Open main menu

CDOT Wiki β

Changes

NAD810 LDAP LAB

8 bytes added, 03:01, 21 March 2009
OpenLDAP Server configuration details:
(1) Create an OpenLDAP database
<pre>
mkdir /var/lib/ldap/nad810.com
chown ldap.ldap /var/lib/ldap/nad810.com
chmod 700 /var/lib/ldap/nad810.com
</pre>
(2)Create an OpenLDAP “root” password and edit the OpenLDAP server's main configuration file “/etc/openldap/slapd.conf”
Only the LDAP's “rootdn” user can create, import, and export data into a LDAP database. You can use the slappasswd command to create a password and use it in the LDAP configuration file:
<pre>
slappasswd
{SSHA}3NVLOWwqIMka3OyIYLyGrrkirD0pU0Qx <-- Copy this to the slapd.conf file
</pre>
Add/Modify the slapd.conf to show the following (ldbm only supported up to Openldap 2.3, Openldap 2.4 only suppport bdb):
(4)Create an LDIF file for importing to the OpenLDAP database
a. add an user called “ldapuser”
useradd -g users ldapuser
passwd ldapuser
b. extract the passwd entry of ldapuser from /etc/passwd to a file called "entry.ldapuser"
grep ldapuser /etc/passwd > /etc/openldap/entry.ldapuser
c. extract the passwd entry of root from /etc/passwd to a file called "entry.root"
grep root /etc/passwd > /etc/openldap/entry.root
d. convert the entries for the "ldapuser" and "root" to LDIF format (ldif.ldapuser and ldif.root):
(Note that "\" at the end of the line is used to tell the shell that
with /usr/share/migrationtools/migrate_passwd.pl
e. edit ldif.ldapuser (change dc=pad1 to dc=nad810) 
dn: uid=ldapuser,ou=People,dc=padl,dc=com
uid: ldapuser
homeDirectory: /home/ldapuser
f. edit ldif.root (change dc=pad1 to dc=nad810)
dn: uid=root,ou=People,dc=padl,dc=com
uid: root