LDAP-Server-setup

From Immersive Visualization Lab Wiki

Revision as of 17:05, 22 August 2012 by Jschulze (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Resource URLs

http://www.nodeofcrash.com/?p=481

Installation Procedure

yum install openldap-servers openldap-clients
Generate root password for openldap server: /usr/sbin/slappasswd
vi olcDatabase={2}bdb.ldif
change olcRootDN to: cn=Manager,dc=ucsd,dc=com
add a line for olcRootPW:
```
olcRootPW: {SSHA}yourhashhere
```

Add certificate lines:

olcTLSCertificateFile: /etc/pki/tls/certs/slapdcert.pem <br> olcTLSCertificateKeyFile: /etc/pki/tls/certs/slapdkey.pem

vi vi olcDatabase={1}monitor.ldif
in line starting with olcAccess change dc=my-domain to dc=ucsd
Create the basic database LDAP needs the first time it runs -- HOW?
vi /etc/sysconfig/ldap
set: SLAPD_LDAPS=yes
openssl req -new -x509 -nodes -out /etc/pki/tls/certs/slapdcert.pem -keyout /etc/pki/tls/certs/slapdkey.pem -days 365
- Country Name (2 letter code) [XX]:US
- State or Province Name (full name) []:California
- Locality Name (eg, city) [Default City]:San Diego
- Organization Name (eg, company) [Default Company Ltd]:UCSD
- Organizational Unit Name (eg, section) []:Calit2
- Common Name (eg, your name or your server's hostname) []:IVL
- Email Address []:jschulze@ucsd.edu
chown -Rf root:ldap /etc/pki/tls/certs/slapdcert.pem
chmod -Rf 750 /etc/pki/tls/certs/slapdkey.pem
slaptest -u
- this should return "config file testing succeeded"

Retrieved from "http://ivl.calit2.net/wiki/index.php?title=LDAP-Server-setup&oldid=5121"

Navigation menu