OpenLDAP: Instalando e Configurando um servidor OpenLDAP: Difference between revisions
No edit summary |
|||
| (10 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Passos para Instalar e Configurar o OpenLDAP | Passos para Instalar e Configurar o OpenLDAP. | ||
Atualizado para a versão 2.6 do OpenLDAP | |||
= Procedimento = | = Procedimento = | ||
| Line 8: | Line 9: | ||
1) Instalando os Pacotes | 1) Instalando os Pacotes | ||
yum update | yum update | ||
yum install -y openldap-servers openldap-clients | yum install -y openldap openldap-servers openldap-clients | ||
systemctl enable slapd | systemctl enable slapd | ||
| Line 17: | Line 18: | ||
slappasswd | slappasswd | ||
Salve o resultado, que devemos utilizar <SENHA_ENCRIPTADA_LDAP_ADMIN> | Salve o resultado, que devemos utilizar '''<SENHA_ENCRIPTADA_LDAP_ADMIN>''' | ||
3) Criar o arquivo db.ldif e adicionar o conteúdo | 3) Criar o arquivo db.ldif e adicionar o conteúdo | ||
dn: olcDatabase={2} | dn: olcDatabase={2}mdb,cn=config | ||
changetype: modify | changetype: modify | ||
replace: olcSuffix | replace: olcSuffix | ||
olcSuffix: '''dc= | olcSuffix: '''dc=test,dc=net''' | ||
dn: olcDatabase={2} | dn: olcDatabase={2}mdb,cn=config | ||
changetype: modify | changetype: modify | ||
replace: olcRootDN | replace: olcRootDN | ||
olcRootDN: cn=ldapadm,'''dc= | olcRootDN: cn=ldapadm,'''dc=test,dc=net''' | ||
dn: olcDatabase={2} | dn: olcDatabase={2}mdb,cn=config | ||
changetype: modify | changetype: modify | ||
replace: olcRootPW | replace: olcRootPW | ||
| Line 42: | Line 43: | ||
4) Criar o arquivo monitor.ldif e adicionar o conteúdo | 4) Criar o arquivo monitor.ldif e adicionar o conteúdo | ||
dn: olcDatabase={ | dn: olcDatabase={1}monitor,cn=config | ||
changetype: modify | changetype: modify | ||
replace: olcAccess | replace: olcAccess | ||
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,'''dc= | olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,'''dc=test,dc=net'''" read by * none | ||
Salve e feche o arquivo. Execute o comando | Salve e feche o arquivo. Execute o comando | ||
| Line 55: | Line 56: | ||
Executar o comando: | Executar o comando: | ||
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif | ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif | ||
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif | ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif | ||
| Line 67: | Line 64: | ||
6) Criar o arquivo base.ldif e adicionar o conteúdo | 6) Criar o arquivo base.ldif e adicionar o conteúdo | ||
dn: '''dc= | dn: '''dc=test,dc=net''' | ||
dc: ''' | dc: '''test''' | ||
objectClass: top | objectClass: top | ||
objectClass: domain | objectClass: domain | ||
dn: cn=ldapadm,'''dc= | dn: cn=ldapadm,'''dc=test,dc=net''' | ||
objectClass: organizationalRole | objectClass: organizationalRole | ||
cn: ldapadm | cn: ldapadm | ||
description: LDAP Manager | description: LDAP Manager | ||
dn: ou=People,'''dc= | dn: ou=People,'''dc=test,dc=net''' | ||
objectClass: organizationalUnit | objectClass: organizationalUnit | ||
ou: People | ou: People | ||
dn: ou=Group,'''dc= | dn: ou=Group,'''dc=test,dc=net''' | ||
objectClass: organizationalUnit | objectClass: organizationalUnit | ||
ou: Group | ou: Group | ||
dn: ou=Partners,'''dc=test,dc=net''' | |||
objectClass: organizationalUnit | |||
ou: Partners | |||
Salve e feche o arquivo. Execute o comando | Salve e feche o arquivo. Execute o comando | ||
ldapadd -x -w "'''< | ldapadd -x -w "'''<SENHA_LDAP_ADMIN>'''" -D "cn=ldapadm,'''dc=test,dc=net'''" -f base.ldif | ||
== Adicionando usuários == | == Adicionando usuários == | ||
| Line 99: | Line 100: | ||
8) Criar o arquivo add_users.ldif e adicionar o conteúdo | 8) Criar o arquivo add_users.ldif e adicionar o conteúdo | ||
