Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

OpenLDAP Server in container

1,972 bytes added, 19:42, 10 February 2007
no edit summary
<h3>Step by Step Installation and Configuration OpenLDAP Server</h3>
Software: OS-Cent OS 4.4, openldap 2.2.13-6.4E<br>System name: ldap.adminmart.com<br>Domain name: adminmart.com<br>System IP: 192.168.1.212<br><br><b>Note:</b> Use your domain name and IP instead of adminmart<br><br>
Note: Use your domain name and IP instead of adminmart<h3>Create VPS with OpenLDAP</h3>Create, Install vps with the following information<br>Easy steps for adding users- vpsid :212<br>- vpsip : 192.168.1. Create unix user212<br>2. Create unix user's - vpsname : ldap passwd file<br>3. Convert passwd.file to ldif file4. Add - vpshostname : ldap file to LDAP Directory using ldapadd<br><br>Step #1. Requirements<b>Note:</b> Please run these commands on hardware node<br><code>compat vzctl create 212 --openldap.i386 0:2.1.30ostemplate centos-6.4Eopenldap4-clients.i386 0:2.2.13-6.4Eminimal<br>openldap vzctl set 212 --devel.i386 0:2ipadd 192.2168.13-61.4Eopenldap212 -servers.i386 0:2.2.13-6.4Esave<br>openldap vzctl set 212 -servers-sqlnameserver 202.i386 0:288.2156.136 -6.4E  You can install them using the command: yum install *openldap* -y   Step #2. Start the service save<codebr>[root@ldap ~]# chkconfig vzctl set 212 --onboot yes --levels 235 ldap on[root@ldap ~]# service ldap start save</codebr>Step #3. Create LDAP vzctl set 212 --userpasswd root user password :changeme --save<codebr>[root@ldap ~]# slappasswdNew password:Re vzctl set 212 --enter new password:{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW[root@name ldap ~]#--save</codebr>Step #4. Update /etc/openldap/slapd.conf for the root password <code>[root@ vzctl set 212 --hostname ldap ~]# vi /etc/openldap/slapd.conf#68 database bdb#69 suffix "dc=adminmart,dc=com"#70 rootdn "cn=Manager,dc=adminmart,dc=com"#71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW--save</codebr> Step #5. Apply Changes <code>[root@ldap ~]# service ldap restart vzctl start 212</codebr> Step #6. Create test users  vzyum 212 install *openldap* -y<codebr>[root@ldap ~]# useradd test1[root@ldap ~]# passwd test1Changing password for user test1.New UNIX password:Retype new UNIX password:passwd: all authentication tokens updated successfully.[root@ldap ~]# useradd test2[root@ldap ~]# passwd test2Changing password for user test2.New UNIX password:Retype new UNIX password:passwd: all authentication tokens updated successfully.[root@ldap ~]#
</code>
Note: Repeat the same <h3>Configuration of OpenLDAP Server</h3><b>Easy steps for the rest of adding users :</b>1. Create unix user<br>2. Create unix user's ldap passwd file<br>3. Convert passwd.file to ldif file<br>4. Add ldap file to LDAP Directory using ldapadd<br><h4>Step #71. Requirements</h4>compat-openldap.i386 0:2. Migrate local users to LDAP1.30-6.4E<br>openldap-clients.i386 0:2.2.13-6.4E<br>openldap-devel.i386 0:2.2.13-6.4E<br>openldap-servers.i386 0:2.2.13-6.4E<br>openldap-servers-sql.i386 0:2.2.13-6.4E<br><br><br>You can install them using the command:<br><br> yum install *openldap* -y <br>
<codeh4>[root@ldap ~]Step # grep root 2. Start the service</etc/passwd h4><code> /etc/openldap/passwd.root [root@ldap ~]# grep test1 /etc/passwd chkconfig --levels 235 ldap on<br> /etc/openldap/passwd.test1 [root@ldap ~]# grep test2 /etc/passwd service ldap start <br> /etc/openldap/passwd.test2
</code>
Note: Repeat the same for the rest of users<h4>Step #83. Update default settings on file Create LDAP root user password</usr/share/openldap/migration/migrate_common.ph #71 $DEFAULT_MAIL_DOMAIN = "adminmart.com";#74 $DEFAULT_BASE = "dc=adminmart,dc=com";Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file h4><code> [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldifslappasswd<br> New password:<br> Re-enter new password:<br>[root@ldap ~]# {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldifDltW<br> [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif
</code>
Note: Repeat the same for the rest of users <h4>Step #104. Update root/etc/openldap/slapd.ldif file conf for the root password</h4><code> [root@ldap ~]# vi /etc/openldap/slapd.conf<br> #68 database bdb<br> #69 suffix "dc=adminmart,dc=com"<br> #70 rootdn "cn=Manager,dc=adminmart,dc=com" of LDAP Server <br> #71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW</code>
