Install and configure OpenLDAP server Solaris10
单位有一台Sparc Solaris10,配置Openldap Server在上面
bash-3.00# uname
-a
SunOS cnbjnis1 5.10
Generic_118833-17 sun4u sparc SUNW,UltraAX-i2
bash-3.00# isainfo
-v
64-bit sparcv9
applications
vis
32-bit sparc
applications
vis v8plus div32 mul32
bash-3.00# isainfo
-b
64
Prepare
1. Download Package from
http://www.sunfreeware.com/indexsparc10.html
- openldap-2.4.11-sol10-sparc-local.gz
- openssl-0.9.8j
- sasl-2.1.21
- db-4.2.52.NC
- gcc-3.4.6
Before you install OpenLDAP Package, Firstly install others.
2. Unzip file
*-sol10-sparc-local.gz
3. Installation
*-sol10-sparc-local
4. ENV
set
Solaris太多因env
而引起的问题
export LD_NOVERSION=yes
bash-3.00# export PATH=$PATH:/usr/local/sbin
# useradd -u 55 -g 55 -d /home/ldap -s /bin/false ldap
6. create Openldap Data
folder
/usr/local/var/openldap-data
# chmod 700 /usr/local/var/openldap-data
# chown –R ldap:daemon /usr/local/var/openldap-data
# chown –R ldap:daemon /usr/local/etc/openldap
Installation and Configure
Steps:
1.bash-3.00# vi slapd.conf
#
include
/usr/local/etc/openldap/schema/core.schema
include
/usr/local/etc/openldap/schema/cosine.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
include
/usr/local/etc/openldap/schema/nis.schema
# Define global ACLs to
disable default read access.
pidfile
/usr/local/var/run/slapd.pid
argsfile
/usr/local/var/run/slapd.args
#
Directives needed to implement policy:
access to
dn.base=”” by * read
access to
dn.base=”cn=Subschema” by * read
access to
*
by self write
by users read
by anonymous auth
#
database
bdb
suffix
“dc=abc,dc=com”
rootdn
“cn=root,dc=abc,dc=com”
rootpw
secret
directory
/usr/local/var/openldap-data
# Indices to
maintain
index
objectClass
eq,pres
index
ou,cn,mail,surname,givenname
eq,pres,sub
index
uidNumber,gidNumber,loginShell
eq,pres
index
uid,memberUid
eq,pres,sub
index
nisMapName,nisMapEntry
eq,pres,sub
2. bash-3.00# vi base.ldif
dn:
dc=abc,dc=com
dc: asia
objectClass:
top
objectClass:
domain
dn:
ou=people,dc=abc,dc=com
ou: people
objectClass:
top
objectClass:
organizationalUnit
dn:
ou=qa,dc=abc,dc=com
ou: qa
objectClass:
top
objectClass:
organizationalUnit
3.bash-3.00# vi passwd.ldif
dn:
uid=ldap1,ou=people,dc=abc,dc=com
uid: ldap1
cn: ldap1
objectClass:
account
objectClass:
posixAccount
objectClass:
top
objectClass:
shadowAccount
userPassword:
aaa123
shadowLastChange:
13950
shadowMax:
99999
shadowWarning:
7
loginShell:
/bin/tcsh
uidNumber:
10001
gidNumber:
10002
homeDirectory:
/tmp/ldap1
4.bash-3.00# vi group.ldif
dn:
cn=ldapuser,ou=qa,dc=abc,dc=com
objectClass:
top
objectClass:
posixGroup
gidNumber: 10002
5.Configure DB config
bash-3.00# cp
/usr/local/etc/openldap/DB_CONFIG.example
/usr/local/var/openldap-data/DB_CONFIG
6.Start Slapd
bash-3.00#
/usr/local/libexec/slapd
7.Add LDIF
bash-3.00# ldapadd -D
“cn=root,dc=abc,dc=com” -f base.ldif -w
secret
bash-3.00# ldapadd -D
“cn=root,dc=abc,dc=com” -f passwd.ldif -w
secret
bash-3.00#
ldapadd -D “cn=root,dc=abc,dc=com” -f
group.ldif -w secret
8.Check DB record Data
bash-3.00#
slapcat
bdb_monitor_db_open:
monitoring disabled; configure monitor database to
enable
dn:
dc=abc,dc=com
dc: asia
objectClass:
top
objectClass:
domain
structuralObjectClass:
domain
entryUUID:
4a27a464-95a4-102d-9751-4d76310c754f
creatorsName:
cn=root,dc=abc,dc=com
createTimestamp:
20090223031747Z
entryCSN:
20090223031747.826608Z#000000#000#000000
modifiersName:
cn=root,dc=abc,dc=com
modifyTimestamp:
20090223031747Z
dn:
ou=people,dc=abc,dc=com
ou: people
objectClass:
top
objectClass:
organizationalUnit
structuralObjectClass:
organizationalUnit
entryUUID:
4a2a14b0-95a4-102d-9752-4d76310c754f
creatorsName:
cn=root,dc=abc,dc=com
createTimestamp:
20090223031747Z
entryCSN:
20090223031747.842600Z#000000#000#000000
modifiersName:
cn=root,dc=abc,dc=com
modifyTimestamp:
20090223031747Z
dn:
uid=ldap1,ou=people,dc=abc,dc=com
uid: ldap1
cn: ldap1
objectClass:
account
objectClass:
posixAccount
objectClass:
top
objectClass:
shadowAccount
userPassword::
YWFhMTIz
shadowLastChange:
13950
shadowMax:
99999
shadowWarning:
7
loginShell:
/bin/tcsh
uidNumber:
10001
gidNumber:
10002
homeDirectory:
/tmp/ldap1
structuralObjectClass:
account
entryUUID:
2065ad86-95a6-102d-8b86-bf691587d087
creatorsName:
cn=root,dc=abc,dc=com
createTimestamp:
20090223033056Z
entryCSN:
20090223033056.762319Z#000000#000#000000
modifiersName:
cn=root,dc=abc,dc=com
modifyTimestamp:
20090223033056Z
dn:
cn=ldapuser,ou=qa,dc=abc,dc=com
objectClass:
top
objectClass:
posixGroup
gidNumber:
10002
structuralObjectClass:
posixGroup
cn: ldapuser
entryUUID:
81b68e26-9695-102d-9174-27873c9839ad
creatorsName:
cn=root,dc=abc,dc=com
createTimestamp:
20090224080429Z
entryCSN:
20090224080429.749742Z#000000#000#000000
modifiersName:
cn=root,dc=abc,dc=com
modifyTimestamp:
20090224080429Z
9. Go to configure LDAP client
Thanks a lot for your help.
Had some problems with OpenLdap version, but a newer version resolved the problems.
good