Shashikant shah

Wednesday, 29 August 2012

LDAP SERVER RHEL5.5


                          LDAP Configuration


ldap server ip – 192.168.0.10
hostname- shashi.example.com

1.Requirements-

@@@yum install openldap*@@@@
compat-openldap.i386 0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
openldap-2.3.43.12.el5.i386.rpm
nss_ldap-253-25.el5.i386.rpm

2.Create LDAP Password

#slappasswd
New password:
Re-enter new password:
{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW (copy)

3.Update /etc/openldap/slapd.conf

database bdb
suffix                "dc=example,dc=com"
rootdn              "cn=Manager,dc=example,dc=com"
rootpw      {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW  (past)

4.Apply Changes

# service ldap start
# service ldap restart
# chkconfig ldap on

5.Create user

#useradd shashi
#passwd shashi

#useradd unicom
#passwd unicom

6.Migrate local users to LDAP

#grep shashi /etc/passwd > /etc/openldap/passwd.shashi

#grep unicom /etc/passwd > /etc/openldap/passwd.unicom


7.Edit the migrate_common.ph


#cd /usr/share/openldap/migration/
#vim migrate_common.ph
$DEFAULT_MAIL_DOMAIN = “example.com”;
$DEFAULT_BASE = “dc=example,dc=com”;



8.Convert passwd file to ldif (LDAP Data Interchange Format) file

#/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.shashi /etc /openldap/shashi.ldif
#/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.unicom /etc /openldap/unicom.ldif


9.Same edit line in ldif file
# vim shashi.ldif
dc=example,dc=com
#vim unicom.ldif
dc=example,dc=com

10.Create a domain ldif file

# vim example.ldif
dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain

# vim people.ldif

dn: ou=people,dc=example,dc=com
ou: people
objectClass: top
objectClass: organizationalUnit

11.Import all users in to the LDAP

#ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f /etc/openldap/ shashi.ldif
 # ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f /etc/openldap/ example.ldif
# ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f /etc/openldap/ people.ldif
#ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f /etc/openldap/ unicom.ldif

12.CHECK for LDAP Server
# ldapsearch -x -h localhost -b “dc=example,dc=com”
# service ldap restart
13.Home dir for ldapuser
vim /etc/export
/home/shashi *(rw,sync)
/home/unicom *(rw,sync)

#cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

#chmod 600 /var/lib/ldap/DB_CONFIG

#chown -R ldap:ldap /var/lib/ldap/DB_CONFIG

# service nfs restart

# chkconfig nfs on


@@@@@@@@@@@@@@@CLIENT SIDE@@@@@@@@@@@@@@@@@


14.Add the LDAP server
#authconfig-tui
a. use ldap, ldap auth
b. 192.168.0.10 (server ip)
dc=example,dc=com
15.CHECK LDAP USER
# getent passwd (show all ldap user)
16.Use for Automount
# vim /etc/auto.master
/home /etc/auto.rhome
# vim /etc/auto.rhome
    * -rw,sync 192.168.0.10:/home/&
# service autofs restart
# chkconfig autofs on
17.Change user password-
# passwd unicom
# /usr/share/openldap/migration/migrate_passwd.pl
/etc/openldap/passwd.unicom /etc/openldap/unicom.ldif
# vim unicom.ldif
dc=example,dc=com
# ldapmodify -x -D “cn=Manager,dc=example,dc=com” -w ({redhat}ldap passwd) -f /etc/openldap/unicom.ldif  
@@@@@@@@@@@@@@@@@Finish@@@@@@@@@@@@@@@@@@@
 

No comments:

Post a Comment