[root@ldap ~]# vi /etc/openldap/root.ldif#1 dn: uid=root,ou=People,dc=adminmart,dc=com#2 uid: root#3 cn: Manager#4 objectClass: account <h4>Step #115. Create a domain ldif file (Apply Changes</etc/openldap/adminmart.com.ldif) [root@ldap ~]# cat /etc/openldap/adminmart.com.ldifdn: dc=adminmart,dc=comdc: adminmartdescription: LDAP AdminobjectClass: dcObjectobjectClass: organizationalUnitou: rootobject dn: ou=People, dc=adminmart,dc=comou: Peopledescription: Users of adminmartobjectClass: organizationalUnit Step #12. Import all users in to the LDAP Add the Domain ldif file h4><code> [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldifEnter LDAP Password:adding new entry "dc=adminmart,dc=com"adding new entry "ou=People, dc=adminmart,dc=com"[root@service ldap ~]#restart
</code>
Add <h4>Step #6. Create test users</h4><code> [root@ldap ~]# useradd test1<br> [root@ldap ~]# passwd test1<br> Changing password for user test1.<br> New UNIX password:<br> Retype new UNIX password:<br> passwd: all authentication tokens updated successfully.<br> [root@ldap ~]# useradd test2<br> [root@ldap ~]# passwd test2<br> Changing password for user test2.<br> New UNIX password:<br> Retype new UNIX password:<br> passwd: all authentication tokens updated successfully.<br> [root@ldap ~]#<br> </code><br><b>Note:</b> Repeat the Userssame for the rest of users <br>
<h4>Step #7. Migrate local users to LDAP</h4><code> [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f grep root /etc/passwd > /etc/openldap/passwd.root.ldif<br>Enter LDAP Password:adding new entry "uid= [root,ou=People,dc=adminmart,dc=com"adding new entry "uid=operator,ou=People,dc=adminmart,dc=com"@ldap ~]# grep test1 /etc/passwd > /etc/openldap/passwd.test1<br> [root@ldap ~]#grep test2 /etc/passwd > /etc/openldap/passwd.test2<br></code><br><b>Note:</b> Repeat the same for the rest of users<br>
[root@ldap ~]<h4>Step # ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f 8. Update default settings on file /usr/etcshare/openldap/test1migration/migrate_common.ldifph</h4>Enter LDAP Password: #71 $DEFAULT_MAIL_DOMAIN = "adminmart.com";<br>adding new entry #74 $DEFAULT_BASE = "uid=test1,ou=People,dc=adminmart,dc=com"[root@ldap ~]#;<br>
<h4>Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file </h4><code> [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/test2passwd.root /etc/openldap/root.ldif<br>Enter LDAP Password:adding new entry "uid=test2,ou=People,dc=adminmart,dc=com" [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif<br> [root@ldap ~]#/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif<br></code><br><b>Note:</b> Repeat the same for the rest of users<br>
<h4>Step #10. Update root.ldif file for the "Manager" of LDAP Server </h4>
<code>
[root@ldap ~]# vi /etc/openldap/root.ldif<br>
#1 dn: uid=root,ou=People,dc=adminmart,dc=com<br>
#2 uid: root<br>
#3 cn: Manager<br>
#4 objectClass: account<br>
</code>
Note: Repeat the same for the rest of users <h4>Step #1311. Apply Changes Create a domain ldif file (/etc/openldap/adminmart.com.ldif)</h4><code> [root@ldap ~]# service ldap restartcat /etc/openldap/adminmart.com.ldif<br> dn: dc=adminmart,dc=com</codebr> dc: adminmart<br>Step #14. Test description: LDAP ServerAdmin<br>It prints all the user information objectClass: dcObject<br> objectClass: organizationalUnit<br> ou: rootobject<codebr> <br>[root@ldap ~]# ldapsearch -x -b ' dn: ou=People, dc=adminmart,dc=com' '(objectclass=*)'<br> ou: People<br> description: Users of adminmart<br> objectClass: organizationalUnit<br></code> <h4>Step #12. Import all users in to the LDAP</h4><b>Add the Domain ldif file </b><br><br><code>
[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldif<br>
Enter LDAP Password:<br>
adding new entry "dc=adminmart,dc=com"<br>
adding new entry "ou=People, dc=adminmart,dc=com"<br>
[root@ldap ~]#<br>
</code><br>
<br>
<b>Add the Users</b><br>
<br>
<code>
[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/root.ldif<br>
Enter LDAP Password:<br>
adding new entry "uid=root,ou=People,dc=adminmart,dc=com"<br>
adding new entry "uid=operator,ou=People,dc=adminmart,dc=com"<br>
[root@ldap ~]#<br>
<br>
[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test1.ldif<br>
Enter LDAP Password:<br>
adding new entry "uid=test1,ou=People,dc=adminmart,dc=com"<br>
[root@ldap ~]#<br>
<br>
[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test2.ldif<br>
Enter LDAP Password:<br>
adding new entry "uid=test2,ou=People,dc=adminmart,dc=com"<br>
[root@ldap ~]#<br>
</code><br>
<b>Note:</b> Repeat the same for the rest of users<br>
<h4>Step #13. Apply Changes </h4>
<code>
[root@ldap ~]# service ldap restart</code> <br>
<h4>Step #14. Test LDAP Server</h4>
It prints all the user information<br>
<br>
<code>
[root@ldap ~]# ldapsearch -x -b 'dc=adminmart,dc=com' '(objectclass=*)'</code> <br>
<br>
<br>
<h3>LDAP Client Configuration</h3>
<code>
[root@ldapclient ~]# authconfig </code><br>
<b> [*] Use LDAP [*] Use LDAP Authentication </b><br>
<br>
[Both should be checked]<br>
<br>
<b> [ ] Use TLS <br>
Server: ldap.adminmart.com<br>
Base DN: dc=adminmart,dc=com<br>
</b><br>
<br>
[[Category:HOWTO]]
4
edits