[go: up one dir, main page]
Scribd
Upload
43 views4 pages

Lab1 Ldap

The document provides instructions for setting up LDAP on a server. It includes steps to install LDAP packages and services, configure the LDAP server with a root password and schemas, create the LDAP directory structure with domains, organizational units, and an administrator account. It also mentions using an LDAP administration tool for managing user and group entries.

Uploaded by

No Bi Ta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
43 views4 pages

Lab1 Ldap

The document provides instructions for setting up LDAP on a server. It includes steps to install LDAP packages and services, configure the LDAP server with a root password and schemas, create the LDAP directory structure with domains, organizational units, and an administrator account. It also mentions using an LDAP administration tool for managing user and group entries.

Uploaded by

No Bi Ta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Bài thực hành LDAP

1. Cài đặt
#yum -y install openldap-servers openldap-clients
#cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
#chown ldap.ldap /var/lib/ldap/DB_CONFIG
# systemctl start slapd
# systemctl enable slapd
2. Cấu hình
Thiết lập mật khẩu quản trị LDAP
#slappasswd
Sửa file cấu hình
- Import RootPW
#vi chrootpw.ldif

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}xxxxxxxxxxxxxxxxxxxxxLDAPPASS1
# ldapadd -Y EXTERNAL -H ldapi:/// -f chrootpw.ldif
- Import các Schemas

ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif


ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
- Tạo mới RootPW
#slappasswd
- Cấu hình thay đổi
#vi chdomain.ldif

n: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by
dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
read by dn.base="cn=root,dc=xxx,dc=local" read by * none

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=xxx,dc=local

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=root,dc=xxx,dc=local

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}/B3LTxVPVeAiVHyNbuhCHqSoKG4dm9Rw

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
dn="cn=root,dc=xxx,dc=local" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=root,dc=xxx,dc=local" write by * read
- Apply cấu hình
# ldapmodify -Y EXTERNAL -H ldapi:/// -f chdomain.ldif
- Tạo Top Level Domain & OU
#vi basedomain.ldif

dn: dc=xxx,dc=local
objectClass: top
objectClass: dcObject
objectclass: organization
o: xxx
dc: xxx

dn: cn=root,dc=xxx,dc=local
objectClass: organizationalRole
cn: root
description: Directory Manager

dn: ou=People,dc=xxx,dc=local
objectClass: organizationalUnit
ou: People

dn: ou=Group,dc=xxx,dc=local
objectClass: organizationalUnit
ou: Group
- Apply cấu hình
# ldapadd -x -D cn=root,dc=xxx,dc=local -W -f basedomain.ldif
2.1.Sử dụng công cụ LDAP Admin để tạo/sửa/xóa

You might also like