dn: uid=ebasso,ou=People,'''dc= | dn: uid=ebasso,ou=People,'''dc=test,dc=net''' | ||
objectClass: top | objectClass: top | ||
objectClass: account | objectClass: account | ||
| Line 108: | Line 109: | ||
gidNumber: 10000 | gidNumber: 10000 | ||
homeDirectory: /home/ebasso | homeDirectory: /home/ebasso | ||
userPassword: <RESULTADO DO PASSO 7> | |||
dn: uid=partner01,ou=Partners,'''dc=test,dc=net''' | |||
objectClass: top | |||
objectClass: account | |||
objectClass: posixAccount | |||
cn: External Partner 01 | |||
uid: partner01 | |||
uidNumber: 10001 | |||
gidNumber: 10001 | |||
homeDirectory: /home/partner01 | |||
userPassword: <RESULTADO DO PASSO 7> | userPassword: <RESULTADO DO PASSO 7> | ||
| Line 113: | Line 125: | ||
Salve e feche o arquivo. Execute o comando | Salve e feche o arquivo. Execute o comando | ||
ldapadd -x -w "'''< | ldapadd -x -w "'''<SENHA_LDAP_ADMIN>'''" -D "cn=ldapadm,'''dc=test,dc=net'''" -f add_users.ldif | ||
Exemplo: Usando o Apache Directory Studio para visualizar - foto ilustrativa | |||
[[File:Ldap example using apache directory.png]] | |||
== Ver também == | == Ver também == | ||
Latest revision as of 22:38, 22 November 2024
Passos para Instalar e Configurar o OpenLDAP.
Atualizado para a versão 2.6 do OpenLDAP
Procedimento
Instalando
1) Instalando os Pacotes
yum update yum install -y openldap openldap-servers openldap-clients systemctl enable slapd systemctl start slapd
2) Definindo a senha
slappasswd
Salve o resultado, que devemos utilizar <SENHA_ENCRIPTADA_LDAP_ADMIN>
3) Criar o arquivo db.ldif e adicionar o conteúdo
dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=test,dc=net
dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=ldapadm,dc=test,dc=net
dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: <SENHA_ENCRIPTADA_LDAP_ADMIN>
Salve e feche o arquivo. Execute o comando
ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif
4) Criar o arquivo monitor.ldif e adicionar o conteúdo
dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,dc=test,dc=net" read by * none
Salve e feche o arquivo. Execute o comando
ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif
5) Configurar o DB_CONFIG
Executar o comando:
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
Configurando o Base
6) Criar o arquivo base.ldif e adicionar o conteúdo
dn: dc=test,dc=net dc: test objectClass: top objectClass: domain dn: cn=ldapadm,dc=test,dc=net objectClass: organizationalRole cn: ldapadm description: LDAP Manager dn: ou=People,dc=test,dc=net objectClass: organizationalUnit ou: People dn: ou=Group,dc=test,dc=net objectClass: organizationalUnit ou: Group dn: ou=Partners,dc=test,dc=net objectClass: organizationalUnit ou: Partners
Salve e feche o arquivo. Execute o comando
ldapadd -x -w "<SENHA_LDAP_ADMIN>" -D "cn=ldapadm,dc=test,dc=net" -f base.ldif
Adicionando usuários
7) Gerando a senha
slappasswd
Anotar o resultado
8) Criar o arquivo add_users.ldif e adicionar o conteúdo
dn: uid=ebasso,ou=People,dc=test,dc=net objectClass: top objectClass: account objectClass: posixAccount cn: Enio Basso uid: ebasso uidNumber: 10000 gidNumber: 10000 homeDirectory: /home/ebasso userPassword: <RESULTADO DO PASSO 7> dn: uid=partner01,ou=Partners,dc=test,dc=net objectClass: top objectClass: account objectClass: posixAccount cn: External Partner 01 uid: partner01 uidNumber: 10001 gidNumber: 10001 homeDirectory: /home/partner01 userPassword: <RESULTADO DO PASSO 7>
Salve e feche o arquivo. Execute o comando
ldapadd -x -w "<SENHA_LDAP_ADMIN>" -D "cn=ldapadm,dc=test,dc=net" -f add_users.ldif
Exemplo: Usando o Apache Directory Studio para visualizar - foto ilustrativa
Ver também
- OpenLDAP:Configurando um LDAP Proxy
- AWSTATS: Configurando o AWSTATS
- MySQL:Configurando o MySQL
- BIND: Configurando o suporte ao Active Directory