LDAP及phpLDAPAdmin部署

系統(tǒng)環(huán)境

創(chuàng)新互聯(lián)公司主要從事網(wǎng)站制作、網(wǎng)站建設(shè)、網(wǎng)頁(yè)設(shè)計(jì)、企業(yè)做網(wǎng)站、公司建網(wǎng)站等業(yè)務(wù)。立足成都服務(wù)蕪湖縣,10余年網(wǎng)站建設(shè)經(jīng)驗(yàn),價(jià)格優(yōu)惠、服務(wù)專業(yè),歡迎來(lái)電咨詢建站服務(wù):028-86922220

主機(jī)名	操作系統(tǒng)	IP地址	備注
node201	CentOS 7.6 x86_64	172.20.20.201

說(shuō)明：以下均為超級(jí)管理員root用戶進(jìn)行的操作

基礎(chǔ)環(huán)境配置

yum?install?-y?wget
wget?http://mirrors.aliyun.com/repo/Centos-7.repo
cp?Centos-7.repo?/etc/yum.repos.d/
cd?/etc/yum.repos.d/
mv?CentOS-Base.repo?CentOS-Base.repo.bak
mv?Centos-7.repo?CentOS-Base.repo
yum?clean?all
echo?-e?"172.20.20.201?www.node201.com?node201.com?node201"?>>?/etc/hosts
hostnamectl?set-hostname?node201
systemctl?stop?firewalld.service
sed?-i?'/SELINUX/s/enforcing/disabled/'?/etc/selinux/config?&&?setenforce?0&&?systemctl?disable?firewalld.service?&&?systemctl?stop?firewalld.service?&&?logout

安裝LDAP

yum?install?-y?openssl?openssl-devel
?
yum?-y?install?openldap?compat-openldap?openldap-clients?openldap-servers?openldap-servers-sql?openldap-devel?migrationtools
?
mkdir?-p?/var/lib/ldap

chown?-R?ldap:ldap?/var/lib/ldap

systemctl?start?slapd

查看LDAP版本及服務(wù)及端口

slapd?-VV
ps?-ef|grep?slapd
ss?-lntup|grep?38

LDAP及phpLDAPAdmin部署

配置LDAP管理員密碼

slappasswd

LDAP及phpLDAPAdmin部署

cd?/etc/openldap/
vi?chrootpw.ldif?
#?specify?the?password?generated?above?for?"olcRootPW"?section
dn:?olcDatabase={0}config,cn=config
changetype:?modify
add:?olcRootPW
olcRootPW:?{SSHA}c22zti7umHh8l1HGbFSHMQ4eXGMWEoYS

#?wq?保存退出
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-f?chrootpw.ldif

LDAP及phpLDAPAdmin部署

導(dǎo)入Schema

ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/cosine.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/nis.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/collective.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/corba.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/core.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/duaconf.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/dyngroup.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/inetorgperson.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/java.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/misc.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/openldap.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/pmi.ldif
ldapadd?-Y?EXTERNAL?-H?ldapi:///?-D?"cn=config"?-f?/etc/openldap/schema/ppolicy.ldif

LDAP及phpLDAPAdmin部署

修改配置文件

cp?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif.bak
sed?-i??'s#cn=Manager,dc=my-domain,dc=com#cn=Manager,dc=node201,dc=com#g'?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif

cp?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif.bak
sed?-i?'s#cn=Manager,dc=my-domain,dc=com#cn=Manager,dc=node201,dc=com#g'?/etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif

配置LdAP的DN

?假設(shè)我這里的ROOT DN為使用本地域名為node201.com

slappasswd

LDAP及phpLDAPAdmin部署

vi?chdomain.ldif?
#?replace?to?your?own?domain?name?for?"dc=***,dc=***"?section
#?specify?the?password?generated?above?for?"olcRootPW"?section
dn:?olcDatabase={1}monitor,cn=config
changetype:?modify
replace:?olcAccess
olcAccess:?{0}to?*?by?dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
??read?by?dn.base="cn=Manager,dc=node201,dc=com"?read?by?*?none

dn:?olcDatabase={2}hdb,cn=config
changetype:?modify
replace:?olcSuffix
olcSuffix:?dc=node201,dc=com

