Custom Search

Monday, September 27, 2010

how configure and setup openldap example

*****************************

[root@localhost trunk]# yum install *openldap* -y

*****************************

[root@localhost trunk]# service ldap start

*****************************

[root@localhost trunk]# vim /etc/openldap/slapd.conf

database bdb
suffix "dc=localhost,dc=localdomain"
rootdn "uid=root,dc=localhost,dc=localdomain"
rootpw secret

*****************************

[root@localhost trunk]# service ldap restart

*****************************1

[root@localhost openldap]# vim /etc/openldap/root.ldif

dn: dc=localhost,dc=localdomain
objectclass: dcobject
objectClass: organization
o: example
dc: localhost

[root@localhost openldap]# /usr/bin/ldapadd -x -D 'uid=root,dc=localhost,dc=localdomain' -W -f /etc/openldap/root.ldif
Enter LDAP Password:
adding new entry "dc=localhost,dc=localdomain"

*****************************2

[root@localhost openldap]# vim /etc/openldap/user1.ldif

dn: uid=user1,dc=localhost,dc=localdomain
objectclass: top
objectclass: person
objectclass: inetorgperson
cn: user1
sn: Example Company
uid: user1
userPassword: 123456

[root@localhost ~]# /usr/bin/ldapadd -x -D 'uid=root,dc=localhost,dc=localdomain' -W -f /etc/openldap/user1.ldif
Enter LDAP Password:
adding new entry "dc=localhost,dc=localdomain"

*****************************

to delete user : admin

[root@xen-011 trunk]# ldapdelete -x -w secret -D 'uid=root,dc=localhost,dc=localdomain' "uid=admin,dc=localhost,dc=localdomain"


*******************************
ldapsearch -x -b 'dc=localhost,dc=localdomain' '(objectclass=*)'


*******************************


*****************************
ADD new attribute group-id
--------------------------

1)
[root@localhost schema]# vim /etc/openldap/schema/new_attribute.schema
attributetype ( 1.3.6.1.4.1.4203.666.1.93
NAME 'group-id'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )


2)
[root@localhost schema]# vim /etc/openldap/schema/new_object.schema
objectClass ( 1.3.6.1.4.1.4203.666.1.100
NAME 'MyCompany'
DESC 'MyCompany'
SUP inetOrgPerson
STRUCTURAL
MAY ( group-id $ c )
)


3)
[root@localhost openldap]# vim /etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema

include /etc/openldap/schema/new_attribute.schema
include /etc/openldap/schema/new_object.schema


4)
[root@localhost openldap]# service ldap restart
Stopping slapd: [ OK ]
Checking configuration files for slapd: bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2)
Expect poor performance for suffix dc=localhost,dc=localdomain.
config file testing succeeded
[ OK ]
Starting slapd: [ OK ]


5) vim /etc/openldap/user.ldif
dn: uid=smith,dc=localhost,dc=localdomain
objectclass: top
objectclass: person
objectclass: inetorgperson
objectclass: MyCompany <-------
cn: smith
group-id: adminGroup <--------
sn: usersGroup
uid: smith
userPassword: smith

[root@localhost openldap]# /usr/bin/ldapadd -x -D 'uid=root,dc=localhost,dc=localdomain' -W -f /etc/openldap/user.ldif
Enter LDAP Password:
adding new entry "uid=smith,dc=localhost,dc=localdomain"


*****************************

No comments:

Post a Comment