LDAP Configuration
ldap
server ip – 192.168.0.10
hostname-
shashi.example.com
1.Requirements-
@@@yum
install openldap*@@@@
compat-openldap.i386
0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
openldap-2.3.43.12.el5.i386.rpm
nss_ldap-253-25.el5.i386.rpm
2.Create
LDAP Password
#slappasswd
New
password:
Re-enter new password:
{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW (copy)
Re-enter new password:
{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW (copy)
3.Update
/etc/openldap/slapd.conf
database
bdb
suffix "dc=example,dc=com" rootdn "cn=Manager,dc=example,dc=com" rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW (past) 4.Apply Changes # service ldap start # service ldap restart # chkconfig ldap on 5.Create user #useradd shashi #passwd shashi #useradd unicom #passwd unicom
6.Migrate local users to LDAP
#grep shashi /etc/passwd > /etc/openldap/passwd.shashi
#grep
unicom /etc/passwd > /etc/openldap/passwd.unicom
7.Edit
the migrate_common.ph
#cd
/usr/share/openldap/migration/
#vim
migrate_common.ph
$DEFAULT_MAIL_DOMAIN
= “example.com”;
$DEFAULT_BASE
= “dc=example,dc=com”;
8.Convert passwd file to ldif (LDAP Data Interchange Format) file
#/usr/share/openldap/migration/migrate_passwd.pl
/etc/openldap/passwd.shashi /etc
/openldap/shashi.ldif
#/usr/share/openldap/migration/migrate_passwd.pl
/etc/openldap/passwd.unicom /etc
/openldap/unicom.ldif
9.Same
edit line in ldif file
#
vim shashi.ldif
dc=example,dc=com
#vim
unicom.ldif
dc=example,dc=com
10.Create a domain ldif file
#
vim example.ldif
dn:
dc=example,dc=com
dc:
example
objectClass:
top
objectClass:
domain
# vim people.ldif
dn: ou=people,dc=example,dc=com
ou: people
objectClass: top
objectClass:
organizationalUnit
11.Import all users in to the LDAP
#ldapadd
-x -D "cn=Manager,dc=example,dc=com" -w redhat -f
/etc/openldap/ shashi.ldif
#
ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f
/etc/openldap/ example.ldif
#
ldapadd -x -D "cn=Manager,dc=example,dc=com" -w redhat -f
/etc/openldap/ people.ldif
#ldapadd
-x -D "cn=Manager,dc=example,dc=com" -w redhat -f
/etc/openldap/ unicom.ldif12.CHECK for LDAP Server
#
ldapsearch -x -h
localhost -b “dc=example,dc=com”
#
service ldap restart
13.Home
dir for ldapuser
vim
/etc/export
/home/shashi
*(rw,sync)
/home/unicom
*(rw,sync)
#cp
/etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
#chmod
600 /var/lib/ldap/DB_CONFIG
#chown
-R ldap:ldap /var/lib/ldap/DB_CONFIG
#
service nfs restart
#
chkconfig nfs on
@@@@@@@@@@@@@@@CLIENT
SIDE@@@@@@@@@@@@@@@@@
14.Add
the LDAP server
#authconfig-tui
a.
use ldap, ldap auth
b.
192.168.0.10 (server ip)
dc=example,dc=com
15.CHECK
LDAP USER
#
getent passwd (show
all ldap user)
16.Use
for Automount
#
vim /etc/auto.master
/home
/etc/auto.rhome
#
vim /etc/auto.rhome
*
-rw,sync 192.168.0.10:/home/&
# service autofs
restart
#
chkconfig autofs on
17.Change
user password-
#
passwd unicom
#
/usr/share/openldap/migration/migrate_passwd.pl
/etc/openldap/passwd.unicom
/etc/openldap/unicom.ldif
#
vim unicom.ldif
dc=example,dc=com
#
ldapmodify -x -D “cn=Manager,dc=example,dc=com” -w
({redhat}ldap passwd)
-f
/etc/openldap/unicom.ldif
@@@@@@@@@@@@@@@@@Finish@@@@@@@@@@@@@@@@@@@
No comments:
Post a Comment