root@ha-3 yum.repos.d]# chown -R ldap:ldap /var/lib/ldap/
- [root@ha-3 yum.repos.d]# chown -R ldap:ldap /etc/openldap/</span>
7 启动slapd服务
