史上最全ldap自助密码修改服务环境搭建

于 2023-07-19 14:26:27 发布
阅读量673 收藏
点赞数
文章标签: linux centos 运维
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_41211204/article/details/131807719
版权

1、服务安装

安装依赖:yum install php70-ldap.x86_64 -y (版本尽量大于5.3,否则会提示更新php程序)

                  yum install httpd -y    

如果出现yum下没有php包解决方案No package php available

(1)检查当前安装的php包

yum list installed | grep php

 如果有安装的php包,先删除

yum remove php.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64

 (2)更换yum源

Centos 5.X:
rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
CentOs 6.x:
rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
CentOs 7.X:
rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

查看当前系统php版本,php -v  ,centos一般自带php版本5.4,需升级到7,如下所示:

1、查看yum的可安装的php版本列表

yum provides php

2、开始升级PHP更新源

(1)rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm

(2) rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

(3)yum remove php-common -y

(4)yum install -y php72w php72w-opcache php72w-xml php72w-mcrypt php72w-gd php72w-devel php72w-mysql php72w-intl php72w-mbstring

3、查看版本已经升级到7,php -v

3、配置apache 

  /etc/httpd/conf.d/self-service-password.conf

NameVirtualHost *:80
<VirtualHost *:80>
       ServerName 192.168.4.209
       DocumentRoot /usr/share/self-service-password
       DirectoryIndex index.php
       AddDefaultCharset UTF-8
      <Directory "/usr/share/self-service-password">
            AllowOverride None
            Require all granted
      </Directory>
      LogLevel warn   
      ErrorLog /var/log/httpd/ssp_error_log
      CustomLog /var/log/httpd/ssp_access_log combined
</VirtualHost>

4、配置self service password   

vim  /usr/share/self-service-password/conf/config.inc.php

#关闭 问题验证 和 短信验证(视个人需要):

            $use_questions=false;
            $use_sms= false;

#配置 LDAP
    $ldap_url = "ldap://ldap.xxxxx.net";
    $ldap_starttls = false;
    $ldap_binddn = "cn=Manager,dc=ldap,dc=xxxxxx,dc=net";   
    $ldap_bindpw = "xxxxxxxxx";
    $ldap_base = "dc=ldap,dc=xxxxxx,dc=net";
    $ldap_login_attribute = "cn";    ##如果登陆失败,查看用户是uid还是cn
    $ldap_fullname_attribute = "cn";
    $ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
              $who_change_password = "manager";   #指定LDAP 以什么用户身份更改密码

#配置邮件
    $mail_from = "elk@xxxxx.com";
    $mail_from_name = "企业账号密码重置";
    $mail_signature = "";
            $notify_on_change = true;      #密码修改成功后,向用户发送通知邮件
    $mail_sendmailpath = '/usr/sbin/sendmail';   #需安装sendmail服务 yum install -y sendmail
    $mail_protocol = 'smtp';
    $mail_smtp_debug = 0;
    $mail_debug_format = 'html';
    $mail_smtp_host = 'smtp.gmail.com';
    $mail_smtp_auth = true;
    $mail_smtp_user = 'elk@xxxxxx.com';
    $mail_smtp_pass = 'xxxxxx';
    $mail_smtp_port = 587;
    $mail_smtp_timeout = 30;
    $mail_smtp_keepalive = false;
    $mail_smtp_secure = 'tls';
    $mail_contenttype = 'text/plain';
    $mail_wordwrap = 0;
    $mail_charset = 'utf-8';
    $mail_priority = 3;
    $mail_newline = PHP_EOL;

5、重启httpd

systemctl restart httpd

6、访问页面

http://192.168.4.209

 遇到以下错误

 

修改配置: $keyphrase = "secret";   --->  $keyphrase = "ldapchangepasswd"; #任意字符串        路径:/usr/share/self-service-password/conf/config.inc.php

再重启httpd

qq_41211204
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值