OpenLDAP 安装指南
一:安装db-
tar -xvzf db-
cd db-
cd build_unix/
../dist/configure
../dist/configure --help
../dist/configure --prefix=/usr/local/BerkeleyDB
Make && make install
vi /etc/ld.so.conf 打开文件
添加 /usr/local/BerkeleyDB/lib
装载配置ldconfig
二: 安装cyrus-sasl
tar –zxvf cyrus-sasl-
cd cyrus-sasl-
./configure
make
make install
三:安装openldap
tar -xvzf openldap-
cd openldap-
env CPPFLAGS=-I/usr/local/BerkeleyDB/include LDFLAGS=-L/usr/local/BerkeleyDB/lib ./configure --prefix=/usr/local/openldap --enable-bdb
make
make test
出现如下错误的话
cd tests; make test
make[1]: entering directory `/home/liudan/openldap-
make[2]: entering directory `/home/liudan/openldap-
initiating ldap tests for bdb...
running ./scripts/all...
>>>>> executing all ldap tests for bdb
>>>>> starting test000-rootdse ...
running defines.sh
starting slapd on tcp/ip port 9011...
using ldapsearch to retrieve the root dse…
waiting 5 seconds for slapd to start …
waiting 5 seconds for slapd to start …
./scripts/test000-rootdse: line 61: kill: (3538) – no such process
ldap_bind: can’t contact ldap server (-1)
…
通过查看slapd.1.log
root@gregorian:/tmp/openldap-
daemon_init: ldap://localhost:9011/
daemon_init: listen on ldap://localhost:9011/
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://localhost:9011/)
daemon: initialized ldap://localhost:9011/
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: sasl library version mismatch: expected
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
redhat 9默认安装的是
再从新安装cyrus sasl library,再次安装openldap
./configure && make depend && make && make test && make install
安装完成。
四:改配置文件:
/usr/local/openldap/sbin/slappasswd zhangadmin 生成密码
vi /usr/local/openldap/etc/sldap.conf
#注意include 载入问件错误。。。!
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/corba.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/dyngroup.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/java.schema
include /usr/local/openldap/etc/openldap/schema/misc.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/openldap.ldif
include /usr/local/openldap/etc/openldap/schema/openldap.schema
include /usr/local/openldap/etc/openldap/schema/ppolicy.schema
suffix "dc=focus,dc=cn"
rootdn "cn=Manager,dc=focus,dc=cn"
rootpw {SSHA}PJ+lzIhCFL1xn/FtheggYsxxS7Rbaop8
启动 /usr/local/openldap/libexec/slapd
kill -INT `cat /usr/local/openldap/var/run/slapd.pid` 停止
slapd侦听端口 389
初始化数据条目:
vi example.ldif
dn:dc=focus,dc=cn
objectclass:dcObject
objectclass:organization
o:Focus,Inc.
dc:focus
dn:cn=Manager,dc=focus,dc=cn
objectclass:organizationalRole
cn:Manager
每个条目之间要有空行
/usr/local/bin/ldapadd -x -D "cn=Manager,dc=focus,dc=cn" -W -f example.ldif
/usr/local/bin/ldapsearch -x -b ‘dc=focus,dc=cn‘ ‘(objectclass=*)‘
五:安装phpadminldap
phpldapAdmin 是免费的工具,可以管理OpenLDAP服务器,使用它透过浏览器就可管理OpenLDAP服务器。phpldapAdmin是一个开源工具,官方主页:http://phpldapadmin.sourceforge.net/ ,最新版本:
#cd /var/www/html/
# wegt http://jaist.dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-0.9.7.2.tar.gz
#gunzip phpldapadmin-0.9.7.2.tar.gz
#tar vxf phpldapadmin-0.9.7.2.tar
#cd phpldapadmin-0.9.7.2/config
#cp config.php.example config.php
如果详细了解phpldapadmin的的文件配置。查看官方文章!!
联系客服