source: server/other/openldap/openldap-config.xml@ 44a3b4f

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.0 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb v5_0 v5_1 v5_1-pre1 xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 44a3b4f was 44a3b4f, checked in by Larry Lawrence <larry@…>, 21 years ago

openldap config and bill's patch

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1440 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 2.8 KB
Line 
1<sect2>
2<title>Configuring Open<acronym>LDAP</acronym></title>
3
4<sect3><title>Config files</title>
5<para><filename>/etc/openldap/*</filename></para>
6</sect3>
7
8<sect3><title>Configuration Information</title>
9
10<para>The only configuration needed for
11<application>Open<acronym>LDAP</acronym></application> is
12to run <command>ldconfig</command>. The <acronym>LDAP</acronym> server
13can be started by <command>/usr/sbin/slapd</command> as described in
14the man page slapd(8). You can verify that <acronym>LDAP</acronym> is
15running with <command>ps aux</command> and you can verify access to the
16<acronym>LDAP</acronym> server with the following command:</para>
17<screen><userinput><command>ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts</command></userinput></screen>
18
19<para>The correct result is:</para>
20<screen><computeroutput># extended LDIF
21#
22# LDAPv3
23# base <> with scope base
24# filter: (objectclass=*)
25# requesting: namingContexts
26#
27
28#
29dn:
30namingContexts: dc=my-domain,dc=com
31
32# search result
33search: 2
34result: 0 Success
35
36# numResponses: 2
37# numEntries: 1</computeroutput></screen>
38
39<para>Kill the server with this command:</para>
40<screen><userinput><command>kill -INT `cat /var/lib/slapd.pid`</command></userinput></screen>
41
42<para>You are now ready to modify the
43<filename>/etc/openldap/slapd.conf</filename> to be specific to your
44installation.</para>
45
46<para><emphasis>Utilizing <application>GDBM</application></emphasis></para>
47
48<para>To utilize <application>GDBM</application> as the database
49backend, the "database" entry in <filename>/etc/openldap/slapd.conf</filename>
50must be changed from "bdb" to "ldbm". You can use both by creating an
51additional database section in <filename>/etc/openldap/slapd.conf</filename>.</para>
52
53<para><emphasis>Securing your <acronym>LDAP</acronym> server</emphasis></para>
54
55<para>Significant configuration is needed for
56<application>Open<acronym>LDAP</acronym></application> to utilized
57security features. The <ulink
58url="http://www.openldap.org/doc/admin21/">OpenLDAP 2.1 Administrator's
59Guide</ulink> is a good place to start for access control settings,
60running as a user other than root and setting a chroot environment.</para>
61
62<para><emphasis>User Tools</emphasis></para>
63
64<para>Data can be added to the <acronym>LDAP</acronym> database via
65<command>ldapadd</command>. There are other programs that can use
66the database. For more information see the appropriate man page.</para>
67
68<para><emphasis><application>Mozilla</application> Address Directory</emphasis></para>
69
70<para>By default, LDAPv2 support is disabled in the
71<filename>slapd.conf</filename> file. Once the database is properly
72setup and <application>Mozilla</application> is configured to use the
73directory, you must add <option>allow bind_v2</option> to the
74<filename>slapd.conf</filename> file.</para>
75
76
77</sect3>
78
79</sect2>
Note: See TracBrowser for help on using the repository browser.