Version 3 (modified by Andrii Salnikov, 10 years ago) (diff) |
---|
yum install openldap-servers openldap-clients ldapvi
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG systemctl enable slapd.service systemctl start slapd.service
Generate password for RootDN with slappasswd The correct way to configure -- usgin ldapmodify. SASL auth enabled by default.
ldapvi -Y EXTERNAL -h ldapi:/// -b cn=config
Edit database:
6 olcDatabase={2}hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=grid,dc=imbg,dc=org,dc=ua olcRootDN: cn=Manager,dc=grid,dc=imbg,dc=org,dc=ua olcRootPW: {SSHA}aAlr6hDxbcIp75HdDTI/TP5XjzBFR/Sl olcAccess: to attrs=userPassword by self write by anonymous auth by dn.base="cn=Manager,dc=grid,dc=imbg,dc=org,dc=ua" write by * none olcAccess: to * by self write by * read olcDbIndex: objectClass eq,pres olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub