![]() Use nano or your favorite text editor and paste the following content in: nano db.ldif dn: olcDatabase=to * by dn.base="gidNumber=0 uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,dc=field,dc=eldernode,dc=com" read by * noneĪgain, deploy the configuration change by running the following command: ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif In this step, you need to generate a certificate and private key to be able to communicate with the OpenLDAP server securely. openssl req -new -x509 -nodes -out \ /etc/openldap/certs/.cert \ -keyout /etc/openldap/certs/.key \ -days 365 Run the following command to pass this step. It allows OpenLDAP to read the files: chown -R ldap:ldap /etc/openldap/certs To change the owner and group permissions, type the command below. You can also test the configuration by running the command below: slaptest -u How to setup the OpenLDAP database nano certs.ldif dn: cn=config changetype: modify replace: olcTLSCertificateFile olcTLSCertificateFile: /etc/openldap/certs/.cert dn: cn=config changetype: modify replace: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/openldap/certs/.keyĪnd again, you can deploy the configuration: ldapmodify -Y EXTERNAL -H ldapi:/// -f certs.ldif To configure OpenLDAP and use the LDAPS protocol, you must create certs.ldif. When the above steps are passed, you are ready to set up the LDAP database. To start the process, you must copy the sample database configuration file to ‘/var/lib/ldap’ and change the file permissions. Next, create a base.ldif file for your domain: nano base.ldif dn: dc=field,dc=eldernode,dc=com dc: field objectClass: top objectClass: domain dn: cn=ldapadm,dc=field,dc=eldernode,dc=com objectClass: organizationalRole cn: ldapadm description: LDAP Manager dn: ou=People,dc=field,dc=eldernode,dc=com objectClass: organizationalUnit ou: People dn: ou=Group,dc=field,dc=eldernode,dc=com objectClass: organizationalUnit ou: Groupĭeploy these configuration changes to the OpenLDAP server using the ldapadm user: ldapadd -x -W -D "cn=ldapadm,dc=field,dc=linuxhostsupport,dc=com" -f base.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldifv cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG chown -R ldap:ldap /var/lib/ldapĪnd then, add the LDAP schemas. ![]() When you are asked, enter the root password. If you prefer to add users, you can use a GUI. Also, you are recommended to 0use Apache Directory Studio or JXplorer for this. That’s that! LDAP should now have been installed on your CentOS 7 server. Recommended Article: Tutorial Install LDAP Client On CentOS 7
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |