`
fox.tan
  • 浏览: 64433 次
  • 性别: Icon_minigender_1
  • 来自: 深圳
社区版块
存档分类
最新评论

初试OpenLDAP

    博客分类:
  • LDAP
CC++C#脚本Windows 
阅读更多

     由于工作需要,有机会尝试使用LDAP。下面就介绍一下OpenLDAP的安装配置过程。

 

第一步, 查阅文档,下载安装文件

         强烈推荐:http://www.zytrax.com/books/ldap。基本的安装配置看第4章http://www.zytrax.com/books/ldap/ch4/win2k.html#win2k足够了。

 

第二步, 安装

         http://www.zytrax.com/books/ldap/ch4/win2k.html#win2k上有详细的介绍,这里就不说了。

 

第三步, 配置slapd.conf

      首先备份原来的LDAP_HOME/slapd.conf文件, 简单的slapd.conf配置如下:

slapd.conf
##########################################
# 加载哪些 schemas 文件
ucdata-path ./ucdata
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema

#########################################
# 下面这些都是默认的配置
# DON'T bother with ARGS file unless you feel strongly
# slapd scripts stop scripts need this to work
pidfile ./run/slapd.pid
argsfile ./run/slapd.args

# enable a lot of logging - we might need it
# but generates huge logs
loglevel -1

#######################################################################
# bdb database definitions
#
# replace example and com below with a suitable domain
#
# If you don't have a domain you can leave it since example.com
# is reserved for experimentation or change them to my and inc
#
#######################################################################

database bdb
# 这个是我们需要配置的。
suffix "dc=example, dc=com"

# 设置LDAP的超级用户密码,用户名admin,密码user@XX2
rootdn "cn=admin, dc=example, dc=com"
rootpw user@XX2
# The database directory MUST exist prior to running slapd AND
# change path as necessary
# LDAP数据保存的路径,自定义的example-com需自己创建。
directory ./data/example-com


#########################################
# 下面这些都是默认的配置
# Indices to maintain for this directory
# unique id so equality match only
index uid eq
# allows general searching on commonname, givenname and email
index cn,gn,mail eq,sub
# allows multiple variants on surname searching
index sn eq,sub
# sub above includes subintial,subany,subfinal
# optimise department searches
index ou eq
# if searches will include objectClass uncomment following
# index objectClass eq
# shows use of default index parameter
index default eq,sub
# indices missing - uses default eq,sub
index telephonenumber

# other database parameters
# read more in slapd.conf reference section
cachesize 10000
checkpoint 128 15
 

第四步, 配置ldif

   首先解释一下LDAP中cn、ou、dc等词。 DC (Domain Component), OU (Organizational Unit) , CN (Common Name). 下面的脚本CN OU DC 各创建了一个。

example.ldif
## DEFINE DIT ROOT/BASE/SUFFIX ####
## uses RFC 2377 format
## replace example and com as necessary below
## or for experimentation leave as is

## dcObject is an AUXILLIARY objectclass and MUST
## have a STRUCTURAL objectclass (organization in this case)
# this is an ENTRY sequence and is preceded by a BLANK line
# 创建一个dc
dn: dc=example,dc=com
dc: example
description: My wonderful company as much text as you want to place
in this line up to 32K continuation data for the line above must
have <CR> or <CR><LF> i.e. ENTER works
on both Windows and *nix system - new line MUST begin with ONE SPACE
objectClass: dcObject
objectClass: organization
o: example, Inc.

## FIRST Level hierarchy - people
## uses mixed upper and lower case for objectclass
# this is an ENTRY sequence and is preceded by a BLANK line
# 创建一个ou
dn: ou=users, dc=example,dc=com
ou: users
description: All people in organisation
objectclass: organizationalunit

## 创建一个用户
dn: cn=QA5,ou=users,dc=example,dc=com
changetype: add
userPassword: a
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
sn: qa5
cn: QA5

## 删除一个用户
dn: cn=QA3,ou=users,dc=example,dc=com
changetype: delete

 

      如果只添加新用户,ldif文件如下:

example-2.ldif 写道
## 创建用户
dn: cn=QA1,ou=users,dc=example,dc=com
changetype: add
userPassword: a
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
sn: qa1
cn: QA1

dn: cn=QA2,ou=users,dc=example,dc=com
changetype: add
userPassword: a
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
sn: qa2
cn: QA2

dn: cn=QA3,ou=users,dc=example,dc=com
changetype: add
userPassword: a
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
sn: qa3
cn: QA3

 

第五步, 导入ldif脚本

     首先需要启动OpenLDAP Service. 成功启动后再命令行中执行以下命令:

cd C:\Program Files\OpenLDAP
C:\Program Files\OpenLDAP>ldapadd -x -D "cn=admin, dc=example, dc=com" -f c:\temp\example.ldif -w user@XX2

 

创建用户
C:\Program Files\OpenLDAP>ldapadd -x -D "cn=admin, dc=example, dc=com" -f c:\temp\example-2.ldif -w user@XX2
adding new entry "cn=QA1,ou=users,dc=example,dc=com"
adding new entry "cn=QA2,ou=users,dc=example,dc=com"
adding new entry "cn=QA3,ou=users,dc=example,dc=com"
 

 

最后,LDAP的数据如下:


 

 

  • 大小: 68.3 KB
分享到:
| Deploy WAR Application in Websphere 6.1
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics