首页 > 代码库 > 04-openldap-数据库配置
04-openldap-数据库配置
[root@ldap-server ldap]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
[root@ldap-server ldap]# chown -R ldap:ldap /etc/openldap/
[root@ldap-server ldap]# chown -R ldap:ldap /var/lib/ldap/
[root@ldap-server ldap]# chmod 700 /var/lib/ldap/
[root@ldap-server ldap]#
[root@ldap-server ldap]# ls /var/lib/ldap/
DB_CONFIG
[root@ldap-server ldap]# slaptest -u
config file testing succeeded
[root@ldap-server ldap]#
最终的配置文件
[root@ldap-server ldap]# egrep -v ‘^#|^.*#‘ /etc/openldap/slapd.conf
include/etc/openldap/schema/corba.schema
include/etc/openldap/schema/core.schema
include/etc/openldap/schema/cosine.schema
include/etc/openldap/schema/duaconf.schema
include/etc/openldap/schema/dyngroup.schema
include/etc/openldap/schema/inetorgperson.schema
include/etc/openldap/schema/java.schema
include/etc/openldap/schema/misc.schema
include/etc/openldap/schema/nis.schema
include/etc/openldap/schema/openldap.schema
include/etc/openldap/schema/ppolicy.schema
include/etc/openldap/schema/collective.schema
allow bind_v2
pidfile/var/run/openldap/slapd.pid
argsfile/var/run/openldap/slapd.args
TLSCACertificatePath /etc/openldap/certs
TLSCertificateFile "\"OpenLDAP Server\""
TLSCertificateKeyFile /etc/openldap/certs/password
access to *
by self write
by anonymous auth
by * read
databasebdb
suffix"dc=etiantian,dc=org"
checkpoint2048 10
rootdn"cn=admin,dc=etiantian,dc=org"
loglevel296
cachesize1000
directory/var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
rootpw{SSHA}+OjqniWD7vyzN9D9vRbYRE6KvI3Hjrw1
启动ldap
[root@ldap-server ldap]# /etc/init.d/slapd restart
停止 slapd: [失败]
正在启动 slapd: [确定]
[root@ldap-server ldap]#
[root@ldap-server ldap]# chkconfig slapd on
[root@ldap-server ldap]# chkconfig --list slapd
slapd 0:关闭1:关闭2:启用3:启用4:启用5:启用6:关闭
[root@ldap-server ldap]#
[root@ldap-server ldap]# lsof -i:389
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
slapd 1470 ldap 7u IPv4 11434 0t0 TCP *:ldap (LISTEN)
slapd 1470 ldap 8u IPv6 11435 0t0 TCP *:ldap (LISTEN)
[root@ldap-server ldap]#
[root@ldap-server ldap]# ps -ef |grep ldap
ldap 1470 1 0 10:53 ? 00:00:00 /usr/sbin/slapd -h ldap:/// ldapi:/// -u ldap
root 1481 1287 0 10:55 pts/0 00:00:00 grep ldap
[root@ldap-server ldap]#
[root@ldap-server ldap]# tail -f /var/log/ldap.log
Mar 25 10:59:51 ldap-server slapd[1603]: @(#) $OpenLDAP: slapd 2.4.40 (May 10 2016 23:30:49) $#012#011mockbuild@worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.40/openldap-2.4.40/build-servers/servers/slapd
启动校验是否正确:
[root@ldap-server ldap]# ldapsearch -LLL -W -x -H ldap://etiantian.org -D "cn=admin,dc=etiantian,dc=org" -b "dc=etiantian,dc=org"
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
[root@ldap-server ldap]#
解决办法:
root@ldap-server ldap]# rm -rf /etc/openldap/slapd.d/*
[root@ldap-server ldap]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
[root@ldap-server ldap]# chown -R ldap:ldap /etc/openldap/
[root@ldap-server ldap]# /etc/init.d/slapd restart
停止 slapd: [确定]
正在启动 slapd: [确定]
[root@ldap-server ldap]#
[root@ldap-server ldap]# ldapsearch -LLL -W -x -H ldap://etiantian.org -D "cn=admin,dc=etiantian,dc=org" -b "dc=etiantian,dc=org"
Enter LDAP Password:
No such object (32) #表示正确
[root@ldap-server ldap]#本文出自 “砖家博客” 博客,请务必保留此出处http://wsxxsl.blog.51cto.com/9085838/1910268
04-openldap-数据库配置
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。