OpenLDAP 安裝指南
一:安裝db-4.4.20數(shù)據(jù)庫
tar -xvzf db-4.4.20.tar.gz
cd db-4.4.20
cd build_unix/
../dist/configure
../dist/configure --help
../dist/configure --prefix=/usr/local/BerkeleyDB
Make && make install
vi /etc/ld.so.conf 打開文件
添加 /usr/local/BerkeleyDB/lib
裝載配置ldconfig
二: 安裝cyrus-sasl
tar –zxvf cyrus-sasl-2.1.20.tar.gz
cd cyrus-sasl-2.1.20
./configure
make
make install
三:安裝openldap
tar -xvzf openldap-2.3.20.tgz
cd openldap-2.3.20
env CPPFLAGS=-I/usr/local/BerkeleyDB/include LDFLAGS=-L/usr/local/BerkeleyDB/lib ./configure --prefix=/usr/local/openldap --enable-bdb
make
make test
出現(xiàn)如下錯誤的話
cd tests; make test
make[1]: entering directory `/home/liudan/openldap-2.3.4/tests‘
make[2]: entering directory `/home/liudan/openldap-2.3.4/tests‘
initiating ldap tests for bdb...
running ./scripts/all...
>>>>> executing all ldap tests for bdb
>>>>> starting test000-rootdse ...
running defines.sh
starting slapd on tcp/ip port 9011...
using ldapsearch to retrieve the root dse…
waiting 5 seconds for slapd to start …
waiting 5 seconds for slapd to start …
./scripts/test000-rootdse: line 61: kill: (3538) – no such process
ldap_bind: can’t contact ldap server (-1)
…
通過查看slapd.1.log
root@gregorian:/tmp/openldap-2.3.4/servers/slapd
daemon_init: ldap://localhost:9011/
daemon_init: listen on ldap://localhost:9011/
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://localhost:9011/)
daemon: initialized ldap://localhost:9011/
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: sasl library version mismatch: expected 2.1.20, got 2.1.10
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
redhat 9默認安裝的是2.1.10�����,刪除/usr/lib下所有的lib*sasl*so的文件���,
再從新安裝cyrus sasl library��,再次安裝openldap
./configure && make depend && make && make test && make install
安裝完成���。
四:改配置文件:
/usr/local/openldap/sbin/slappasswd zhangadmin 生成密碼
vi /usr/local/openldap/etc/sldap.conf
#注意include 載入問件錯誤。���。����。��!
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/corba.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/dyngroup.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/java.schema
include /usr/local/openldap/etc/openldap/schema/misc.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/openldap.ldif
include /usr/local/openldap/etc/openldap/schema/openldap.schema
include /usr/local/openldap/etc/openldap/schema/ppolicy.schema
suffix "dc=focus,dc=cn"
rootdn "cn=Manager,dc=focus,dc=cn"
rootpw {SSHA}PJ+lzIhCFL1xn/FtheggYsxxS7Rbaop8
啟動 /usr/local/openldap/libexec/slapd
kill -INT `cat /usr/local/openldap/var/run/slapd.pid` 停止
slapd偵聽端口 389
初始化數(shù)據(jù)條目:
vi example.ldif
dn:dc=focus,dc=cn
objectclass:dcObject
objectclass:organization
o:Focus,Inc.
dc:focus
dn:cn=Manager,dc=focus,dc=cn
objectclass:organizationalRole
cn:Manager
每個條目之間要有空行
/usr/local/bin/ldapadd -x -D "cn=Manager,dc=focus,dc=cn" -W -f example.ldif
/usr/local/bin/ldapsearch -x -b ‘dc=focus,dc=cn‘ ‘(objectclass=*)‘
五:安裝phpadminldap
phpldapAdmin 是免費的工具��,可以管理OpenLDAP服務(wù)器����,使用它透過瀏覽器就可管理OpenLDAP服務(wù)器���。phpldapAdmin是一個開源工具�,官方主頁:http://phpldapadmin./ ,最新版本:0.9.7.2 ��,下載安裝步驟:
#cd /var/www/html/
# wegt http://jaist.dl./sourceforge/phpldapadmin/phpldapadmin-0.9.7.2.tar.gz
#gunzip phpldapadmin-0.9.7.2.tar.gz
#tar vxf phpldapadmin-0.9.7.2.tar
#cd phpldapadmin-0.9.7.2/config
#cp config.php.example config.php
如果詳細了解phpldapadmin的的文件配置�。查看官方文章!����!
