Open LDAP 测试安装手册

OpenLdap Installation

系统环境:

Ubuntu Kernel 2.6.28 x86_64 GNU/Linux

LADP监听端口：TCP　389

重启服务：/etc/init.d/slapd　restart

php: 必需支持ldap

依赖关系:

apt-get install php5-ldap php-net-ldap php-auth

http://www.oracle.com/technology/software/products/berkeley-db/index.html

http://www.openldap.org/

http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page

参考文档:

http://www.openldap.org/doc/admin24/quickstart.html

http://www.turbolinux.com.cn/turbo/wiki/doku.php?id=%E7%BD%91%E7%BB%9C%E7%AE%A1%E7%90%86:Openldap%E8%AF%A6%E8%A7%A3

安装步骤:

wget http://download.oracle.com/berkeley-db/db-5.0.21.tar.gz

wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-stable/openldap-stable-20100219.tgz

# 安装 berkeley DB (默认安装在/usr/local/BerkeleyDB.5.0)

cd ~

tar zxf db-5.0.21.tar.gz

cd db-5.0.21

cd build_unix

../dist/configure --prefix=/usr/local/BerkeleyDB

make

make install

# 修改使系统加载Berkeley的lib文件

echo /usr/local/BerkeleyDB/lib >>/etc/ld.so.conf

ldconfig

# 安装 openldap

export CPPFLAGS="-I/usr/local/BerkeleyDB/include"

export LDFLAGS="-L/usr/local/BerkeleyDB/lib"

cd ~

tar zxf openldap-stable-20100219.tgz

cd openldap-2.4.21

unset CPPFLAGS LDFLAGS LD_LIBRARY_PATH

env CPPFLAGS=-I/usr/local/BerkeleyDB/include LDFLAGS=-L/usr/local/BerkeleyDB/lib LD_LIBRARY_PATH=/home/opadmin/db-5.0.21/build_unix/.libs ./configure --prefix= /usr/local/openldap --enable-ldbm

(怎么装也装不上，不解！...无奈使用apt-get install slapd ldap-utils先用着)

# 配置openldap

database hdb

suffix "dc=SME"

directory "/var/lib/ldap"

dbconfig set_cachesize 0 2097152 0

rootdn "cn=admin,dc=SME"

rootpw 123456

index objectClass eq

# rootpw说明,可使用以下方式生成密码:

slappasswd -h {SSHA}

slappasswd -h {SHA}

slappasswd -h {MD5}

slappasswd -h {SMD5}

slappasswd -h {CRYPT}

用法: slappasswd -h {MD5} -s 123456

示例: rootpw {MD5}mjkiuPt0wXhpxxkdiOOO+0000000AKq0by

# index规则:

approx （模糊匹配,approximate）、

eq （精确匹配，equality）、

pres （现值匹配，若某记录的此attribute没有值则不进行匹配，presence）

sub （子串匹配，substring）。

# 测试LDAP

ldapsearch -x -b '' -s base '(objectclass=*)'

ldapsearch -x -LLL -h SME -b 'dc=SME' -D 'uid=qq,dc=SME' -W 'uid=qq'

ldapsearch -x -b 'dc=SME'

ldapsearch -x -LLL -h it.com -b 'dc=it,dc=com' -D 'uid=qq,dc=it,dc=com' -W 'uid=qq'

# 导入数据

slapadd -v -l ./init.ldif

# 安装 phpldapadmin

tar zxf phpldapadmin-1.2.0.5.gz

mv phpldapadmin-1.2.0.5 /var/www/phpldapadmin

root@jsvestgw:/etc/ldap# cat init.ldif

dn: uid=qq,dc=SME

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

uid: qq

cn: qq

sn: qq

telephoneNumber: 138888888

description: openldap test

telexNumber: tex-8888888

street: my street

postOfficeBox: postofficebox

displayName: qqdisplay

homePhone: home1111111

mobile: mobile99999

mail: qq@qq.com