close
安裝 ldap
# yum install -y openldap openldap-clients openldap-servers
設定 ldap 的 /etc/openldap/slapd.conf
### Schema includes ########################################################### include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema ## Module paths ############################################################## modulepath /usr/lib64/openldap/ moduleload back_ldap moduleload rwm # Main settings ############################################################### pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args ### Database definition (Proxy to AD) ######################################### database ldap readonly yes protocol-version 3 rebind-as-user uri "ldap://192.168.0.200:389" suffix "dc=tw,dc=test" overlay rwm rwm-map attribute uid sAMAccountName rwm-map attribute mail proxyAddresses rwm-map attribute homeDirectory UNIXHOMEDIRECTORY rwm-map objectclass posixGroup group ### Logging ################################################################### loglevel 0 chase-referrals no idassert-authzFrom "dn.regex:.*" access to * by * read
設 /etc/openldap/ldap.conf
TLS_CACERTDIR /etc/openldap/certs sasl-host localhost sasl-secprops none
修改 ldap 初始化
# rm -rf /var/lib/ldap/* # cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG # chown -R ldap:ldap /var/lib/ldap/ # rm -rf /etc/openldap/slapd.d/* # slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d # chown -R ldap:ldap /etc/openldap/slapd.d # systemctl restart slapd
安裝 php httpd php-ldap
# yum install php httpd php-ldap # cd /var/www/html # wget http://downloads.sourceforge.net/project/phpldapadmin/phpldapadmin-php5/1.2.0.3/phpldapadmin-1.2.0.3.tgz?use_mirror=ncu # tar zxvf phpldapadmin-1.2.0.3.tgz\?use_mirror\=ncu # rm -rf phpldapadmin-1.2.0.3.tgz\?use_mirror\=ncu # mv phpldapadmin-1.2.0.3 phpldapadmin # cp /var/www/html/phpldapadmin/config/config.php.example /var/www/html/phpldapadmin/config/config.php # systemctl start httpd
http://<server_ip>/phpldapadmin
用 CN=Administrator,CN=Users,DC=tw,DC=test 登入
用 ldapwhoami 查看
# ldapwhoami -vvv -h 192.168.0.70 -p 389 -D 'CN=Administrator,CN=Users,DC=tw,DC=test' -x -w 'P@ssw0rd' ldap_initialize( ldap://192.168.0.70:389 ) dn:cn=Administrator,cn=Users,dc=tw,dc=test Result: Success (0) # ldapwhoami -vvv -h 127.0.0.1 -p 389 -D CN=admin,CN=Users,DC=tw,DC=nzgft -x -w 'P@ssw0rd' ldap_initialize( ldap://127.0.0.1:389 ) dn:cn=admin,cn=Users,dc=tw,dc=test Result: Success (0) # ldapwhoami -vvv -h 127.0.0.1 -p 389 -D CN=enli,OU=資訊部,DC=tw,DC=nzgft -x -w 'P@ssw0rd' ldap_initialize( ldap://127.0.0.1:389 ) dn:cn=enli,ou=資訊部,dc=tw,dc=nzgft Result: Success (0)
全站熱搜
留言列表
雜七雜八 (1)
