搭建搭到想吐yum -y install php php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt libmcrypt-devel php-fpm
yum -y install http
yum -y install openldap openldap-servers openldap-clients openldap-devel compat-openldap db4 db4-utils
1.创建slapd.conf配置文件
cat slapd.conf|grep -v "#"
include/etc/openldap/schema/corba.schema
include/etc/openldap/schema/core.schema
include/etc/openldap/schema/cosine.schema
include/etc/openldap/schema/duaconf.schema
include/etc/openldap/schema/dyngroup.schema
include/etc/openldap/schema/inetorgperson.schema
include/etc/openldap/schema/java.schema
include/etc/openldap/schema/misc.schema
include/etc/openldap/schema/nis.schema
include/etc/openldap/schema/openldap.schema
include/etc/openldap/schema/ppolicy.schema
include/etc/openldap/schema/collective.schema
allow bind_v2
pidfile/var/run/openldap/slapd.pid
argsfile/var/run/openldap/slapd.args
loglevel1
TLSCACertificatePath /etc/openldap/certs
TLSCertificateFile "\"OpenLDAP Server\""
TLSCertificateKeyFile /etc/openldap/certs/password
database config
access to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
by * none
database monitor
access to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
by dn.exact="cn=Manager,dc=my-domain,dc=com" read
by * none
databasebdb
suffix"dc=test,dc=com"
checkpoint1024 15
rootdn"cn=admin,dc=test,dc=com"
rootpwadmin
directory/var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
2.启动
/usr/sbin/slapd -f slapd.conf
web界面操作
3.版本 phpldapadmin-1.2.3
cat phpldapadmin.conf
#
# Web-based tool for managing LDAP servers
#
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs
Order Allow,Deny
Allow from all
Allow from 127.0.0.1
Allow from ::1
4.ldapadmin web界面建立ou
碰到PLA灰色,做下面的操作
vim base.ldif
dn: dc=test,dc=com
objectClass: dcObject
objectClass: organization
dc: test
o: Corporation
description: d Corporation
ldapadd -f base.ldif -x -D cn=admin,dc=test,dc=com -W
5.用命令建立系统cn,web界面也可以
vim zxy.ldif
# zxy, people, example.com
dn: uid=zxy,ou=people,dc=example,dc=com
uid: zxy
cn: zxy
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: 111111
shadowLastChange: 14323
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1005
gidNumber: 1005
homeDirectory: /home/zxy
ldapadd -f base.ldif -x -D cn=admin,dc=test,dc=com -W
ldapadd -x -D "cn=root,dc=example,dc=com" -W -f zxy.ldif
Ldapsearch -x –b “dc=example,dc=com"
注意事项是一些映射关系的对于,比如ldap的userid对应于一些系统不同字段。
应该有用吧。心累。
原文:http://szgb17.blog.51cto.com/340201/1940636