linux下 ldap安装及使用

安装ldap:

yum install -y openldap openldap-servers openldap-clients openldap-devel

 

配置ldap:

cd /etc/openldap/

cp /usr/share/openldap-servers/slapd.conf.obsolete ./slapd.conf

 

执行下面命令创建密文密码:

slappasswd

{SSHA}KxwI67Nyx7DcIZ0CF2VZ8flzehuxKi1k

 

vi   slap.conf:

#

# database definitions

#

database bdb

suffix "dc=asiainfo,dc=com"

checkpoint 1024 15

rootdn "cn=root,dc=asiainfo,dc=com"

# Cleartext passwords, especially for the rootdn, should

# be avoided. See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

# rootpw secret

# rootpw {crypt}ijFYNcSNctBYg

rootpw {SSHA}KxwI67Nyx7DcIZ0CF2VZ8flzehuxKi1k

cd /var/lib/ldap

cp /usr/share/openldap-servers/DB_CONFIG.example ./DB_CONFIG

rm -rf /etc/openldap/slapd.d/*

chown -R ldap:ldap /etc/openldap/slapd.d

slaptest -u -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d

chown -R ldap:ldap /etc/openldap/slapd.d

service slapd restart

 

 

ldap添加用户:

cat /etc/passwd |grep ha_test> testpwd.in

/usr/share/migrationtools/migrate_passwd.pl testpwd.in > testpwd.ldif

ldapadd -x -D "cn=root,dc=asiainfo,dc=com" -w 123456 -f testpwd.ldif

ldapsearch -x -b 'dc=asiainfo,dc=com' |grep ha_test

ldapsearch -x -H ldap://host-10-1-236-51 -b "dc=asiainfo,dc=com" |grep uid=ha_test

 

 

ldap添加日志:

vi slapd.conf

loglevel 4095

vi /etc/rsyslog.conf

local4.* /var/log/openldap.log

 

ldap启动:

service rsyslog restart

service slapd restart

转载于:https://my.oschina.net/u/1755468/blog/1923299

你可能感兴趣的:(linux下 ldap安装及使用)