Changeset 0931098 for server/other/openldap.xml
- Timestamp:
- 06/13/2004 05:38:30 AM (20 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 60384c68
- Parents:
- 08254fc
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
server/other/openldap.xml
r08254fc r0931098 1 <?xml version="1.0" encoding="ISO-8859-1"?> 2 <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" 3 "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [ 4 <!ENTITY % general-entities SYSTEM "../../general.ent"> 5 %general-entities; 6 7 <!ENTITY openldap-download-http "http://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz"> 8 <!ENTITY openldap-download-ftp "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz"> 9 <!ENTITY openldap-size "2.0 MB"> 10 <!ENTITY openldap-buildsize "116 MB"> 11 <!ENTITY openldap-time "7.52 SBU"> 12 13 ]> 14 1 15 <sect1 id="openldap" xreflabel="OpenLDAP-&openldap-version;"> 2 16 <?dbhtml filename="openldap.html"?> 3 17 <title>Open<acronym>LDAP</acronym>-&openldap-version;</title> 4 18 5 &openldap-intro; 6 &openldap-inst; 7 &openldap-exp; 8 &openldap-config; 9 &openldap-desc; 19 <sect2> 20 <title>Introduction to <application>Open<acronym>LDAP</acronym></application></title> 21 22 <para>The <application>Open<acronym>LDAP</acronym></application> package 23 provides an open source implementation of the Lightweight Directory 24 Access Protocol.</para> 25 26 <sect3><title>Package information</title> 27 <itemizedlist spacing='compact'> 28 <listitem><para>Download (HTTP): <ulink url="&openldap-download-http;"/></para></listitem> 29 <listitem><para>Download (FTP): <ulink url="&openldap-download-ftp;"/></para></listitem> 30 <listitem><para>Download size: &openldap-size;</para></listitem> 31 <listitem><para>Estimated Disk space required: &openldap-buildsize;</para></listitem> 32 <listitem><para>Estimated build time: &openldap-time;</para></listitem></itemizedlist> 33 </sect3> 34 35 <sect3><title><application>Open<acronym>LDAP</acronym></application> dependencies</title> 36 <sect4><title>Required</title> 37 <para><xref linkend="db"/> 38 </para></sect4> 39 <sect4><title>Optional</title> 40 <para> 41 <xref linkend="openssl"/>, 42 <xref linkend="gdbm"/>, 43 <xref linkend="tcpwrappers"/>, 44 <xref linkend="readline"/>, 45 <xref linkend="heimdal"/> or 46 <xref linkend="mitkrb"/>, and 47 <ulink url="http://asg.web.cmu.edu/sasl/">Cyrus SASL</ulink> 48 </para></sect4> 49 </sect3> 50 51 </sect2> 52 53 <sect2> 54 <title>Installation of <application>Open<acronym>LDAP</acronym></application></title> 55 56 <para>Install <application>Open<acronym>LDAP</acronym></application> by 57 running the following commands:</para> 58 59 <screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/sbin \ 60 --sysconfdir=/etc --localstatedir=/var/lib \ 61 --disable-debug --enable-ldbm && 62 make depend && 63 make && 64 make test && 65 make install</command></userinput></screen> 66 67 </sect2> 68 69 <sect2> 70 <title>Command explanations</title> 71 72 <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration file directory to 73 avoid the default of <filename class="directory">/usr/etc</filename>.</para> 74 75 <para><parameter>--libexecdir=/usr/sbin</parameter>: Puts the server executables in 76 <filename class="directory">/usr/sbin</filename> instead of <filename 77 class="directory">/usr/libexec</filename>.</para> 78 79 <para><option>--enable-ldbm</option>: Build <command>slapd</command> 80 with primary database back end using either <application>Berkeley 81 DB</application> or 82 <application><acronym>GNU</acronym> Database Manager</application>.</para> 83 84 <para><option>--disable-debug</option>: Disable debugging code.</para> 85 86 <para><command>make test</command>: Validate correct build of the package.</para> 87 88 </sect2> 89 90 <sect2> 91 <title>Configuring Open<acronym>LDAP</acronym></title> 92 93 <sect3><title>Config files</title> 94 <para><filename>/etc/openldap/*</filename></para> 95 </sect3> 96 97 <sect3><title>Configuration Information</title> 98 99 <para>The only configuration needed for 100 <application>Open<acronym>LDAP</acronym></application> is 101 to run <command>ldconfig</command>. The <acronym>LDAP</acronym> server 102 can be started by <command>/usr/sbin/slapd</command> as described in 103 the man page slapd(8). You can verify that <acronym>LDAP</acronym> is 104 running with <command>ps aux</command> and you can verify access to the 105 <acronym>LDAP</acronym> server with the following command:</para> 106 <screen><userinput><command>ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts</command></userinput></screen> 107 108 <para>The correct result is:</para> 109 <screen><computeroutput># extended LDIF 110 # 111 # LDAPv3 112 # base <> with scope base 113 # filter: (objectclass=*) 114 # requesting: namingContexts 115 # 116 117 # 118 dn: 119 namingContexts: dc=my-domain,dc=com 120 121 # search result 122 search: 2 123 result: 0 Success 124 125 # numResponses: 2 126 # numEntries: 1</computeroutput></screen> 127 128 <para>Kill the server with this command:</para> 129 <screen><userinput><command>kill -INT `cat /var/lib/slapd.pid`</command></userinput></screen> 130 131 <para>You are now ready to modify the 132 <filename>/etc/openldap/slapd.conf</filename> to be specific to your 133 installation.