Scribd
Upload
333 views4 pages

Open LDAP Server Linux

The document describes how to set up an OpenLDAP server to authenticate Linux users. It includes instructions to install OpenLDAP packages, configure the LDAP server, add user and group entries to the LDAP directory, export the home directory over NFS, and configure LDAP clients to authenticate against the new server.

Uploaded by

zawhtet
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
333 views4 pages

Open LDAP Server Linux

The document describes how to set up an OpenLDAP server to authenticate Linux users. It includes instructions to install OpenLDAP packages, configure the LDAP server, add user and group entries to the LDAP directory, export the home directory over NFS, and configure LDAP clients to authenticate against the new server.

Uploaded by

zawhtet
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

OpenLDAP Server

compat-openldap.i386 0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
ou can install them using the command:
yum install *openldap* -y

-----------------------------------------------------------
vi /etc/openldap/sldap.conf

openssl passwd

add in /etc/openldap/sldap.conf

suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {crypt}BreLcru48OqmA
-------------------------------------------------------------------------
service ldap restart
tail -f /var/log/messages

useradd -d /home/users/system1-user01 system1-user01


useradd -d /home/users/system2-user02 system2-user02
useradd -d /home/users/system3-user03 system3-user03
useradd -d /home/users/system4-user04 system4-user04
useradd -d /home/users/system5-user05 system5-user05
useradd -d /home/users/system6-user06 system6-user06
useradd -d /home/users/system7-user07 system7-user07
useradd -d /home/users/system8-user08 system8-user08
useradd -d /home/users/system9-user09 system9-user09
useradd -d /home/users/system10-user10 system10-user10

passwd system1-user01
passwd system2-user02
passwd system3-user03
passwd system4-user04
passwd system5-user05
passwd system6-user06
passwd system7-user07
passwd system8-user08
passwd system9-user09
passwd system10-user10
groupadd -g 10000 system01
groupadd -g 10001 system02
usermod -G 10000 system1-user01
usermod -G 10000 system2-user02
usermod -G 10001 system3-user03
--------------------------------------------------------------------------------------
vi /etc/exports
/home/users 192.168.0.0/255.255.255.0(rw,sync)
----------------------------------------------------------------------------------
vi /etc/openldap/init.ldif
dn: dc=example,dc=com
objectClass: dcObject
objectClass: organization
o: example
dc: example
dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
cn: Manager
dn: ou=Account,dc=example,dc=com
objectClass: organizationalUnit
ou: Account
dn: ou=Group,dc=example,dc=com
objectClass: organizationalUnit
ou: Group
#ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f init.ldif
#ldapsearch -x -LLL -b "dc=example, dc=com" "(objectClass=*)"
----------------------------------------------------------------------------------------

vi /etc/openldap/group.ldif
dn: cn=system01,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: system01
gidNumber: 10000
dn: cn=system02,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: system02
gidNumber: 10001
ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f group.ldif
before create user.ldif
su - system1-user01
id <-- check user id
openssl passwd
copy and paste on
---------------------------------------------------------------

vi /etc/openldap/user.ldif
dn: uid=system1-user01,ou=Account,dc=example,dc=com
uid: system1-user01
cn: test user 01
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}FLVvKA5gz4RUk
loginShell: /bin/bash
uidNumber: 511
gidNumber: 10000
homeDirectory: /home/users/system1-user01

dn: uid=system2-user02,ou=Account,dc=example,dc=com
uid: system2-user02
cn: test user 02
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}9oB/59btUGpGM
loginShell: /bin/bash
uidNumber: 512
gidNumber: 10000
homeDirectory: /home/users/system2-user02
dn: uid=system3-user03,ou=Account,dc=example,dc=com
uid: system3-user03
cn: test user 03
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}xopW7X41D.w/6
loginShell: /bin/bash
uidNumber: 513
gidNumber: 10001
homeDirectory: /home/users/system3-user03
ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f user.ldif
---------------------------------------------------------------------

export home directory on server1.example.com


/home/users 192.168.0.0/255.255.255.0(rw,sync)
--------------------------------------------------------------------
### LDAP Clients ###
authconfig-tui
- Use LDAP
- Use LDAP Authentication
ldap://server1.example.com
dc=example,dc=com
---------------------------------------------------------------------
vi /etc/auto.master
/home/users /etc/auto.users --timeout=60
vi /etc/auto.users
* -fstype=nfs,rw,soft,intr server1.example.com:/home/users/&

You might also like