OpenLDAP: Instalando e Configurando um servidor OpenLDAP: Difference between revisions
No edit summary |
No edit summary |
||
| Line 45: | Line 45: | ||
changetype: modify | changetype: modify | ||
replace: olcAccess | replace: olcAccess | ||
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm, | olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,'''dc=company,dc=com'''" read by * none | ||
Salve e feche o arquivo. Execute o comando | Salve e feche o arquivo. Execute o comando | ||
ldapmodify -Y EXTERNAL -H ldapi:/// -f | ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif | ||
5) Configurar o DB_CONFIG | 5) Configurar o DB_CONFIG | ||
| Line 72: | Line 72: | ||
objectClass: domain | objectClass: domain | ||
dn: cn=ldapadm, | dn: cn=ldapadm,'''dc=company,dc=com''' | ||
objectClass: organizationalRole | objectClass: organizationalRole | ||
cn: ldapadm | cn: ldapadm | ||
| Line 99: | Line 99: | ||
8) Criar o arquivo add_users.ldif e adicionar o conteúdo | 8) Criar o arquivo add_users.ldif e adicionar o conteúdo | ||
dn: uid=ebasso,ou=People, | dn: uid=ebasso,ou=People,'''dc=company,dc=com''' | ||
objectClass: top | objectClass: top | ||
objectClass: account | objectClass: account | ||
Revision as of 20:14, 5 September 2020
Passos para Instalar e Configurar o OpenLDAP
Procedimento
Instalando
1) Instalando os Pacotes
yum update yum install -y openldap-servers openldap-clients systemctl enable slapd systemctl start slapd
2) Definindo a senha
slappasswd -h {SSHA} -s <COLOQUE_A_SENHA>
Salve o resultado
3) Criar o arquivo db.ldif e adicionar o conteúdo
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=company,dc=com
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=ldapadm,dc=company,dc=com
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: <RESULTADO DO PASSO 2>
Salve e feche o arquivo. Execute o comando
ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif
4) Criar o arquivo monitor.ldif e adicionar o conteúdo
dn: olcDatabase={2}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,dc=company,dc=com" read by * none
Salve e feche o arquivo. Execute o comando
ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif
5) Configurar o DB_CONFIG
Executar o comando:
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG chown ldap:ldap /var/lib/ldap/* ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
Configurando o Base
6) Criar o arquivo base.ldif e adicionar o conteúdo
dn: dc=company,dc=com dc: company objectClass: top objectClass: domain dn: cn=ldapadm,dc=company,dc=com objectClass: organizationalRole cn: ldapadm description: LDAP Manager dn: ou=People,dc=company,dc=com objectClass: organizationalUnit ou: People dn: ou=Group,dc=company,dc=com objectClass: organizationalUnit ou: Group
Salve e feche o arquivo. Execute o comando
ldapadd -x -w "<SENHA_DO_LDAPADM>" -D "cn=ldapadm,dc=company,dc=com" -f base.ldif
Adicionando usuários
7) Gerando a senha
slappasswd -h {SSHA} -s <SENHA>
Anotar o resultado
8) Criar o arquivo add_users.ldif e adicionar o conteúdo
dn: uid=ebasso,ou=People,dc=company,dc=com objectClass: top objectClass: account objectClass: posixAccount cn: Enio Basso uid: ebasso uidNumber: 10000 gidNumber: 10000 homeDirectory: /home/ebasso userPassword: <RESULTADO DO PASSO 8>
Salve e feche o arquivo. Execute o comando
ldapadd -x -w "<SENHA_DO_LDAPADM>" -D "cn=ldapadm,dc=company,dc=com" -f add_users.ldif
Ver também
- OpenLDAP:Configurando um LDAP Proxy
- AWSTATS: Configurando o AWSTATS
- MySQL:Configurando o MySQL
- BIND: Configurando o suporte ao Active Directory