OpenLDAP installation and configuration: Difference between revisions
m (using an external editor) |
m (using an external editor) |
||
Line 74: | Line 74: | ||
=== Importing an LDIF file === | === Importing an LDIF file === | ||
/opt/sfw/sbin/slapadd | /opt/sfw/sbin/slapadd -v -l your-ldif-file.ldif | ||
=== The startup script === | === The startup script === | ||
Line 81: | Line 81: | ||
<pre> | <pre> | ||
.... | |||
</pre> | |||
< | === Testing with a client === | ||
To connect to your LDAP server, make sure that the port is open both on your client machine and the server machine. By default LDAP uses port 389. | |||
We suggest to install "Apache Directory Studio". To configure a connection to an LDAP server: Menu->LDAP->New connection | |||
In the Authentication tab enter: | |||
Bind DN or user: <the root dn you defined above> | |||
[[Category:Installation tips]] | [[Category:Installation tips]] |
Revision as of 14:42, 9 January 2008
Introduction
OpenLDAP is the most popular free LDAP server.
Configuration notes for solaris 10
There is an OpenLDAP version included in a typical installation. You can find it here:
/opt/sfw /opt/sfw/sbin - links to binaries /opt/sfw/libexec - binaries /opt/sfw/etc/openldap - configuration files /opt/sfw/var/openldap-data - default data /opt/sfw/var/run - PID of the server
- Binaires in /opt/sfw/sbin
slapadd -> ../libexec/slapd slapcat -> ../libexec/slapd slapdn -> ../libexec/slapd slapindex -> ../libexec/slapd slappasswd -> ../libexec/slapd slaptest -> ../libexec/slapd slapcat -> ../libexec/slapd slapdn -> ../libexec/slapd slapindex -> ../libexec/slapd slappasswd -> ../libexec/slapd slaptest -> ../libexec/slapd
The configuration file
Location:
/opt/sfw/etc/openldap/sladpd.conf
You will have to define
- What schemas to load in
- Where datafiles and pidfile etc. go
- What users are allowed to do
Here is a fictional example (comments taken away from the original):
include /opt/sfw/etc/openldap/schema/core.schema include /opt/sfw/etc/openldap/schema/cosine.schema include /opt/sfw/etc/openldap/schema/inetorgperson.schema include /opt/sfw/etc/openldap/schema/nis.schema # Add your own include /opt/sfw/etc/openldap/schema/tecfa.schema pidfile /opt/sfw/var/run/slapd.pid argsfile /opt/sfw/var/run/slapd.args security ssf=1 update_ssf=112 simple_bind=64 access to attr=userpassword by self write by anonymous auth access to * by self write by users read by anonymous read database bdb # Suffix and root dn, adjust to your own organization suffix "o=tecfa.unige.ch" rootdn "uid=root, o=tecfa.unige.ch" rootpw secret directory /opt/sfw/var/openldap-data index objectClass eq
You may want to put the data and schema files in some other place than the default, since you may by mistake kill them after an upgrade of the system. e.g. I used /var/openldap instead of /open/sfw/var/
Importing an LDIF file
/opt/sfw/sbin/slapadd -v -l your-ldif-file.ldif
The startup script
To start/stop automatically the server you can write a script like this, put it in /etc/init.d and then make links from /etc/rc3.d, /etc/rc0.d etc.
....
Testing with a client
To connect to your LDAP server, make sure that the port is open both on your client machine and the server machine. By default LDAP uses port 389.
We suggest to install "Apache Directory Studio". To configure a connection to an LDAP server: Menu->LDAP->New connection
In the Authentication tab enter:
Bind DN or user: <the root dn you defined above>