1、系统环境
Ubuntu 12.04.1
OpenLDAP server 2.4.28
2、 配置rootDn 和 root Passwod
openLDAP 2.3 和以后版本使用动态配置引擎,slapd-config(5). 尽管 slapd-config(5) 系统存储它的配置以基于文本的 ldif 文件。 你不能直接更改这些 LDIF 文件. 更改这些配置,你需要执行LDAP 操作: ldapadd, ldapdelete, ldapmodify
2.1 编写database_change.ldif
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=test,dc=com
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=admin,dc=test,dc=com
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: test
dn: olcDatabase={1}hdb,cn=config
replace: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=test,dc=com" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=test,dc=com" write by * read
然后执行命令 ldapmodify -Y EXTERNAL -H ldapi:/// -f database_change.ldif
3、 导入一些数据到ldap
3.1 编写data.ldif
dn: dc=test,dc=com
objectClass: top
objectClass: organization
objectClass: dcObject
dc: test
o: test
description: test
dn: ou=people,dc=test,dc=com
objectClass: organizationalUnit
ou: people
然后执行命令 ldapadd -D "cn=admin.dc=test,dc=com" -w test -f data.ldif
4 、加入新的schema
4.1 新建schema.ldif
dn: cn={4}relay2,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {4}relay2
olcObjectIdentifier: {0}relay2OID 1.3.6.1.4.1.8888
olcObjectIdentifier: {1}relay2Attr relay2OID:1
olcObjectIdentifier: {2}relay2Obj relay2OID:2
olcAttributeTypes: {0}( relay2Attr:1 NAME 'relay2Id' EQUALITY integerMatch SYN
TAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {1}( relay2Attr:2 NAME 'relay2Name' EQUALITY caseIgnoreIA5M
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {2}( relay2Attr:3 NAME 'relay2Type' SYNTAX 1.3.6.1.4.1.1466
.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {3}( relay2Attr:4 NAME 'relay2Value' EQUALITY caseIgnoreIA5
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
然后执行命令 ldapadd -Q -Y EXTERNAL -H ldapi:/// -f schema.ldif