1、服务安装
安装依赖:yum install php70-ldap.x86_64 -y (版本尽量大于5.3,否则会提示更新php程序)
yum install httpd -y
如果出现yum下没有php包解决方案No package php available
(1)检查当前安装的php包
yum list installed | grep php
如果有安装的php包,先删除
yum remove php.x86_64 php-cli.x86_64 php-common.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mcrypt.x86_64 php-mysql.x86_64 php-pdo.x86_64
(2)更换yum源
Centos 5.X:
rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
CentOs 6.x:
rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
CentOs 7.X:
rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
查看当前系统php版本,php -v ,centos一般自带php版本5.4,需升级到7,如下所示:
1、查看yum的可安装的php版本列表
yum provides php
2、开始升级PHP更新源
(1)rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
(2) rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
(3)yum remove php-common -y
(4)yum install -y php72w php72w-opcache php72w-xml php72w-mcrypt php72w-gd php72w-devel php72w-mysql php72w-intl php72w-mbstring
3、查看版本已经升级到7,php -v
3、配置apache
/etc/httpd/conf.d/self-service-password.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName 192.168.4.209
DocumentRoot /usr/share/self-service-password
DirectoryIndex index.php
AddDefaultCharset UTF-8
<Directory "/usr/share/self-service-password">
AllowOverride None
Require all granted
</Directory>
LogLevel warn
ErrorLog /var/log/httpd/ssp_error_log
CustomLog /var/log/httpd/ssp_access_log combined
</VirtualHost>
4、配置self service password
vim /usr/share/self-service-password/conf/config.inc.php
#关闭 问题验证 和 短信验证(视个人需要):
$use_questions=false;
$use_sms= false;
#配置 LDAP
$ldap_url = "ldap://ldap.xxxxx.net";
$ldap_starttls = false;
$ldap_binddn = "cn=Manager,dc=ldap,dc=xxxxxx,dc=net";
$ldap_bindpw = "xxxxxxxxx";
$ldap_base = "dc=ldap,dc=xxxxxx,dc=net";
$ldap_login_attribute = "cn"; ##如果登陆失败,查看用户是uid还是cn
$ldap_fullname_attribute = "cn";
$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
$who_change_password = "manager"; #指定LDAP 以什么用户身份更改密码
#配置邮件
$mail_from = "elk@xxxxx.com";
$mail_from_name = "企业账号密码重置";
$mail_signature = "";
$notify_on_change = true; #密码修改成功后,向用户发送通知邮件
$mail_sendmailpath = '/usr/sbin/sendmail'; #需安装sendmail服务 yum install -y sendmail
$mail_protocol = 'smtp';
$mail_smtp_debug = 0;
$mail_debug_format = 'html';
$mail_smtp_host = 'smtp.gmail.com';
$mail_smtp_auth = true;
$mail_smtp_user = 'elk@xxxxxx.com';
$mail_smtp_pass = 'xxxxxx';
$mail_smtp_port = 587;
$mail_smtp_timeout = 30;
$mail_smtp_keepalive = false;
$mail_smtp_secure = 'tls';
$mail_contenttype = 'text/plain';
$mail_wordwrap = 0;
$mail_charset = 'utf-8';
$mail_priority = 3;
$mail_newline = PHP_EOL;
5、重启httpd
systemctl restart httpd
6、访问页面
http://192.168.4.209
遇到以下错误
修改配置: $keyphrase = "secret"; ---> $keyphrase = "ldapchangepasswd"; #任意字符串 路径:/usr/share/self-service-password/conf/config.inc.php
再重启httpd