ÆÉ¤ß ¡Ú¥¨¥ë¥À¥Ã¥×¡Û
´Êñ¤Ë¸À¤¨¤ÐID¤ä¥Ñ¥¹¥ï¡¼¥É¤ò°ì¸µ´ÉÍý¤¹¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¡£
°ìÈÌŪ¤Ë¥ª¡¼¥×¥ó¥½¡¼¥¹¤ÎOpenLDAP¤Î¤³¤È¤ò¸À¤¦¡£
¥·¥ó¥°¥ë¡¦¥µ¥¤¥ó¥ª¥ó¡¢¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ð
¤½¤í¤½¤íLDAP¤Ë¤·¤Æ¤ß¤Ê¤¤¤«¡©
¤Ï¤ä¤°¤¤
# yum install openldap-servers # yum install openldap-clients
ÀßÄê
# vi vi /etc/openldap/slapd.conf
# ¥¹¥¡¼¥Þ¥Õ¥¡¥¤¥ë»ØÄê include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema # PID,µ¯Æ°»þ¥ª¥×¥·¥ç¥óÊݸ¾ì½ê pidfile /var/run/slapd.pid argsfile /var/run/slapd.args # »ÈÍÑDB Berkeley DB database bdb # ¥Ù¡¼¥¹¤ÎDN suffix "dc=example,dc=com" # ´ÉÍý¼Ô¤ÎDN rootdn "cn=Manager,dc=example,dc=com" # ´ÉÍý¼Ô¤Î¥Ñ¥¹¥ï¡¼¥É rootpw secret # ¥Ç¡¼¥¿Êݸ¾ì½ê directory /var/lib/ldap # INDEX index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub
# /etc/rc.d/init.d/ldap start
¥Ç¥£¥ì¥¯¥È¥ê¹½Â¤¤Ç´ÉÍý¤¹¤ë¤Î¤Ç¥ë¡¼¥È¤òLDIF¤Î·Á¼°¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢Äɲ乤ë
¥Õ¥¡¥¤¥ë̾¤ÏǤ°Õ
root.ldif
dn: dc=example,dc=com objectClass: dcObject objectClass: organization dc: example o: example
# ldapadd -x -D 'cn=Manager,dc=example,dc=com' -w secret -f root.ldif
Éô½ð¤ÎLDIF¤òºîÀ®¤·¡¢ÄɲÃ
unit.ldif
dn: ou=abc,dc=example,dc=com objectClass: top objectClass: organizationalUnit ou: abc dn: ou=xyz,dc=example,dc=com objectClass: top objectClass: organizationalUnit ou: xyz
# ldapadd -x -D 'cn=Manager,dc=example,dc=com' -w secret -f unit.ldif
¥æ¡¼¥¶¡¼¤ÎLDIF¤òºîÀ®¤·¡¢ÄɲÃ
user.ldif
dn: cn=Taro Yamada,ou=abc,dc=example,dc=com objectClass: top objectClass: person cn: Taro Yamada sn: Yamada dn: cn=Hanako Yamada,ou=abc,dc=example,dc=com objectClass: top objectClass: person cn: Hanako Yamada sn: Yamada
# ldapadd -x -D 'cn=Manager,dc=example,dc=com' -w secret -f user.ldif
Éôʬ°ìÃ׸¡º÷¤âOK
# ldapsearch -x -b 'dc=example,dc=com' -s sub '(cn=Hanako Yamada)'
ZIP¥Õ¥¡¥¤¥ë¤ò²òÅष¤Æ lbe.bat ¤ò¥À¥Ö¥ë¥¯¥ê¥Ã¥¯¤Çµ¯Æ°