mirror of
https://github.com/Ponce/slackbuilds
synced 2024-12-10 20:49:31 +01:00
683caa309d
Signed-off-by: David Spencer <idlemoor@slackbuilds.org>
103 lines
2.6 KiB
Text
103 lines
2.6 KiB
Text
# Initial Setup
|
|
|
|
Set the directory suffix and Manager user in your slapd.conf(5):
|
|
|
|
[...]
|
|
suffix "dc=example,dc=org"
|
|
rootdn "cn=Manager,dc=example,dc=org"
|
|
rootpw {SSHA}CjQ2ddDHu92qd2BrcNYT1hQDzLrVlgCo # Encryted password using slappasswd(8)
|
|
[...]
|
|
|
|
Create the DB_CONFIG file to initialize the database:
|
|
|
|
# cd /var/lib/openldap
|
|
# cp -a DB_CONFIG.example DB_CONFIG
|
|
|
|
|
|
|
|
# Logging
|
|
|
|
Add this to your /etc/syslog.conf file, and then restart syslogd,
|
|
to enable the slapd log file:
|
|
|
|
local4.* -/var/log/slapd
|
|
|
|
|
|
|
|
# Configuration
|
|
|
|
All configuration and schemas are stored in /etc/openlap
|
|
|
|
slapd.conf legacy OpenLDAP configuration file (see slapd.conf(5))
|
|
slapd.ldif OpenLDAP configuration file (see slapd-config(5))
|
|
ldap.conf ldap client (eg. ldapsearch) configuration file (see ldap.conf(5))
|
|
certs/ directory can contains server certificates
|
|
schema/ OpenLDAP schema
|
|
|
|
The default OpenLDAP database is located in /var/lib/openldap
|
|
|
|
*NOTE* OpenLDAP 2.3 and later supports old slapd.conf(5) and dynamic
|
|
configuration engine, slapd-config(5).
|
|
|
|
|
|
|
|
# Using the slapd.d directory
|
|
|
|
An existing slapd.conf(5) file can be converted to the new format using
|
|
slaptest(8):
|
|
|
|
# sh /etc/rc.d/rc.openldap stop
|
|
# mkdir -p /etc/openldap/slapd.d
|
|
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
|
|
# chown ldap:ldap /etc/openldap/slapd.d
|
|
|
|
|
|
|
|
# Starting and Stopping the OpenLDAP server
|
|
|
|
This package provides the /etc/rc.d/rc.openldap start/stop script.
|
|
|
|
Slackware is OpenLDAP server ready (see the rc.M script) and you can start
|
|
the OpenLDAP server automatically at boot by adding execution permission to
|
|
/etc/rc.d/rc.openldap
|
|
|
|
|
|
|
|
# Troubleshooting
|
|
|
|
## Can't contact LDAP server via ldapi:/// url
|
|
|
|
$ ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/test.ldif
|
|
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
|
|
|
|
openldap-server package use the same libraries from n/openldap-client Slackware
|
|
package. The openldap-client package use a non-standard location for ldapi socket.
|
|
|
|
### Solution 1
|
|
|
|
Create a symlink from /var/run/openldap/ldapi to /var/lib/run/ldapi
|
|
|
|
# mkdir -p /var/lib/run
|
|
# ln -sf /var/run/openldap/ldapi /var/lib/run/ldapi
|
|
|
|
### Solution 2
|
|
|
|
Change or add the URI in ldap.conf(5) file:
|
|
|
|
URI ldapi://%2fvar%2frun%2fopenldap%2fldapi
|
|
|
|
Run the ldap utility command without "-H" argument (example):
|
|
|
|
$ ldapadd -Y EXTERNAL -f /tmp/test.ldif
|
|
|
|
### Solution 3
|
|
|
|
Use ldapi url with ldap utility command:
|
|
|
|
$ ldapadd -Y EXTERNAL -H ldapi://%2fvar%2frun%2fopenldap%2fldapi -f /tmp/test.ldif
|
|
|
|
|
|
|
|
# Documentation
|
|
|
|
See /usr/doc/openldap-2.4.42/guide.html (OpenLDAP Administrator Guide)
|