Difference between revisions of "OpenLDAP"
From CBLFS
Jump to navigationJump to search (→Configuring) |
(→Configuring) |
||
Line 130: | Line 130: | ||
include /etc/openldap/schema/inetorgperson.schema | include /etc/openldap/schema/inetorgperson.schema | ||
include /etc/openldap/schema/nis.schema | include /etc/openldap/schema/nis.schema | ||
− | include /etc/openldap/schema/sudo.schema | + | #include /etc/openldap/schema/sudo.schema |
include /etc/openldap/schema/misc.schema | include /etc/openldap/schema/misc.schema | ||
− | include /etc/openldap/schema/krb5-kdc.schema | + | #include /etc/openldap/schema/krb5-kdc.schema |
# The location of the PID file | # The location of the PID file |
Revision as of 19:37, 11 November 2008
Download Source: | ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.19.tgz |
---|
Contents
Introduction to OpenLDAP
The OpenLDAP package provides an open source implementation of the Lightweight Directory Access Protocol.
Project Homepage: http://www.openldap.org/
This page contains instructions to compile a OpenLDAP Server, Most of the time it is only the client libraries that are required, you can find this information on the OpenLDAP-Client page.
Dependencies
Required
- Berkeley DB or GDBM
Recommended
Optional
Configuration Information
If you really want to build OpenLDAP with GNU Database Manager instead of Berkeley DB, add the following flags to configure script:
--disable-bdb --disable-hdb --with-ldbm-api=gdbm
Non-Multilib
Compile the package:
CPPFLAGS="-D_GNU_SOURCE" ./configure --prefix=/usr --sysconfdir=/etc \ --libexecdir=/usr/lib/openldap --localstatedir=/srv/ldap --disable-debug \ --enable-dynamic --enable-crypt --enable-modules --enable-wrappers \ --enable-bdb=mod --enable-hdb=mod --enable-ldap=mod \ --enable-monitor=mod --enable-perl=mod --enable-relay=mod \ --enable-dyngroup=mod --enable-dynlist=mod --enable-memberof=mod \ --enable-ppolicy=mod --enable-valsort=mod && make depend && make
Install the package
make install && ln -sv ../lib/openldap/slapd /usr/sbin/slapd && install -dv -m755 /usr/share/doc/openldap-2.4.19/{drafts,guide,rfc} && install -v -m644 doc/drafts/* /usr/share/doc/openldap-2.4.19/drafts && install -v -m644 doc/rfc/* /usr/share/doc/openldap-2.4.19/rfc && cp -Rv doc/guide/* /usr/share/doc/openldap-2.4.19/guide
Multilib
32Bit
Compile the package:
CC="gcc ${BUILD32}" CPPFLAGS="-D_GNU_SOURCE" ./configure --prefix=/usr --sysconfdir=/etc \ --libexecdir=/usr/lib/openldap --localstatedir=/srv/ldap --disable-debug \ --enable-dynamic --enable-crypt --enable-modules --enable-wrappers \ --enable-bdb=mod --enable-hdb=mod --enable-ldap=mod \ --enable-monitor=mod --enable-perl=mod --enable-relay=mod \ --enable-dyngroup=mod --enable-dynlist=mod --enable-memberof=mod \ --enable-ppolicy=mod --enable-valsort=mod && make depend && make
Install the package
make install
N32
Compile the package:
CC="gcc ${BUILDN32}" CPPFLAGS="-D_GNU_SOURCE" ./configure --prefix=/usr --sysconfdir=/etc \ --libexecdir=/usr/lib/openldap --localstatedir=/srv/ldap --disable-debug \ --enable-dynamic --enable-crypt --enable-modules --enable-wrappers \ --enable-bdb=mod --enable-hdb=mod --enable-ldap=mod \ --enable-monitor=mod --enable-perl=mod --enable-relay=mod \ --enable-dyngroup=mod --enable-dynlist=mod --enable-memberof=mod \ --enable-ppolicy=mod --enable-valsort=mod && make depend && make
Install the package
make install
64Bit
Compile the package:
CC="gcc ${BUILD64}" CPPFLAGS="-D_GNU_SOURCE" ./configure --prefix=/usr \ --sysconfdir=/etc --libdir=/usr/lib64 --libexecdir=/usr/lib/openldap \ --localstatedir=/srv/ldap --disable-debug \ --enable-dynamic --enable-crypt --enable-modules --enable-wrappers \ --enable-bdb=mod --enable-hdb=mod --enable-ldap=mod \ --enable-monitor=mod --enable-perl=mod --enable-relay=mod \ --enable-dyngroup=mod --enable-dynlist=mod --enable-memberof=mod \ --enable-ppolicy=mod --enable-valsort=mod && make depend && make
Install the package
make install && ln -sv ../lib/openldap/slapd /usr/sbin/slapd && install -dv -m755 /usr/share/doc/openldap-2.4.19/{drafts,guide,rfc} && install -v -m644 doc/drafts/* /usr/share/doc/openldap-2.4.19/drafts && install -v -m644 doc/rfc/* /usr/share/doc/openldap-2.4.19/rfc && cp -Rv doc/guide/* /usr/share/doc/openldap-2.4.19/guide
Configuring
Creating a basic slapd configuration file:
cat > /etc/openldap/slapd.conf << "EOF" # Begin /etc/openldap/slapd.conf # Schema Definitions include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema #include /etc/openldap/schema/sudo.schema include /etc/openldap/schema/misc.schema #include /etc/openldap/schema/krb5-kdc.schema # The location of the PID file pidfile /srv/ldap/run/slapd.pid # List of arguments that will be passed to the server argsfile /srv/ldap/run/slapd.args # Load dynamic backend modules: modulepath /usr/lib/openldap/openldap moduleload back_bdb.la #moduleload back_ldap.la #moduleload back_ldbm.la #moduleload back_passwd.la #moduleload back_shell.la # Use crypt to hash the passwords password-hash {crypt} # If you wish to use cyrus-sasl to bind to # Kerberos uncomment and configure the # following lines #sasl-realm <REALMNAME.COM> #sasl-host <FQDN OF SASL SERVER> # Define SSL and TLS properties (optional) #TLSCertificateFile /etc/ssl/ldap.pem #TLSCertificateKeyFile /etc/openldap/ldap-key.pem #TLSCACertificateFile /etc/ssl/ldap.pem ####################################################################### # Access Lists ####################################################################### access to attrs=userPassword by self write by anonymous auth by * none access to attrs=gecos,description,loginShell by self write access to * by * read by * search ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "<BASEDN>" rootdn "cn=Manager,<BASEDN>" rootpw <password hash> directory "/srv/ldap/openldap-data" # Indexes index default pres,eq index objectClass,uid,uidnumber,gidnumber,cn index mail,mailalternateaddress,mailforwardingaddress eq # End /etc/openldap/slapd.conf EOF
When creating the configuration file above replace <BASEDN> with your Base DN. eg. dc=cross-lfs,dc=org.
You can generate a password hash for the rootdn with the following command:
slappasswd -h {SHA}
Bootscript
Install the init script included in the bootscripts package.
make install-openldap1