Oracle Linux/OpenLDAP
From r00tedvw.com wiki
(Difference between revisions)
(→Setup Domain) |
|||
Line 29: | Line 29: | ||
... | ... | ||
olcRootDN: cn=ldapadmin,dc=localhost,dc=localdomain</nowiki> | olcRootDN: cn=ldapadmin,dc=localhost,dc=localdomain</nowiki> | ||
+ | Finally make sure you update the ldap admin and domain in <code>olcDatabase\=\{1\}monitor.ldif</code> as well. | ||
+ | <nowiki>~$ sudo vim /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif | ||
+ | ... | ||
+ | olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter | ||
+ | nal,cn=auth" read by dn.base="cn=ldapadmin,dc=localhost,dc=localdomain" read by * n | ||
+ | one</nowiki> | ||
=Startup= | =Startup= | ||
<nowiki>~$ sudo service slapd start | <nowiki>~$ sudo service slapd start | ||
~$ sudo service slapd status</nowiki> | ~$ sudo service slapd status</nowiki> |
Revision as of 14:44, 12 November 2018
OpenLDAP
Contents |
Overview
Installed on CentOS 6
Installation
~$ sudo yum install -y openldap openldap-clients openldap-servers
Configuration
LDAP User Account
Setup new user account for ldap admin
~$ sudo useradd ldapadmin -d /home/ldapadmin/ -G wheel ~$ sudo passwd ldapadmin
Set as LDAP Admin
Set new admin as LDAP admin
~$ sudo vim /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif ... olcRootDN: cn=ldapadmin,dc=my-domain,dc=com
Setup LDAP Admin password
Create a SHA hash of the desired password for the ldap admin and add it to the ldap config. The parameter may not exist in the config file, you may need to add it.
~$ slappasswd ~$ sudo vim /etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif ... olcRootPW: {SSHA}1pgok6qWn24lpBkVreTDboTr81rg4QC6
Setup Domain
~$ sudo vim /etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif ... olcSuffix: dc=localhost,dc=localdomain
Make sure you also update the olcRootDN
to match your new domain
~$ sudo vim /etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif ... olcRootDN: cn=ldapadmin,dc=localhost,dc=localdomain
Finally make sure you update the ldap admin and domain in olcDatabase\=\{1\}monitor.ldif
as well.
~$ sudo vim /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif ... olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter nal,cn=auth" read by dn.base="cn=ldapadmin,dc=localhost,dc=localdomain" read by * n one
Startup
~$ sudo service slapd start ~$ sudo service slapd status