|
2.2.30
Path: /usr/ports/net/openldap22-server
Info: Open source LDAP server implementation
Maint: delphij@FreeBSD.org
B-deps: db42-4.2.52_4 openldap-client-2.2.30
R-deps: db42-4.2.52_4 openldap-client-2.2.30
WWW: http://www.OpenLDAP.org/
Port: openldap-server-2.3.25
Path: /usr/ports/net/openldap23-server
Info: Open source LDAP server implementation
Maint: delphij@FreeBSD.org
B-deps: db43-4.3.29 libltdl-1.5.22 libtool-1.5.22_2 openldap-client-2.3.25
R-deps: db43-4.3.29 libltdl-1.5.22 openldap-client-2.3.25
WWW: http://www.OpenLDAP.org/
Port: openldap-server-2.4.2.a_1
Path: /usr/ports/net/openldap24-server
Info: Open source LDAP server implementation
Maint: delphij@FreeBSD.org
B-deps: db43-4.3.29 libltdl-1.5.22 libtool-1.5.22_2 openldap-client-2.4.2.a
R-deps: db43-4.3.29 libltdl-1.5.22 openldap-client-2.4.2.a
WWW: http://www.OpenLDAP.org/
spider#
spider# cd /usr/ports/net/openldap23-client/
spider# make install clean
spider# rehash
spider# cd /usr/ports/net/openldap23-server
spider# make config
---------------------------------------------------------------------¬
¦ Options for openldap-server 2.3.25 ¦
¦ -----------------------------------------------------------------¬ ¦
¦ ¦ [ ] SASL With (Cyrus) SASL2 support ¦ ¦
¦ ¦ [ ] PERL With Perl backend ¦ ¦
¦ ¦ [ ] SHELL With Shell backend (disables threading) ¦ ¦
¦ ¦ [ ] ODBC With SQL backend ¦ ¦
¦ ¦ [ ] SLP With SLPv2 (RFC 2608) support ¦ ¦
¦ ¦ [ ] SLAPI With Netscape SLAPI plugin API ¦ ¦
¦ ¦ [X] TCP_WRAPPERS With tcp wrapper support ¦ ¦
¦ ¦ [X] BDB With BerkeleyDB support ¦ ¦
¦ ¦ [ ] ACCESSLOG With In-Directory Access Logging overlay ¦ ¦
¦ ¦ [ ] AUDITLOG With Audit Logging overlay ¦ ¦
¦ ¦ [ ] DENYOP With Deny Operation overlay ¦ ¦
¦ ¦ [ ] DYNGROUP With Dynamic Group overlay ¦ ¦
¦ ¦ [ ] DYNLIST With Dynamic List overlay ¦ ¦
¦ ¦ [ ] LASTMOD With Last Modification overlay ¦ ¦
¦ ¦ [ ] PPOLICY With Password Policy overlay ¦ ¦
¦ ¦ [ ] PROXYCACHE With Proxy Cache overlay ¦ ¦
¦ ¦ [ ] REFINT With Referential Integrity overlay ¦ ¦
¦ ¦ [ ] RETCODE With Return Code testing overlay ¦ ¦
¦ ¦ [ ] RWM With Rewrite/Remap overlay ¦ ¦
¦ ¦ [ ] SYNCPROV With Syncrepl Provider overlay ¦ ¦
¦ ¦ [ ] TRANSLUCENT With Translucent Proxy overlay ¦ ¦
¦ ¦ [ ] UNIQUE With attribute Uniqueness overlay ¦ ¦
¦ ¦ [ ] VALSORT With Value Sorting overlay ¦ ¦
¦ ¦ [ ] ACI With per-object ACIs (experimental) ¦ ¦
¦ ¦ [X] DYNAMIC_BACKENDS Build dynamic backends ¦ ¦
¦ ¦ [X] SLURPD Build slurpd replication daemon ¦ ¦
+-L-----v(+)---------------------------------------------------------+
¦ [ OK ] Cancel ¦
L---------------------------------------------------------------------
Bunday holda men quyidagi variantlar bilan to'plandim: - TCP wrappers bilan yordam berish - Berkeley DB yordami bilan - Dinamik backendlarni qo'llab-quvvatlash bilan(ldbm va boshqalar.) - Jin replikatsiya slurpd qo'llab-quvvatlash bilan
Endi biz yig'amiz va o'rnatamiz:
spider# make install clean
... skipped ...
spider# rehash
spider#
Serverni o'rnatish tugadi, endi uning sozlamalariga o'ting. Slapd sozlamalari. Slapd serverining asosiy konfiguratsiya fayli quyidagi manzilda joylashgan:/usr/local/etc/openldap / slapd.conf. Uni tahrir qilamiz:
# Подключаем схемы, основная схема -- core.schema, она обязательна!!
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/openldap.schema
# Pid-файл
pidfile /var/run/openldap/slapd.pid
# Файл с аргумнтами, которые были переданы slapd
argsfile /var/run/openldap/slapd.args
# Путь к модулям
modulepath /usr/local/libexec/openldap
# подгружаем модуль ldbm
moduleload back_ldbm
# описываем доступ к информации
# указываем, что к аттрибуту userPassword
# себе(под кем Вы находитесь в системе)
# разрешена запись, анонимам предлагается
# зарегистрироваться, остальным пройти идти лесом. ))
access to attrs=userPassword
by self write
by anonymous auth
by * none
# Доступ к остальной информации: себе -- писать, анонимам читать, остальным ничего.
access to *
by self write
by anonymous read
by * none
# Примечание: пользователю cn=root,dc=l1523,dc=ru разрешена запись и чтение всего!
# Тип базы
database ldbm
# Корень базы
suffix "dc=l1523,dc=ru"
# dn администратора ldap
rootdn "cn=root,dc=l1523,dc=ru"
# пароль администратора
# генерируется командой slappasswd
rootpw {SSHA}6yoQWo9e0HkAkdRGovvSff3/Kh0uzj90
# директория, где будут храниться базы
directory /var/db/openldap-data
# уровень отладки
loglevel 256
# Индексы, для ускорения поиска по базе
index objectClass eq
index cn eq
spider# echo slapd_enable=\"YES\" >> /etc/rc.conf
spider# echo slapd_flags=\'-h \"ldapi://%2fvar%2frun%2fopenldap%2fldapi/ \
? ldap://
Do'stlaringiz bilan baham: | 
