centos openldap [draft]



[root@localhost slapd.d]# cat db.ldif
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=ex,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=ldapadm,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}aKjC9y0eg2CGm3j


[root@localhost slapd.d]# ldapmodify -Y EXTERNAL  -H ldapi:/// -f db.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={2}hdb,cn=config"

modifying entry "olcDatabase={2}hdb,cn=config"

modifying entry "olcDatabase={2}hdb,cn=config"


[root@localhost slapd.d]# cat db.ldif
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=ex,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=ldapadm,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}aKjC9y0eg2CGm3j



[root@localhost cn=config]# cat certs.ldif
angetype: modify
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/certs/ex.pem

dn: cn=config
changetype: modify
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/certs/exldapkey.pem
[root@localhost cn=config]# ldapmodify -Y EXTERNAL  -H ldapi:/// -f certs.ldif


ldapsearch -x -b "dc=itzgeek,dc=local"

-----------

On CentOS / RHEL:
phpLDAPAdmin is not available in the main repository, so you need to enable EPEL repository for Redhat based derivatives.
### For RHEL 7 ###

# rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

### For CentOS 7 ###

# yum -y install epel-release

Install phpLDAPAdmin:

Now you can install phpLDAPAdmin using “yum” on CentOS and “apt-get” on Ubuntu respectively.
### CentOS 7 / RHEL 7 ###

# yum install -y phpldapadmin

Comments

Popular posts from this blog

HAproxy logging

teamcity Automatic Agent Start under Linux

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all