Changeset c9ae3a5c
- Timestamp:
- 08/06/2004 05:17:43 AM (20 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 5f102cb2
- Parents:
- 926645ee
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
general.ent
r926645ee rc9ae3a5c 1 <!ENTITY day "0 5">1 <!ENTITY day "06"> 2 2 <!ENTITY month "08"> 3 3 <!ENTITY year "2004"> … … 203 203 <!-- openssh (chapter 18) --> 204 204 <!-- rsync (chaptet 18) --> 205 <!ENTITY openldap-version "2. 1.30">205 <!ENTITY openldap-version "2.2.13"> 206 206 <!ENTITY samba3-version "3.0.4"> 207 207 <!ENTITY xinetd-version "2.3.13"> -
introduction/welcome/changelog.xml
r926645ee rc9ae3a5c 19 19 <itemizedlist> 20 20 21 <listitem><para>August 5th, 2004 [randy]: Updated to 22 OpenLDAP-2.2.13.</para></listitem> 23 21 24 <listitem><para>August 5th, 2004 [igor]: Updated to 22 25 Firefox-0.9.3.</para></listitem> -
server/other/openldap.xml
r926645ee rc9ae3a5c 5 5 %general-entities; 6 6 7 <!ENTITY openldap-download-http "http://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz"> 8 <!ENTITY openldap-download-ftp "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz"> 9 <!ENTITY openldap-size "2.0 MB"> 10 <!ENTITY openldap-buildsize "116 MB"> 11 <!ENTITY openldap-time "7.52 SBU"> 12 7 <!ENTITY openldap-download-http "http://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-stable/openldap-stable-20040614.tgz"> 8 <!ENTITY openldap-download-ftp "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-stable/openldap-stable-20040614.tgz"> 9 <!ENTITY openldap-size "2.6 MB"> 10 <!ENTITY openldap-buildsize "70 MB"> 11 <!ENTITY openldap-time "6.02 SBU"> 13 12 ]> 14 13 15 14 <sect1 id="openldap" xreflabel="OpenLDAP-&openldap-version;"> 16 15 <?dbhtml filename="openldap.html"?> 17 <title>Open<acronym>LDAP</acronym>-&openldap-version;</title> 18 19 <sect2> 20 <title>Introduction to <application>Open<acronym>LDAP</acronym></application></title> 16 <title><application>Open<acronym>LDAP</acronym></application>-&openldap-version; 17 </title> 18 19 <sect2> 20 <title>Introduction to <application>Open<acronym>LDAP</acronym></application> 21 </title> 21 22 22 23 <para>The <application>Open<acronym>LDAP</acronym></application> package … … 33 34 </sect3> 34 35 35 <sect3><title><application>Open<acronym>LDAP</acronym></application> dependencies</title> 36 <sect3><title><application>Open<acronym>LDAP</acronym></application> 37 dependencies</title> 36 38 <sect4><title>Required</title> 37 39 <para><xref linkend="db"/> 38 40 </para></sect4> 41 <sect4><title>Recommended</title> 42 <para><xref linkend="cyrus-sasl"/> and <xref linkend="openssl"/> 43 </para></sect4> 39 44 <sect4><title>Optional</title> 40 45 <para> 41 <xref linkend="openssl"/>, 42 <xref linkend="gdbm"/>, 43 <xref linkend="tcpwrappers"/>, 44 <xref linkend="cyrus-sasl"/> and 46 <xref linkend="tcpwrappers"/>, 47 <xref linkend="gdbm"/>, 48 <ulink url="http://www.gnu.org/software/pth/">GNU Pth</ulink>, and 45 49 <xref linkend="heimdal"/> or 46 50 <xref linkend="mitkrb"/> … … 51 55 52 56 <sect2> 53 <title>Installation of <application>Open<acronym>LDAP</acronym></application></title> 57 <title>Installation of <application>Open<acronym>LDAP</acronym></application> 58 </title> 54 59 55 60 <para>Install <application>Open<acronym>LDAP</acronym></application> by … … 57 62 58 63 <screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/sbin \ 59 --sysconfdir=/etc --localstatedir=/ var/lib\60 -- disable-debug --enable-ldbm&&64 --sysconfdir=/etc --localstatedir=/srv/ldap \ 65 --enable-ldbm --disable-debug && 61 66 make depend && 62 67 make && 63 68 make test && 64 make install</command></userinput></screen> 69 make install && 70 chmod 755 /usr/lib/libl*-2.2.so.7.0.6</command></userinput></screen> 65 71 66 72 </sect2> … … 69 75 <title>Command explanations</title> 70 76 71 <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration file directory to 72 avoid the default of <filename class="directory">/usr/etc</filename>.</para> 73 74 <para><parameter>--libexecdir=/usr/sbin</parameter>: Puts the server executables in 75 <filename class="directory">/usr/sbin</filename> instead of <filename 76 class="directory">/usr/libexec</filename>.</para> 77 <para><parameter>--libexecdir=/usr/sbin</parameter>: Puts the server 78 executables in <filename class="directory">/usr/sbin</filename> instead of 79 <filename class="directory">/usr/libexec</filename>.