Context Navigation

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY openldap-download-http "http://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz">
+<!ENTITY openldap-download-ftp "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz">
+<!ENTITY openldap-size "2.0 MB">
+<!ENTITY openldap-buildsize "116 MB">
+<!ENTITY openldap-time "7.52 SBU">
+]>
 <sect1 id="openldap" xreflabel="OpenLDAP-&openldap-version;">
 <?dbhtml filename="openldap.html"?>
 <title>Open<acronym>LDAP</acronym>-&openldap-version;</title>
+&openldap-intro;
+&openldap-inst;
+&openldap-exp;
+&openldap-config;
+&openldap-desc;
+<sect2>
+<title>Introduction to <application>Open<acronym>LDAP</acronym></application></title>
+<para>The <application>Open<acronym>LDAP</acronym></application> package
+provides an open source implementation of the Lightweight Directory
+Access Protocol.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&openldap-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&openldap-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &openldap-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &openldap-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &openldap-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Open<acronym>LDAP</acronym></application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="db"/>
+</para></sect4>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="openssl"/>,
+<xref linkend="gdbm"/>,
+<xref linkend="tcpwrappers"/>,
+<xref linkend="readline"/>,
+<xref linkend="heimdal"/> or
+<xref linkend="mitkrb"/>,  and
+<ulink url="http://asg.web.cmu.edu/sasl/">Cyrus SASL</ulink>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Open<acronym>LDAP</acronym></application></title>
+<para>Install <application>Open<acronym>LDAP</acronym></application> by
+running the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/sbin \
+    --sysconfdir=/etc --localstatedir=/var/lib \
+    --disable-debug --enable-ldbm &amp;&amp;
+make depend &amp;&amp;
+make &amp;&amp;
+make test &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration file directory to
+avoid the default of <filename class="directory">/usr/etc</filename>.</para>
+<para><parameter>--libexecdir=/usr/sbin</parameter>: Puts the server executables in
+<filename class="directory">/usr/sbin</filename> instead of <filename
+class="directory">/usr/libexec</filename>.</para>
+<para><option>--enable-ldbm</option>: Build <command>slapd</command>
+with primary database back end using either <application>Berkeley
+DB</application> or
+<application><acronym>GNU</acronym> Database Manager</application>.</para>
+<para><option>--disable-debug</option>: Disable debugging code.</para>
+<para><command>make test</command>: Validate correct build of the package.</para>
+</sect2>
+<sect2>
+<title>Configuring Open<acronym>LDAP</acronym></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/openldap/*</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>The only configuration needed for
+<application>Open<acronym>LDAP</acronym></application> is
+to run <command>ldconfig</command>. The <acronym>LDAP</acronym> server
+can be started by <command>/usr/sbin/slapd</command> as described in
+the man page slapd(8). You can verify that <acronym>LDAP</acronym> is
+running with <command>ps aux</command> and you can verify access to the
+<acronym>LDAP</acronym> server with the following command:</para>
+<screen><userinput><command>ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts</command></userinput></screen>
+<para>The correct result is:</para>
+<screen><computeroutput># extended LDIF
+#
+# LDAPv3
+# base &lt;&gt; with scope base
+# filter: (objectclass=*)
+# requesting: namingContexts
+#
+#
+dn:
+namingContexts: dc=my-domain,dc=com
+# search result
+search: 2
+result: 0 Success
+# numResponses: 2
+# numEntries: 1</computeroutput></screen>
+<para>Kill the server with this command:</para>
+<screen><userinput><command>kill -INT `cat /var/lib/slapd.pid`</command></userinput></screen>
+<para>You are now ready to modify the
+<filename>/etc/openldap/slapd.conf</filename> to be specific to your
+installation.</para>
+<para><emphasis>Utilizing <application>GDBM</application></emphasis></para>
+<para>To utilize <application>GDBM</application> as the database
+backend, the "database" entry in <filename>/etc/openldap/slapd.conf</filename>
+must be changed from "bdb" to "ldbm".  You can use both by creating an
+additional database section in <filename>/etc/openldap/slapd.conf</filename>.</para>
