Home | Mirror | Search |
过程 1.1. Configure Openldap
配置/etc/ldap.conf
# # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example, dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never HOST 127.0.0.1 BASE dc=bg7nyt,dc=cn TLS_CACERTDIR /etc/openldap/cacerts
配置/etc/slapd.conf
suffix "dc=bg7nyt,dc=cn" rootdn "cn=Manager,dc=bg7nyt,dc=cn" rootpw {crypt}ijFYNcSNctBYg
rootpw 默认是 secret
crypt 密码产生很简单,很多语言里都有crypt(key,salt)函数,不过最简单的办法是,使用UNIX Shadow 密码,使用apache的htpasswd生成
如果你想使用更复杂的加密算法,可以参考我的另一篇文章《信息安全与加密》
ldap 脚本
service ldap {start|stop|restart|status|condrestart}
or
/etc/init.d/ldap {start|stop|restart|status|condrestart}
[root@backup openldap]# service ldap Usage: /etc/init.d/ldap {start|stop|restart|status|condrestart} [root@backup openldap]# service ldap start Checking configuration files for : config file testing succeeded Starting slapd: [ OK ] [root@backup openldap]# service ldap restart Stopping slapd: [ OK ] Checking configuration files for slapd: config file testing succeeded Starting slapd: [ OK ] [root@backup openldap]# service ldap stop Stopping slapd: [ OK ] [root@backup openldap]#
reconfigure
sudo dpkg-reconfigure slapd