Tạm thời dùng hướng dẫn nay trong khi bạn chờ đợi VNLAMP mở khóa học nhé:
1. Trước tiên install với lệnh:
#apt-get install slapd ldap-utils
2. Sau đó bạn tạo một file "script.sh" với nội dung như sau:
#!/bin/sh
passwd=thaydoitoi
dc1=example
dc2=edu
dc3=vn
hash_pw=`slappasswd -s $passwd`
tmpdir=/tmp
#--------------------------------------------------------------#
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
#———————————————— —————-#
# database.ldif
#———————————————— —————-#
cat << EOF > $tmpdir/database.ldif
# Load dynamic backend modules
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
# Create directory database
dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=$dc1,dc=$dc2,dc=$dc3
olcRootDN: cn=admin,dc=$dc1,dc=$dc2,dc=$dc3
olcRootPW: $hash_pw
olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=$dc1,dc=$dc2,dc=$dc3" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=$dc1,dc=$dc2,dc=$dc3" write by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: uid pres,eq
olcDbIndex: cn,sn,mail pres,eq,approx,sub
olcDbIndex: objectClass eq
################################
# Modifications
################################
dn: cn=config
changetype: modify
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
delete: olcAccess
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=admin,cn=config
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: $hash_pw
dn: olcDatabase={0}config,cn=config
changetype: modify
delete: olcAccess
EOF
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f $tmpdir/database.ldif
####################################
# Mini DIT
####################################
cat << EOF > $tmpdir/dit.ldif
# Tree root
dn: dc=$dc1,dc=$dc2,dc=$dc3
objectClass: dcObject
objectclass: organization
o: $dc1.$dc2.$dc3
dc: $dc1
description: Tree root
# Populating
dn: cn=admin,dc=$dc1,dc=$dc2,dc=$dc3
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
userPassword: $hash_pw
description: LDAP administrator
dn: ou=people,dc=$dc1,dc=$dc2,dc=$dc3
ou: people
objectClass: organizationalUnit
objectClass: top
dn: ou=groups,dc=$dc1,dc=$dc2,dc=$dc3
ou: groups
objectClass: organizationalUnit
objectClass: top
dn: ou=addressbook,dc=$dc1,dc=$dc2,dc=$dc3
ou: addressbook
objectClass: top
objectClass: organizationalUnit
#Adding user
dn: uid=ldap1,ou=people,dc=$dc1,dc=$dc2,dc=$dc3
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: ldap1
sn: Asdasd
givenName: ldap1
cn: ldap1 Asdasd
displayName: ldap1 asdasd
uidNumber: 1002
gidNumber: 1000
userPassword: $hash_pw
gecos: ldap1 asdasd
loginShell: /bin/bash
homeDirectory: /home/ldap1
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: info@$dc1.$dc2.$dc3
postalCode: 0084
l: Mysity
o: $dc1
mobile: +84 0903666666
homePhone: +84 0903666666
title: System Administrator
postalAddress:
initials: LP
EOF
sudo ldapadd -x -D cn=admin,dc=$dc1,dc=$dc2,dc=$dc3 -W -f $tmpdir/dit.ldif
3. cuối cùng thực hiện lệnh:
#sh script.sh
- kiểm tra
#ldapsearch -D cn=admin,dc=example,dc=edu,dc=vn -W -x -b dc=example,dc=edu,dc=vn
4. Để quản trị bạn cần phải cài thêm "phpldapadmin"
-sử dụng
Đào tạo mã nguồn mở VNLAMP - Học Linux - Lập trình - Hệ thống Linux và login
Chú ý: Có nhiều cách cài đặt openldap, cần đọc kỹ script.sh để hiểu rõ hơn. Script đã được kiểm tra chạy tốt
Open LDAP -
07-11-2010, 14:7 07-11-2010
Linear Mode