</para> 80 81 <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration file 82 directory to avoid the default of 83 <filename class="directory">/usr/etc</filename>.</para> 84 85 <para><parameter>--localstatedir=/srv/ldap</parameter>: Sets the directory 86 to use for the <acronym>LDAP</acronym> directory database, replication logs and 87 run-time variable data.</para> 77 88 78 89 <para><option>--enable-ldbm</option>: Build <command>slapd</command> 79 90 with primary database back end using either <application>Berkeley 80 DB</application> or 81 <application><acronym>GNU</acronym> Database Manager</application>.</para> 82 83 <para><option>--disable-debug</option>: Disable debugging code.</para> 84 85 <para><command>make test</command>: Validate correct build of the package.</para> 86 87 </sect2> 88 89 <sect2> 90 <title>Configuring Open<acronym>LDAP</acronym></title> 91 DB</application> or <application><acronym>GNU</acronym> Database 92 Manager</application>.</para> 93 94 <para><option>--disable-debug</option>: Disable debugging code.</para> 95 96 <para><command>make test</command>: Validate correct build of the package. If 97 you've enabled <application>tcp_wrappers</application>, ensure you add 98 127.0.0.1 to your <filename>/etc/hosts.allow</filename> file if you have a 99 restrictive <filename>/etc/hosts.deny</filename> file.</para> 100 101 <para><command>chmod 755 /usr/lib/libl*-2.2.so.7.0.6</command>: This command 102 adds the executable bit to the shared libraries.</para> 103 104 </sect2> 105 106 <sect2> 107 <title>Configuring <application>Open<acronym>LDAP</acronym></application> 108 </title> 91 109 92 110 <sect3><title>Config files</title> … … 95 113 96 114 <sect3><title>Configuration Information</title> 97 98 <para>The only configuration needed for 99 <application>Open<acronym>LDAP</acronym></application> is 100 to run <command>ldconfig</command>. The <acronym>LDAP</acronym> server 101 can be started by <command>/usr/sbin/slapd</command> as described in 102 the man page slapd(8). You can verify that <acronym>LDAP</acronym> is 103 running with <command>ps aux</command> and you can verify access to the 104 <acronym>LDAP</acronym> server with the following command:</para> 115 <para>Configuring the <command>slapd</command> and <command>slurpd</command> 116 servers can be complex. Securing the <acronym>LDAP</acronym> directory, 117 especially if you are storing non-public data such as password databases, 118 can also be a challenging task. You'll need to modify the 119 <filename>/etc/openldap/slapd.conf</filename> and 120 <filename>/etc/openldap/ldap.conf</filename> files to set up 121 <application>Open<acronym>LDAP</acronym></application> for your particular 122 needs.</para> 123 124 <para>Resources to assist you with topics such as choosing a directory 125 configuration, backend and database definitions, access control settings, 126 running as a user other than root and setting a <command>chroot</command> 127 environment include: 128 </para> 129 130 <itemizedlist spacing='compact'> 131 <listitem><para>The <command>slapd</command> man page</para></listitem> 132 <listitem><para>The <filename>slapd.conf</filename> man page</para></listitem> 133 <listitem><para>The <ulink 134 url="http://www.openldap.org/doc/admin22/">OpenLDAP 2.2 Administrator's 135 Guide</ulink></para></listitem> 136 <listitem><para>Documents located at 137 <ulink url="http://www.openldap.org/pub/"/></para></listitem> 138 </itemizedlist></sect3> 139 140 <sect3><title>Utilizing <application>GDBM</application></title> 141 <para>To utilize <application>GDBM</application> as the database 142 backend, the <quote>database</quote> entry in 143 <filename>/etc/openldap/slapd.conf</filename> must be changed from 144 <quote>bdb</quote> to <quote>ldbm</quote>. You can use both by creating an 145 additional database section in <filename>/etc/openldap/slapd.conf</filename>. 146 </para></sect3> 147 148 <sect3><title><application>Mozilla</application> Address Directory</title> 149 <para>By default, <acronym>LDAP</acronym>v2 support is disabled in the 150 <filename>slapd.conf</filename> file. Once the database is properly 151 set up and <application>Mozilla</application> is configured to use the 152 directory, you must add <option>allow bind_v2</option> to the 153 <filename>slapd.conf</filename> file.