# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
include/usr/local/openldap/etc/openldap/schema/core.schema
include/usr/local/openldap/etc/openldap/schema/collective.schema
include/usr/local/openldap/etc/openldap/schema/corba.schema
include/usr/local/openldap/etc/openldap/schema/cosine.schema
include/usr/local/openldap/etc/openldap/schema/duaconf.schema
include/usr/local/openldap/etc/openldap/schema/dyngroup.schema
include/usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include/usr/local/openldap/etc/openldap/schema/java.schema
include/usr/local/openldap/etc/openldap/schema/misc.schema
include/usr/local/openldap/etc/openldap/schema/nis.schema
include/usr/local/openldap/etc/openldap/schema/openldap.schema
include/usr/local/openldap/etc/openldap/schema/pmi.schema
include/usr/local/openldap/etc/openldap/schema/ppolicy.schema
# Define global ACLs to disable default read access.
.....
#######################################################################
# BDB database definitions
#######################################################################
databasebdb
suffix"dc=test"
rootdn"cn=Manager,dc=test"
# Cleartext passwords, especially for the rootdn, should
# be avoid.See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpwsecret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory/usr/local/openldap/var/openldap-data
# Indices to maintain
indexobjectClasseq
2)启动ldap服务
# ./slapd
查看服务是否起来:#lsof-i :389
3)建立DN节点
执行命令:#/usr/local/openldap/bin/ldapadd -x -D 'cn=Manager,dc=zte' -W
输入密码:secret
复制以下内容增加到系统里:
dn: dc=test
objectclass: top
objectclass: dcobject
objectclass: organization
dc: test
o: test
按Ctrl+d存盘
4)建立OU#/usr/local/openldap/bin/ldapadd -x -D 'cn=Manager,dc=zte' -W
输入密码:secret
复制以下内容增加到系统里:
dn: u=test,dc=test
ou: test
objectclass: organizationalUnit
按Ctrl+d存盘
5.连接openldap1)在windows下,双击打开工具LdapAdmin.exe
点击Start -->Connect双击“New connection”,
Connection name:随便填写
Host:填写你安装opendlap的主机IP
Base:ou=test,dc=test--上面创建的DN和OU
去掉“Anonymous connection”前面的钩,
Username:cn=Manager,dc=test--上面配置文件slapd.conf中的rootdn
Password:secret--上面配置文件slapd.conf中的rootpw点击Test Connection会提示连接成功;点击OK保存设置。
6.注意事项当遇到连接不成功的时候,一定要去检查配置文件rootpwsecret
是否行首和行尾有空格;或者关闭防火墙再试下。
如果是防火墙的问题#vi /etc/sysconfig/iptables
在文件里加入
-A INPUT -p tcp -m tcp --dport 389 -j ACCEPT
保存后重启防火墙
#service iptables restart
然后再连接一下
a.重启后永久性生效:
开启:chkconfig iptables on
关闭:chkconfig iptables off
b.即时生效,重启后失效:
开启:service iptables start
关闭:service iptables stop
7.设置开机启动
#chkconfig --add slapd
#chkconfig slapd on