</para> 134 135 <para><emphasis>Utilizing <application>GDBM</application></emphasis></para> 136 137 <para>To utilize <application>GDBM</application> as the database 138 backend, the "database" entry in <filename>/etc/openldap/slapd.conf</filename> 139 must be changed from "bdb" to "ldbm". You can use both by creating an 140 additional database section in <filename>/etc/openldap/slapd.conf</filename>.</para> 141 142 <para><emphasis>Securing your <acronym>LDAP</acronym> server</emphasis></para> 143 144 <para>Significant configuration is needed for 145 <application>Open<acronym>LDAP</acronym></application> to utilize 146 security features. The <ulink 147 url="http://www.openldap.org/doc/admin21/">OpenLDAP 2.1 Administrator's 148 Guide</ulink> is a good place to start for access control settings, 149 running as a user other than root and setting a chroot environment.</para> 150 151 <para><emphasis>User Tools</emphasis></para> 152 153 <para>Data can be added to the <acronym>LDAP</acronym> database via 154 <command>ldapadd</command>. There are other programs that can use 155 the database. For more information see the appropriate man page.</para> 156 157 <para><emphasis><application>Mozilla</application> Address Directory</emphasis></para> 158 159 <para>By default, LDAPv2 support is disabled in the 160 <filename>slapd.conf</filename> file. Once the database is properly 161 setup and <application>Mozilla</application> is configured to use the 162 directory, you must add <option>allow bind_v2</option> to the 163 <filename>slapd.conf</filename> file.</para> 164 165 166 </sect3> 167 168 </sect2> 169 170 <sect2> 171 <title>Contents</title> 172 173 <para>The Open<acronym><acronym>LDAP</acronym></acronym> package contains 174 <command>ldapadd</command>, 175 <command>ldapcompare</command>, 176 <command>ldapdelete</command>, 177 <command>ldapmodify</command>, 178 <command>ldapmodrdn</command>, 179 <command>ldappasswd</command>, 180 <command>ldapsearch</command>, 181 <command>ldapwhoami</command>, 182 <command>slapadd</command>, 183 <command>slapcat</command>, 184 <command>slapd</command>, 185 <command>slapindex</command>, 186 <command>slappasswd</command>, 187 <command>slurpd</command>, 188 <filename class="libraryfile">liblber</filename> and 189 <filename class="libraryfile">libldap</filename>.</para> 190 191 </sect2> 192 193 <sect2><title>Description</title> 194 195 <sect3><title>ldapadd</title> 196 <para><command>ldapadd</command> opens a connection to an <acronym>LDAP</acronym> server, 197 binds and adds entries.</para></sect3> 198 199 <sect3><title>ldapcompare</title> 200 <para><command>ldapcompare</command> opens a connection to an <acronym>LDAP</acronym> 201 server, binds and performs a compare using specified 202 parameters.</para></sect3> 203 204 <sect3><title>ldapdelete</title> 205 <para><command>ldapdelete</command> opens a connection to an <acronym>LDAP</acronym> server, 206 binds and deletes one or more entries.</para></sect3> 207 208 <sect3><title>ldapmodify</title> 209 <para><command>ldapmodify</command> opens a connection to an <acronym>LDAP</acronym> 210 server, binds and modifies entries.</para></sect3> 211 212 <sect3><title>ldapmodrdn</title> 213 <para><command>ldapmodrdn</command> opens a connection to an <acronym>LDAP</acronym> 214 server, binds and modifies the <acronym>RDN</acronym> of 215 entries.</para></sect3> 216 217 <sect3><title>ldappasswd</title> 218 <para><command>ldappasswd</command> is a tool to set the password of an 219 <acronym>LDAP</acronym> user.</para></sect3> 220 221 <sect3><title>ldapsearch</title> 222 <para><command>ldapsearch</command> opens a connection to an <acronym>LDAP</acronym> 223 server, binds and performs a search using specified 224 parameters.</para></sect3> 225 226 <sect3><title>ldapwhoami</title> 227 <para><command>ldapwhoami</command> open a connection to an <acronym>LDAP</acronym> server, 228 binds and performs a whoami operation.</para></sect3> 229 230 <sect3><title>slapadd</title> 231 <para><command>slapadd</command> is used to add entries specified in 232 <acronym>LDAP</acronym> Directory Interchange Format (<acronym>LDIF</acronym>) to a 233 slapd database.</para></sect3> 234 235 <sect3><title>slapcat</title> 236 <para><command>slapcat</command> is used to generate an <acronym>LDAP</acronym> 237 <acronym>LDIF</acronym> output 238 based upon the contents of a slapd database.</para></sect3> 239 240 <sect3><title>slapd</title> 241 <para><command>slapd</command> is the stand-alone <acronym>LDAP</acronym> server.</para></sect3> 242 243 <sect3><title>slapindex</title> 244 <para><command>slapindex</command> is used to regenerate slapd 245 indices based upon the current contents of a database.</para></sect3> 246 247 <sect3><title>slappasswd</title> 248 <para><command>slappasswd</command> is an Open<acronym>LDAP</acronym> password 249 utility.</para></sect3> 250 251 <sect3><title>slurpd</title> 252 <para><command>slurpd</command> is the stand-alone 253 <acronym>LDAP</acronym> replication server.</para></sect3> 254 255 <sect3><title>liblber and libldap</title> 256 <para>These libraries support the <acronym>LDAP</acronym> programs and provide functionality for 257 other programs interacting with <acronym>LDAP</acronym>.</para></sect3> 258 259 </sect2> 10 260 11 261 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.