| Version 2 (modified by Andrii Salnikov, 10 years ago) (diff) |
|---|
yum install openldap-servers openldap-clients ldapvi
systemctl enable slapd.service systemctl start slapd.service
Generate password for RootDN with slappasswd The correct way to configure -- usgin ldapmodify. SASL auth enabled by default.
ldapvi -Y EXTERNAL -h ldapi:/// -b cn=config
Edit database:
6 olcDatabase={2}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=grid,dc=imbg,dc=org,dc=ua
olcRootDN: cn=Manager,dc=grid,dc=imbg,dc=org,dc=ua
olcRootPW: {SSHA}aAlr6hDxbcIp75HdDTI/TP5XjzBFR/Sl
olcAccess: to attrs=userPassword
by self write
by anonymous auth
by dn.base="cn=Manager,dc=grid,dc=imbg,dc=org,dc=ua" write
by * none
olcAccess: to *
by self write
by * read
olcDbIndex: objectClass eq,pres
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
