kyoyaの日記: 5.2 - 505SX - LDAP導入 - OpenLDAP-2.1.30
参考文献
@IT
HAYAGUI
BLUECOARA
LDIF
man
■LDAPサーバインストール
$ cd /usr/ports/net/openldap21-server
$ make install
設定ファイル群
$cd /usr/local/etc/openldap
$ diff slapd.conf.default slapd.conf
include /usr/local/etc/openldap/schema/core.schema
> include /usr/local/etc/openldap/schema/corba.schema
> include /usr/local/etc/openldap/schema/cosine.schema
> include /usr/local/etc/openldap/schema/inetorgperson.schema
> include /usr/local/etc/openldap/schema/java.schema
> include /usr/local/etc/openldap/schema/misc.schema
> include /usr/local/etc/openldap/schema/nis.schema
> include /usr/local/etc/openldap/schema/openldap.schema
>
56,57c64,65
suffix "dc=localdomain"
> rootdn "cn=Manager,dc=localdomain"
61c69
rootpw sec1
OS起動時にLDAPサーバを起動する。sldap.shのコメントに従い/etc/rc.confを修正
$ cat /etc/rc.conf
...
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
slapd_sockets="/var/run/openldap/ldapi"
root(top)エントリを設定お試し
$ cat test.ldif
dn: dc=localdomain
objectClass: dcObject
objectClass: organization
o: KKHome
dc: localdomain
$ ldapadd -h localhost -x -D 'cn=Manager,dc=localdomain' -w sec1 -f test.ldif
$ ldapsearch -LLL -b "dc=localdomain" '(o=KKHome)'
dn: dc=localdomain
objectClass: dcObject
objectClass: organization
o: KKHome
dc: localdomain
ふむ。
■LDAPクライアントインストール
$ cd /usr/ports/net/openldap21-client
$ make install WITH_OPENSSL_PORT=Yes
5.2 - 505SX - LDAP導入 - OpenLDAP-2.1.30 More ログイン