+<para><emphasis>Securing your <acronym>LDAP</acronym> server</emphasis></para>
+<para>Significant configuration is needed for
+<application>Open<acronym>LDAP</acronym></application> to utilize
+security features.  The <ulink
+url="http://www.openldap.org/doc/admin21/">OpenLDAP 2.1 Administrator's
+Guide</ulink> is a good place to start for access control settings,
+running as a user other than root and setting a chroot environment.</para>
+<para><emphasis>User Tools</emphasis></para>
+<para>Data can be added to the <acronym>LDAP</acronym> database via
+<command>ldapadd</command>. There are other programs that can use
+the database. For more information see the appropriate man page.</para>
+<para><emphasis><application>Mozilla</application> Address Directory</emphasis></para>
+<para>By default, LDAPv2 support is disabled in the
+<filename>slapd.conf</filename> file. Once the database is properly
+setup and <application>Mozilla</application> is configured to use the
+directory, you must add <option>allow bind_v2</option> to the
+<filename>slapd.conf</filename> file.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The Open<acronym><acronym>LDAP</acronym></acronym> package contains
+<command>ldapadd</command>,
+<command>ldapcompare</command>,
+<command>ldapdelete</command>,
+<command>ldapmodify</command>,
+<command>ldapmodrdn</command>,
+<command>ldappasswd</command>,
+<command>ldapsearch</command>,
+<command>ldapwhoami</command>,
+<command>slapadd</command>,
+<command>slapcat</command>,
+<command>slapd</command>,
+<command>slapindex</command>,
+<command>slappasswd</command>,
+<command>slurpd</command>,
+<filename class="libraryfile">liblber</filename> and
+<filename class="libraryfile">libldap</filename>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>ldapadd</title>
+<para><command>ldapadd</command> opens a connection to an <acronym>LDAP</acronym> server,
+binds and adds entries.</para></sect3>
+<sect3><title>ldapcompare</title>
+<para><command>ldapcompare</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and performs a compare using specified
+parameters.</para></sect3>
+<sect3><title>ldapdelete</title>
+<para><command>ldapdelete</command> opens a connection to an <acronym>LDAP</acronym> server,
+binds and deletes one or more entries.</para></sect3>
+<sect3><title>ldapmodify</title>
+<para><command>ldapmodify</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and modifies entries.</para></sect3>
+<sect3><title>ldapmodrdn</title>
+<para><command>ldapmodrdn</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and modifies the <acronym>RDN</acronym> of
+entries.</para></sect3>
+<sect3><title>ldappasswd</title>
+<para><command>ldappasswd</command> is a tool to set the password of an
+<acronym>LDAP</acronym> user.</para></sect3>
+<sect3><title>ldapsearch</title>
+<para><command>ldapsearch</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and performs a search using specified
+parameters.</para></sect3>
+<sect3><title>ldapwhoami</title>
+<para><command>ldapwhoami</command> open a connection to an <acronym>LDAP</acronym> server,
+binds and performs a whoami operation.</para></sect3>
+<sect3><title>slapadd</title>
+<para><command>slapadd</command> is used to add entries specified in
+<acronym>LDAP</acronym> Directory Interchange Format (<acronym>LDIF</acronym>) to a
+slapd database.</para></sect3>
+<sect3><title>slapcat</title>
+<para><command>slapcat</command> is used to generate an <acronym>LDAP</acronym>
+<acronym>LDIF</acronym> output
+based upon the contents of a slapd database.</para></sect3>
+<sect3><title>slapd</title>
+<para><command>slapd</command> is the stand-alone <acronym>LDAP</acronym> server.</para></sect3>
+<sect3><title>slapindex</title>
+<para><command>slapindex</command> is used to regenerate slapd
+indices based upon the current contents of a database.</para></sect3>
+<sect3><title>slappasswd</title>
+<para><command>slappasswd</command> is an Open<acronym>LDAP</acronym> password
+utility.</para></sect3>
+<sect3><title>slurpd</title>
+<para><command>slurpd</command> is the stand-alone
+<acronym>LDAP</acronym> replication server.</para></sect3>
+<sect3><title>liblber and libldap</title>
+<para>These libraries support the <acronym>LDAP</acronym> programs and provide functionality for
+other programs interacting with <acronym>LDAP</acronym>.</para></sect3>
+</sect2>
 </sect1>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 0931098 for server/other/openldap.xml

Legend:

server/other/openldap.xml

Download in other formats: