2. Configure
上一頁 第 1 章 OpenLDAP server (slapd) 下一頁
Home | Mirror | Search

2. Configure

過程 1.1. Configure Openldap

  1. 配置/etc/ldap.conf

    #
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE   dc=example, dc=com
#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never
HOST 127.0.0.1
BASE dc=bg7nyt,dc=cn
TLS_CACERTDIR /etc/openldap/cacerts

  2. 配置/etc/slapd.conf

    suffix          "dc=bg7nyt,dc=cn"
rootdn          "cn=Manager,dc=bg7nyt,dc=cn"
rootpw          {crypt}ijFYNcSNctBYg

    rootpw 預設是 secret

    crypt 密碼產生很簡單,很多語言裡都有crypt(key,salt)函數,不過最簡單的辦法是,使用UNIX Shadow 密碼,使用apache的htpasswd生成

    如果你想使用更複雜的加密算法,可以參考我的另一篇文章《信息安全與加密》

  3. ldap 腳本

    service ldap {start|stop|restart|status|condrestart}

    or

    /etc/init.d/ldap {start|stop|restart|status|condrestart}

    [root@backup openldap]# service ldap
Usage: /etc/init.d/ldap {start|stop|restart|status|condrestart}
[root@backup openldap]# service ldap start
Checking configuration files for : config file testing succeeded
Starting slapd:                                            [  OK  ]
[root@backup openldap]# service ldap restart
Stopping slapd:                                            [  OK  ]
Checking configuration files for slapd: config file testing succeeded
Starting slapd:                                            [  OK  ]
[root@backup openldap]# service ldap stop
Stopping slapd:                                            [  OK  ]
[root@backup openldap]#

reconfigure

sudo dpkg-reconfigure slapd
comments powered by Disqus
上一頁 上一級 下一頁
第 1 章 OpenLDAP server (slapd) 起始頁 3. 基本操作