From 683caa309d82c7207ad08816627cf69ee99dd1a7 Mon Sep 17 00:00:00 2001 From: Giuseppe Di Terlizzi Date: Fri, 7 Apr 2017 17:45:04 +0100 Subject: network/openldap-server: Added (OpenLDAP server). Signed-off-by: David Spencer --- network/openldap-server/README.SLACKWARE | 103 +++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 network/openldap-server/README.SLACKWARE (limited to 'network/openldap-server/README.SLACKWARE') diff --git a/network/openldap-server/README.SLACKWARE b/network/openldap-server/README.SLACKWARE new file mode 100644 index 0000000000..ea245662b6 --- /dev/null +++ b/network/openldap-server/README.SLACKWARE @@ -0,0 +1,103 @@ +# Initial Setup + +Set the directory suffix and Manager user in your slapd.conf(5): + + [...] + suffix "dc=example,dc=org" + rootdn "cn=Manager,dc=example,dc=org" + rootpw {SSHA}CjQ2ddDHu92qd2BrcNYT1hQDzLrVlgCo # Encryted password using slappasswd(8) + [...] + +Create the DB_CONFIG file to initialize the database: + + # cd /var/lib/openldap + # cp -a DB_CONFIG.example DB_CONFIG + + + +# Logging + +Add this to your /etc/syslog.conf file, and then restart syslogd, +to enable the slapd log file: + + local4.* -/var/log/slapd + + + +# Configuration + +All configuration and schemas are stored in /etc/openlap + + slapd.conf legacy OpenLDAP configuration file (see slapd.conf(5)) + slapd.ldif OpenLDAP configuration file (see slapd-config(5)) + ldap.conf ldap client (eg. ldapsearch) configuration file (see ldap.conf(5)) + certs/ directory can contains server certificates + schema/ OpenLDAP schema + +The default OpenLDAP database is located in /var/lib/openldap + +*NOTE* OpenLDAP 2.3 and later supports old slapd.conf(5) and dynamic + configuration engine, slapd-config(5). + + + +# Using the slapd.d directory + +An existing slapd.conf(5) file can be converted to the new format using +slaptest(8): + + # sh /etc/rc.d/rc.openldap stop + # mkdir -p /etc/openldap/slapd.d + # slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d + # chown ldap:ldap /etc/openldap/slapd.d + + + +# Starting and Stopping the OpenLDAP server + +This package provides the /etc/rc.d/rc.openldap start/stop script. + +Slackware is OpenLDAP server ready (see the rc.M script) and you can start +the OpenLDAP server automatically at boot by adding execution permission to +/etc/rc.d/rc.openldap + + + +# Troubleshooting + +## Can't contact LDAP server via ldapi:/// url + + $ ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/test.ldif + ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) + +openldap-server package use the same libraries from n/openldap-client Slackware +package. The openldap-client package use a non-standard location for ldapi socket. + +### Solution 1 + +Create a symlink from /var/run/openldap/ldapi to /var/lib/run/ldapi + + # mkdir -p /var/lib/run + # ln -sf /var/run/openldap/ldapi /var/lib/run/ldapi + +### Solution 2 + +Change or add the URI in ldap.conf(5) file: + + URI ldapi://%2fvar%2frun%2fopenldap%2fldapi + +Run the ldap utility command without "-H" argument (example): + + $ ldapadd -Y EXTERNAL -f /tmp/test.ldif + +### Solution 3 + +Use ldapi url with ldap utility command: + + $ ldapadd -Y EXTERNAL -H ldapi://%2fvar%2frun%2fopenldap%2fldapi -f /tmp/test.ldif + + + +# Documentation + +See /usr/doc/openldap-2.4.42/guide.html (OpenLDAP Administrator Guide) -- cgit v1.2.3