</para></sect3> 154 155 <sect3><title>Init Script</title> 156 <para>To automate the startup of the <acronym>LDAP</acronym> server at system 157 bootup, install the <filename>/etc/rc.d/init.d/openldap</filename> init script 158 included in the <xref linkend="intro-important-bootscripts"/> package using the 159 following command:</para> 160 161 <screen><userinput><command>make install-openldap1</command></userinput></screen> 162 163 <para><emphasis>Note:</emphasis> The init script you just installed only starts 164 the <command>slapd</command> daemon. If you wish to also start the 165 <command>slurpd</command> daemon at system startup, install a modified version 166 of the script using this command:</para> 167 168 <screen><userinput><command>make install-openldap2</command></userinput></screen> 169 </sect3> 170 171 <sect3><title>Testing the Configuration</title> 172 <para>Start the <acronym>LDAP</acronym> server using the init script:</para> 173 174 <screen><userinput><command>/etc/rc.d/init.d/openldap start</command></userinput></screen> 175 176 <para>Verify access to the <acronym>LDAP</acronym> server with the following 177 command:</para> 178 105 179 <screen><userinput><command>ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts</command></userinput></screen> 106 180 107 <para>The correctresult is:</para>181 <para>The expected result is:</para> 108 182 <screen><computeroutput># extended LDIF 109 183 # … … 125 199 # numEntries: 1</computeroutput></screen> 126 200 127 <para>Kill the server with this command:</para> 128 <screen><userinput><command>kill -INT `cat /var/lib/slapd.pid`</command></userinput></screen> 129 130 <para>You are now ready to modify the 131 <filename>/etc/openldap/slapd.conf</filename> to be specific to your 132 installation.</para> 133 134 <para><emphasis>Utilizing <application>GDBM</application></emphasis></para> 135 136 <para>To utilize <application>GDBM</application> as the database 137 backend, the "database" entry in <filename>/etc/openldap/slapd.conf</filename> 138 must be changed from "bdb" to "ldbm". You can use both by creating an 139 additional database section in <filename>/etc/openldap/slapd.conf</filename>.</para> 140 141 <para><emphasis>Securing your <acronym>LDAP</acronym> server</emphasis></para> 142 143 <para>Significant configuration is needed for 144 <application>Open<acronym>LDAP</acronym></application> to utilize 145 security features. The <ulink 146 url="http://www.openldap.org/doc/admin21/">OpenLDAP 2.1 Administrator's 147 Guide</ulink> is a good place to start for access control settings, 148 running as a user other than root and setting a chroot environment.</para> 149 150 <para><emphasis>User Tools</emphasis></para> 151 152 <para>Data can be added to the <acronym>LDAP</acronym> database via 153 <command>ldapadd</command>. There are other programs that can use 154 the database. For more information see the appropriate man page.</para> 155 156 <para><emphasis><application>Mozilla</application> Address Directory</emphasis></para> 157 158 <para>By default, LDAPv2 support is disabled in the 159 <filename>slapd.conf</filename> file. Once the database is properly 160 setup and <application>Mozilla</application> is configured to use the 161 directory, you must add <option>allow bind_v2</option> to the 162 <filename>slapd.conf</filename> file.</para> 163 164 165 </sect3> 166 201 </sect3> 167 202 </sect2> 168 203 … … 170 205 <title>Contents</title> 171 206 172 <para>The Open<acronym> <acronym>LDAP</acronym></acronym> package contains207 <para>The Open<acronym>LDAP</acronym> package contains 173 208 <command>ldapadd</command>, 174 209 <command>ldapcompare</command>, … … 182 217 <command>slapcat</command>, 183 218 <command>slapd</command>, 219 <command>slapdn</command>, 184 220 <command>slapindex</command>, 185 221 <command>slappasswd</command>, 222 <command>slaptest</command>, 186 223 <command>slurpd</command>, 187 <filename class="libraryfile">liblber</filename> and 188 <filename class="libraryfile">libldap</filename> .</para>224 <filename class="libraryfile">liblber</filename> and the 225 <filename class="libraryfile">libldap</filename> libraries.