![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
http://www.openldap.org/software/download/
wget ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-2.3.38.tgz tar xzvf openldap-2.3.38.tgz cd ./configure make depend make make install
groupadd ldap useradd -g ldap -d /dev/null -s /bin/false ldap
include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema
wget http://www.iodbc.org/downloads/iODBC/libiodbc-3.52.3.tar.gz tar xzvf libiodbc-3.52.3.tar.gz cd libiodbc-3.52.3 ./configure --with-iodbc-inidir=/usr/local/etc make make install
http://www.amy.hi-ho.ne.jp/jbaba/postgre9.htm BerkeleyDB
wget ftp://ftp.gnu.org/pub/gnu/gdbm/gdbm-1.8.3.tar.gz tar xzvf gdbm-1.8.3.tar.gz cd gdbm-1.8.3
./configure make make install make install-compat
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-stable/openldap-stable-20060112.tgz tar xzvf openldap-stable-20060112.tgz groupadd ldap useradd -g ldap -d /dev/null -s /bin/false ldap ./configure --prefix=/usr/local --enable-wrappers --enable-rlookups --enable-ldap --enable-sql make depend make make test
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.2.30.tgz tar xzvf openldap-2.2.30.tgz cd openldap-2.2.30 ./configure --enable-rlookups --enable-ldap --enable-perl --enable-ldbm=yes -enable-ldbm-api=auto --enable-sql --prefix=/usr/local --enable-wrappers make depend make make test
env CPPFLAGS="-I/usr/local/BerkeleyDB.4.3/include" LDFLAGS="-L/usr/local/BerkeleyDB.4.3/lib"
make install
chown ldap:ldap /usr/local/etc/openldap/slapd.conf chmod 777 /usr/local/var/run/ chown -R ldap:ldap /usr/local/var/openldap-data/ chown -R ldap:ldap /usr/local/var/openldap-slurp
cd /usr/local/var/openldap-data cp DB_CONFIG.example /usr/local/var/openldap-data/DB_CONFIG chown -R ldap:ldap /usr/local/var/openldap-data
local4.* /var/log/ldap.log
touch /var/log/ldap.log; chown ldap:ldap /var/log/ldap.log
loglevel 288
http://www.linux.or.jp/JF/JFdocs/LDAP-HOWTO-3.html
service syslog restart
/usr/local/libexec/slapd
/usr/local/bin/ldapsearch -x -b '' -s base +
kill -INT `cat /usr/local/var/run/slapd.pid`
#!/bin/sh
#
# Startup script for the OpenLDAP
#
# chkconfig: 345 90 15
# description:OpenLDAP
# Source function library.
. /etc/rc.d/init.d/functions
PROFILEDIR=/usr/local/var/run
case "$1" in
start)
if [ -f $PROFILEDIR/slapd.pid ] ; then
echo "Running slapd"
else
/usr/local/libexec/slapd -u ldap -g ldap
echo "Stating slapd"
fi
;;
stop)
if [ -f $PROFILEDIR/slapd.pid ] ; then
kill `cat $PROFILEDIR/slapd.pid`
rm -f $PROFILEDIR/slapd.pid
echo "Stopping slapd"
else
echo "Not Running slapd"
fi
;;
restart)
if [ -f $PROFILEDIR/slapd.pid ] ; then
kill `cat $PROFILEDIR/slapd.pid`
echo "Stopping slapd"
/usr/local/libexec/slapd -u ldap -g ldap
echo "Stating slapd"
else
/usr/local/libexec/slapd -u ldap -g ldap
echo "Stating slapd"
fi
;;
*)
echo "Usage: `basename $0` {start|stop|restart}" 1>&2
exit 1
;;
esac
exit 0
database ldbm
suffix "dc=my-domain,dc=com"
.
directory /usr/local/var/openldap-data
database ldbm
suffix "dc=my-domain2,dc=com"
.
directory /usr/local/var/openldap-data2
http://cvs.cacanet.org/fsc/ldap/0601/examples/two-db.html
include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema
dn: o=hoge,c=jp objectclass: top objectclass: organization o: hoge
iconv -f SHIFT-JIS -t UTF-8 testent.ldif > testent2.ldif
slapadd -b 'o=hoge,c=jp' < testdn.ldif
slapcat -b 'o=hoge,c=jp'
dn: ou=ho,o=hoge,c=jp objectClass: organizationalUnit ou: ho
dn: emloyeeNumber=012345,o=hoge,c=jp objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson cn: Hoge Hogeo sn: Hoge givenName: Hoge mail:hoge@hoge.jp
iconv -f SHIFT-JIS -t UTF-8 test.ldif >test2.ldif
http://d.hatena.ne.jp/satob/200407
ldapsearch -x -LLL -D 'cn=Manager,dc=my-domain,dc=com' -W -b 'ou=People,dc=my-domain,dc=com' '(objectClass=*)'
ldapadd -x -D 'cn=Manager,dc=my-domain,dc=com' -W -f man.ldif
dn: cn=Taro,ou=People,dc=my-domain,dc=com objectClass: Person cn: Taro sn: Hoge dn: cn=Jiro,ou=People,dc=my-domain,dc=com objectClass: Person cn: Jiro sn: Hoge2
ldapmodify -x -D 'cn=Manager,dc=my-domain,dc=com' -W -f man.ldif
User DN cn=Manager,o=hoge,c=jp
http://www.padl.com/Contents/OpenSourceSoftware.html
wget http://www.padl.com/download/nss_ldap.tgz wget http://www.padl.com/download/pam_ldap.tgz tar xzvf nss_ldap.tgz cd nss_ldap-260 ./configure --with-ldap-conf-file=/usr/local/etc/openldap/ldap.conf make make install cd .. tar xzvf pam_ldap.tgz cd pam_ldap-184 ./configure --with-ldap-conf-file=/usr/local/etc/openldap/ldap.conf make make install
BASE dc=hoge, dc=com URI ldap://localhost
passwd: files ldap shadow: files ldap group: files ldap
auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth sufficient pam_ldap.so use_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_ldap.so
ldapTLS="1"
ldapTLS="0"
http://www.atmarkit.co.jp/flinux/rensai/apache2_07/apache07a.html
http://www.linux.or.jp/JF/JFdocs/LDAP-HOWTO.html
http://www.linux.or.jp/JF/JFdocs/LDAP-HOWTO-2.html
Description of LDAP-attribute sambaSIDList
