This is an old revision of the document!


Installation openLDAP Server RHEL / CentOS 6

Install required packages
yum -y install openldap-servers openldap-clients
Copy the default Database configuration files

This provides a basic starting point for the openLDAP database. Other settings can be used, but the defaults are fine for most cases.

cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown ldap. /var/lib/ldap/DB_CONFIG
Start the ldap service

In the current version of openLDAP the service must be running to make modifications to your LDAP settings.

service slapd start
chkconfig slapd on
Set your LDAP rootPW
  • Issue the following command, you will be prompted for a password:
slappasswd

Output should similar to:

{SSHA}NYHJkdBGUWbeFVsVqXUcbNtUBnFTe2X/

Save the following to ch_rootPW.ldif: <file ldif ch_rootPW.ldi>

dn: olcDatabase={0}config,cn=config changetype: modify add: olcRootPW olcRootPW: {SSHA}NYHJkdBGUWbeFVsVqXUcbNtUBnFTe2X/ </code> And Issue the change with:

ldapadd -Y EXTERNAL -H ldapi:/// -f ch_rootPW.ldif
  • Configure LDAP Domain Settings

(You can either generate a new Password with slappasswd again, or re-use the previous hash)

Save the following to ch_domainSettings.ldif

dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by 	dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
  read by dn.base="cn=Manager,dc=example,dc=net" read by * none

dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=net

dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=Manager,dc=example,dc=net

dn: olcDatabase={2}bdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}NYHJkdBGUWbeFVsVqXUcbNtUBnFTe2X/

dn: olcDatabase={2}bdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="cn=Manager,dc=example,dc=org" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=Manager,dc=example,dc=net" write   by * read

Enforce this ldif as well:

ldapmodify -Y EXTERNAL -H ldapi:/// -f ch_domainSettings.ldif

You are now ready to install FusionDirectory!

openldap_install_rhel6.1466607621.txt.gz · Last modified: 2017/10/31 10:37 (external edit)
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0