首页 > 代码库 > 04-openldap-数据库配置

04-openldap-数据库配置

[root@ldap-server ldap]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
[root@ldap-server ldap]# chown -R ldap:ldap /etc/openldap/
[root@ldap-server ldap]# chown -R ldap:ldap /var/lib/ldap/
[root@ldap-server ldap]# chmod 700  /var/lib/ldap/
[root@ldap-server ldap]#
[root@ldap-server ldap]# ls  /var/lib/ldap/
DB_CONFIG
[root@ldap-server ldap]# slaptest  -u
config file testing succeeded
[root@ldap-server ldap]#
最终的配置文件
[root@ldap-server ldap]# egrep -v ‘^#|^.*#‘  /etc/openldap/slapd.conf
include/etc/openldap/schema/corba.schema
include/etc/openldap/schema/core.schema
include/etc/openldap/schema/cosine.schema
include/etc/openldap/schema/duaconf.schema
include/etc/openldap/schema/dyngroup.schema
include/etc/openldap/schema/inetorgperson.schema
include/etc/openldap/schema/java.schema
include/etc/openldap/schema/misc.schema
include/etc/openldap/schema/nis.schema
include/etc/openldap/schema/openldap.schema
include/etc/openldap/schema/ppolicy.schema
include/etc/openldap/schema/collective.schema
allow bind_v2
pidfile/var/run/openldap/slapd.pid
argsfile/var/run/openldap/slapd.args
TLSCACertificatePath /etc/openldap/certs
TLSCertificateFile "\"OpenLDAP Server\""
TLSCertificateKeyFile /etc/openldap/certs/password
access to *
by self write
by anonymous auth
by * read
databasebdb
suffix"dc=etiantian,dc=org"
checkpoint2048 10
rootdn"cn=admin,dc=etiantian,dc=org"
loglevel296
cachesize1000
directory/var/lib/ldap
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
rootpw{SSHA}+OjqniWD7vyzN9D9vRbYRE6KvI3Hjrw1
启动ldap
[root@ldap-server ldap]# /etc/init.d/slapd  restart
停止 slapd:                                               [失败]
正在启动 slapd:                                           [确定]
[root@ldap-server ldap]#
[root@ldap-server ldap]# chkconfig  slapd  on
[root@ldap-server ldap]# chkconfig --list  slapd
slapd          0:关闭1:关闭2:启用3:启用4:启用5:启用6:关闭
[root@ldap-server ldap]#
[root@ldap-server ldap]# lsof -i:389
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
slapd   1470 ldap    7u  IPv4  11434      0t0  TCP *:ldap (LISTEN)
slapd   1470 ldap    8u  IPv6  11435      0t0  TCP *:ldap (LISTEN)
[root@ldap-server ldap]#
[root@ldap-server ldap]# ps -ef |grep ldap
ldap       1470      1  0 10:53 ?        00:00:00 /usr/sbin/slapd -h  ldap:/// ldapi:/// -u ldap
root       1481   1287  0 10:55 pts/0    00:00:00 grep ldap
[root@ldap-server ldap]#
[root@ldap-server ldap]# tail -f /var/log/ldap.log
Mar 25 10:59:51 ldap-server slapd[1603]: @(#) $OpenLDAP: slapd 2.4.40 (May 10 2016 23:30:49) $#012#011mockbuild@worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.40/openldap-2.4.40/build-servers/servers/slapd




启动校验是否正确:

[root@ldap-server ldap]# ldapsearch -LLL  -W  -x -H ldap://etiantian.org  -D "cn=admin,dc=etiantian,dc=org"  -b "dc=etiantian,dc=org"
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
[root@ldap-server ldap]#
解决办法:
root@ldap-server ldap]# rm -rf /etc/openldap/slapd.d/*
[root@ldap-server ldap]# slaptest   -f /etc/openldap/slapd.conf  -F  /etc/openldap/slapd.d
[root@ldap-server ldap]# chown  -R ldap:ldap  /etc/openldap/
[root@ldap-server ldap]# /etc/init.d/slapd  restart
停止 slapd:                                               [确定]
正在启动 slapd:                                           [确定]
[root@ldap-server ldap]#
[root@ldap-server ldap]# ldapsearch -LLL  -W  -x -H ldap://etiantian.org  -D "cn=admin,dc=etiantian,dc=org"  -b "dc=etiantian,dc=org"
Enter LDAP Password:
No such object (32)  #表示正确
[root@ldap-server ldap]#

本文出自 “砖家博客” 博客,请务必保留此出处http://wsxxsl.blog.51cto.com/9085838/1910268

04-openldap-数据库配置