Changes

Jump to: navigation, search

NAD810 LDAP LAB

324 bytes added, 16:23, 16 November 2016
no edit summary
* migrationtools
===OpenLDAP Server configuration Summary===
#Create an OpenLDAP database
#Create an OpenLDAP “root” password and edit the OpenLDAP database configuration file /etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif
#Import the LDIF files into the OpenLDAP database
====OpenLDAP Server configuration details:====
===(1) Create/verify the directory for OpenLDAP database files===
<pre>
mkdir /var/lib/ldap/
</pre>
===(2) Configure base content and root user "olcRootDN" and "olcRootPW" ===Configure the OpenLDAP “root” user and password by editing the OpenLDAP server's database configuration file “/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif”
Only the LDAP's “rootdn” user can create, import, and export data into a LDAP database. You can use the slappasswd command to create the password and put it in the LDAP server database configuration file mentioned above:
Do not change other lines.
===(3) Start the OpenLDAP server daemon slapd.service===
<pre>
systemctl start slapd.service
</pre>
===(4)Create an LDIF file files for importing to the OpenLDAP database a. add an user called “ldapuser” useradd -g users ldapuser passwd ldapuser b. extract the passwd entry of ldapuser from /etc/passwd to a file called "entry.ldapuser" to your current working directory: grep ldapuser /etc/passwd > entry.ldapuser c. Modify the migration tools configuration file to use our base context "dc=nad810,dc=com". Back up the file /usr/share/migrationtools/migrate_common.ph and edit: Line 71: $DEFAULT_MAIL_DOMAIN = "padl.com"; to "nad810.com" Line 74: $DEFAULT_BASE = "dc=padl,dc=com"; to "dc=nad810,dc=com" Line 90: $EXTENDED_SCHEMA = 0; to 1 d. create the base context LDIF file for the nad810.com domain and named it ====Create a file called "ldif.base" and add the following lines:
<pre>
dn: dc=nad810,dc=com
</pre>
(Make sure that you have a blank line before the 2nd "dn:" line)
====a. add an user called “ldapuser” ====
useradd -g users ldapuser
passwd ldapuser
 
====b. extract the passwd entry for ldapuser ===
Run the following command to extract the password entry from /etc/passwd to a file called "entry.ldapuser" to your current working directory:
<pre>
grep ldapuser /etc/passwd > entry.ldapuser
</pre>
====c. Convert password entry to LDIF formation====
Modify the migration tools configuration file to use our base context "dc=nad810,dc=com".
Back up the file /usr/share/migrationtools/migrate_common.ph and edit:
Line 71: $DEFAULT_MAIL_DOMAIN = "padl.com"; to "nad810.com"
Line 74: $DEFAULT_BASE = "dc=padl,dc=com"; to "dc=nad810,dc=com"
Line 90: $EXTENDED_SCHEMA = 0; to 1
e====d. convert the entries for the "ldapuser" to LDIF format (ldif.ldapuser):====
(Note that "\" at the end of the line is used to tell the shell that
/usr/share/openldap/migration/migrate_passwd.pl entry.ldapuser ldif.ldapuser
f====e. verify the contents of ldif.ldapuser ====
dn: uid=ldapuser,ou=People,dc=nad810,dc=com
homeDirectory: /home/ldapuser
===(5) Import LDIF files into the OpenLDAP database===
<pre>
ldapsearch -x -b 'dc=nad810,dc=com' '(objectclass=*)'
===(6) Use the sample database configure file ===
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
systemctl restart slapd.service
Rchan
1,760
edits
Retrieved from "https://wiki.cdot.senecapolytechnic.ca/wiki/Special:MobileDiff/120729"

Navigation menu