Section A
Install OpenLDAP 2.4 and make sure openldap is not running at this point.
edit the /etc/ldap/slapd.conf file to include your domain, my example uses:
dc=kens,dc=lan as the BASE
set the root password by typing
slappasswd
enter the password and paste the output into /etc/ldap/slapd.conf in the rootpw area.
cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown -R ldap:ldap /var/lib/ldap
create the initial ldap domain entry and administrator account by
making the file:
init.ldiff
with the contents, edited to your domain of course and matching the values you have used in the files /etc/openldap/slapd.conf, and /etc/openldap/ldap.conf:
dn: dc=kens,dc=lan
objectclass: dcObject
objectClass: organization
o: kens.lan
dc: kens
dn: cn=admin,dc=kens,dc=lan
objectclass: organizationalRole
cn: admin
Now save the file and run:
slapadd -l init.ldiff
start up slapd or ldapd
You should be able to do slapcat
Section B:
Enable the config database in /etc/ldap/slapd.conf by adding the following 3 lines right above the first database definition. Normally the line would read database bdb. Stop slapd prior to doing this.
database config
rootdn .cn=admin,cn=config.
rootpw config
to set the config password to something else type
slappasswd
enter the password twice and then copy the output:
{SSHA}5T+9VFI9cieYZCog8GKY3nDj10RmyUfT
and paste this for the rootpw instead of using config.
cd /etc/openldap
mkdir slapd.d
slaptest -f slapd.conf -F slapd.d
chown -R ldap:ldap *
so you know that slapd.conf is not active rename it slapd.old
You should now be able to open up a connection to the container:
cn=config
with username:
cn=admin,cn=config
and password config
From here you will be able to edit the runtime configuration of the ldap server and the changes will be realized as soon as the modification is made, without restarting the server.
If any of this is too much for you then you can contact a Pantek Engineer at
1-877-Linux-Fix and we will be able to help you.
0 comments:
Post a Comment