</para> 189 226 190 227 </sect2> … … 193 230 194 231 <sect3><title>ldapadd</title> 195 <para><command>ldapadd</command> opens a connection to an <acronym>LDAP</acronym> server,196 binds and adds entries.</para></sect3>232 <para><command>ldapadd</command> opens a connection to an 233 <acronym>LDAP</acronym> server, binds and adds entries.</para></sect3> 197 234 198 235 <sect3><title>ldapcompare</title> 199 <para><command>ldapcompare</command> opens a connection to an <acronym>LDAP</acronym>200 server, binds and performs a compare using specified236 <para><command>ldapcompare</command> opens a connection to an 237 <acronym>LDAP</acronym> server, binds and performs a compare using specified 201 238 parameters.</para></sect3> 202 239 203 240 <sect3><title>ldapdelete</title> 204 <para><command>ldapdelete</command> opens a connection to an <acronym>LDAP</acronym> server, 205 binds and deletes one or more entries.</para></sect3> 241 <para><command>ldapdelete</command> opens a connection to an 242 <acronym>LDAP</acronym> server, binds and deletes one or more entries.</para> 243 </sect3> 206 244 207 245 <sect3><title>ldapmodify</title> 208 <para><command>ldapmodify</command> opens a connection to an <acronym>LDAP</acronym>209 server, binds and modifies entries.</para></sect3>246 <para><command>ldapmodify</command> opens a connection to an 247 <acronym>LDAP</acronym> server, binds and modifies entries.</para></sect3> 210 248 211 249 <sect3><title>ldapmodrdn</title> 212 <para><command>ldapmodrdn</command> opens a connection to an <acronym>LDAP</acronym>213 server, binds and modifies the <acronym>RDN</acronym> of 214 entries.</para></sect3>250 <para><command>ldapmodrdn</command> opens a connection to an 251 <acronym>LDAP</acronym> server, binds and modifies the 252 <acronym>RDN</acronym> of entries.</para></sect3> 215 253 216 254 <sect3><title>ldappasswd</title> … … 219 257 220 258 <sect3><title>ldapsearch</title> 221 <para><command>ldapsearch</command> opens a connection to an <acronym>LDAP</acronym>222 server, binds and performs a search using specified259 <para><command>ldapsearch</command> opens a connection to an 260 <acronym>LDAP</acronym> server, binds and performs a search using specified 223 261 parameters.</para></sect3> 224 262 225 263 <sect3><title>ldapwhoami</title> 226 <para><command>ldapwhoami</command> open a connection to an <acronym>LDAP</acronym> server, 227 binds and performs a whoami operation.</para></sect3> 264 <para><command>ldapwhoami</command> opens a connection to an 265 <acronym>LDAP</acronym> server, binds and displays whoami information.</para> 266 </sect3> 228 267 229 268 <sect3><title>slapadd</title> 230 269 <para><command>slapadd</command> is used to add entries specified in 231 <acronym>LDAP</acronym> Directory Interchange Format (<acronym>LDIF</acronym>) to a232 slapddatabase.</para></sect3>270 <acronym>LDAP</acronym> Directory Interchange Format (<acronym>LDIF</acronym>) 271 to an <acronym>LDAP</acronym> database.</para></sect3> 233 272 234 273 <sect3><title>slapcat</title> … … 238 277 239 278 <sect3><title>slapd</title> 240 <para><command>slapd</command> is the stand-alone <acronym>LDAP</acronym> server.</para></sect3> 279 <para><command>slapd</command> is the stand-alone <acronym>LDAP</acronym> 280 server.</para></sect3> 281 282 <sect3><title>slapdn</title> 283 <para><command>slapdn</command> checks a list of string-represented 284 <acronym>DN</acronym>s based on schema syntax.</para></sect3> 241 285 242 286 <sect3><title>slapindex</title> … … 248 292 utility.</para></sect3> 249 293 294 <sect3><title>slaptest</title> 295 <para><command>slaptest</command> checks the sanity of the 296 <filename>slapd.conf</filename> file.</para></sect3> 297 250 298 <sect3><title>slurpd</title> 251 299 <para><command>slurpd</command> is the stand-alone … … 253 301 254 302 <sect3><title>liblber and libldap</title> 255 <para>These libraries support the <acronym>LDAP</acronym> programs and provide functionality for 256 other programs interacting with <acronym>LDAP</acronym>.</para></sect3> 303 <para>These libraries support the <acronym>LDAP</acronym> programs and provide 304 functionality for other programs interacting with <acronym>LDAP</acronym>. 305 </para></sect3> 257 306 258 307 </sect2>
Note:
See TracChangeset
for help on using the changeset viewer.