Installation
Here, I am not explain the installation in details.1. Check LDAP, LDAP over SSL, and LDAP over IPC, if you are not using yast2, you might be able to change the options in ldap configuration files.
Configuration
base dc=office,dc=goweekend,dc=ca
uri ldap://ldap.office.goweekend.ca
surfix dc=office,dc=goweekend,dc=ca
Administrator DN cn=Administrator,dc=office,dc=goweekend,dc=ca
restart ldap service
# service ldap restart
Population
Add your own schema
Add your own schema if necessary, if not, you can skip this section to load your groups/users.you can refer to /etc/openldap/schema/core.ldif to [rrepare your own schema. You can register your own OID from Internet Assigned Numbers Authority (IANA) by filling out the registration form http://pen.iana.org/pen/PenApplication.page, to check your existing OID number, go to page http://www.iana.org/assignments/enterprise-numbers/enterprise-numbers.
Or, you can dump existing schema from your existing ldap server by following below procedure. For instance, mylocal.schema
Find the included schema in slapd.conf, and copy those entries to /var/tmp/dump.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema
include /etc/openldap/schema/mylocal.schema
- Login into a Linux server which can connect to existing ldap server
- create /var/tmp/dump.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema
include /etc/openldap/schema/mylocal.schema - create folder /var/tmp/schema_dump
# mkdir -p /var/tmp/schema_dump - dump schema
# slaptest -f /var/tmp/dump.conf -F /var/tmp/schema_dump - copy the dump to new ldap server by scp, ftp ..., but I prefer tar and ssh
# tar -cf - /var/tmp/schema_dump | ssh ldap.office.goweekend.ca "cd /; tar -xf -" - modify /var/tmp/schema_dump/cn=config/cn=schema/cn={5}mylocal.ldif on new ldap server
From to dn: cn={5}mylocal ,cn=schema,cn=config cn: {5}mylocal mylocal
and remove below entries from the end
structuralObjectClass:
entryUUID:
creatorsName:
createTimestamp:
entryCSN:
modifiersName: cn=config
modifyTimestamp: - load your schema
# ldapadd -Y EXTERNAL -H ldapi:/// -f /var/tmp/schema_dump/cn\=config/cn\=schema/cn\=\{5\}mylocal.ldif
Load groups and users
Groups
# cat group.ldifdn: cn=administrators,dc=office,dc=goweekend,dc=ca
objectClass: groupofnames
objectClass: top
cn: administrators
member: cn=Administrator,dc=office,dc=goweekend,dc=ca
# ldapadd -h ldap.office.goweekend.ca -D "cn=Administrator,dc=office,dc=goweekend,dc=ca" -W -f group.ldif
to verify
# ldapsearch -h ldap.office.goweekend.ca -D "cn=Administrator,dc=office,dc=goweekend,dc=ca" -W '(cn=administrators)'
# extended LDIF
#
# LDAPv3
# base <dc=office,dc=goweekend,dc=ca> (default) with scope subtree
# filter: (cn=administrators)
# requesting: ALL
#
# administrators, goweekend.ca
dn: cn=administrators,dc=office,dc=goweekend,dc=ca
objectClass: groupOfNames
objectClass: top
cn: administrators
member: cn=Administrator,dc=office,dc=goweekend,dc=ca
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Users
# cat tomcatt.ldifdn: cn=Tom Catt,dc=office,dc=goweekend,dc=ca
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Tom Catt
sn: Catt
uid: tomcatt
givenName: Tom
mail: tomcatt@goweekend.ca
postalAddress: 1 Yonge St., North Pole, Canada
postalCode: H0H 0H0
telephoneNumber: 111-111-1111
title: Santa
userPassword:: RjFyc3RDMHQ=
# ldapadd -h ldap.office.goweekend.ca -D "cn=Administrator,dc=office,dc=goweekend,dc=ca" -W -f tomcatt.ldif
to verify
# ldapsearch -h ldap.office.goweekend.ca -D "cn=Administrator,dc=office,dc=goweekend,dc=ca" -W '(cn=Tom Catt)'
# extended LDIF
#
# LDAPv3
# base <dc=office,dc=goweekend,dc=ca> (default) with scope subtree
# filter: (cn=Tom Catt)
# requesting: ALL
#
# Tom Catt, goweekend.ca
dn: cn=Tom Catt,dc=office,dc=goweekend,dc=ca
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
cn: Tom Catt
sn: Catt
uid: tomcatt
givenName: Tom
mail: tomcatt@goweekend.ca
postalAddress: 1 Yonge St., North Pole, Canada
postalCode: H0H 0H0
telephoneNumber: 111-111-1111
title: Santa
userPassword:: RjFyc3RDMHQ=
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Nice and good article. It is very useful for me to learn and understand easily. Thanks for sharing your valuable information and time. Please keep updating Hadoop Administration Online course Bangalore
ReplyDelete