dn:?olcDatabase={2}hdb,cn=config
changetype:?modify
replace:?olcRootDN
olcRootDN:?cn=Manager,dc=node201,dc=com

dn:?olcDatabase={2}hdb,cn=config
changetype:?modify
add:?olcRootPW
olcRootPW:?{SSHA}dmlBn+z3eUR4YYtOGMnoUUnWGxc8tyDJ

dn:?olcDatabase={2}hdb,cn=config
changetype:?modify
add:?olcAccess
olcAccess:?{0}to?attrs=userPassword,shadowLastChange?by
??dn="cn=Manager,dc=node201,dc=com"?write?by?anonymous?auth?by?self?write?by?*?none
olcAccess:?{2}to?dn.base=""?by?*?read
olcAccess:?{2}to?*?by?dn="cn=Manager,dc=node201,dc=com"?write?by?*?read

#wq!保存退出

ldapmodify?-Y?EXTERNAL?-H?ldapi:///?-f?chdomain.ldif

LDAP及phpLDAPAdmin部署

導(dǎo)入Base domain

vi?basedomain.ldif?

dn:?dc=node201,dc=com
dc:?node201
objectClass:?top
objectClass:?domain

dn:?ou=dev,dc=node201,dc=com
ou:?dev
objectClass:?top
objectClass:?organizationalUnit

dn:?ou=test,dc=node201,dc=com
ou:?test
objectClass:?top
objectClass:?organizationalUnit

#wq!?保存退出

ldapadd?-x?-D?cn=Manager,dc=node201,dc=com?-W?-f?basedomain.ldif?????#第二次創(chuàng)建的密碼，我這里第一次和第二次都是同一個(gè)密碼

LDAP及phpLDAPAdmin部署

查詢驗(yàn)證

ldapsearch??-x?-b?"dc=node201,dc=com"

LDAP及phpLDAPAdmin部署

支持LDAP安裝成功，現(xiàn)在若要添加記錄，則必須要使用ldapadd命令添加條目，是否有圖形界面可以操作或查看其目錄結(jié)構(gòu)呢？答案是有的，那就是：phpLDAPAdmin，下面介紹如何部署phpLDAPAdmin

安裝phpLDAPAdmin

yum?-y?install?httpd
mv?/etc/httpd/conf.d/welcome.conf?/etc/httpd/conf.d/welcome.conf.bak
sed?-i?"s/#ServerName?www.example.com:80/ServerName?www.node201.com:80/g"?/etc/httpd/conf/httpd.conf
cp?/etc/httpd/conf/httpd.conf??/etc/httpd/conf/httpd.conf.bak
sed?-i?'151s/AllowOverride?None/AllowOverride?All/g'??/etc/httpd/conf/httpd.conf
sed?-i?'164s/DirectoryIndex?index.html/DirectoryIndex?index.html?index.cgi?index.php/g'??/etc/httpd/conf/httpd.conf
systemctl?start?httpd
systemctl?enable?httpd
echo?"Apache?is?OK"?>>?/var/www/html/index.html
curl?-I?http://www.node201.com/

LDAP及phpLDAPAdmin部署

安裝PHP

yum?-y?install?php?php-mbstring?php-pear
cp??/etc/php.ini?/etc/php.ini.bak
sed?-i??'878s#;date.timezone?=#date.timezone?=?"Asia/Shanghai"#g'?/etc/php.ini?
systemctl?restart?httpd
cat?>?/var/www/html/index.php?<
EOF

訪問(wèn)：http://172.20.20.201/index.php

出現(xiàn)如下界面，則表示PHP配置OK

LDAP及phpLDAPAdmin部署

安裝phpLDAP admin

wget?http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm?-ivh?epel-release-latest-7.noarch.rpm
yum?repolist
yum?--enablerepo=epel?-y?install?phpldapadmin
cp?/etc/phpldapadmin/config.php?/etc/phpldapadmin/config.php.bak
vi?/etc/phpldapadmin/config.php
#將第397和398行
????//?$servers->setValue('login','attr','dn');
????$servers->setValue('login','attr','uid');
????改為如下
????$servers->setValue('login','attr','dn');
????//?$servers->setValue('login','attr','uid');
????
vi?/etc/httpd/conf.d/phpldapadmin.conf?
#添加如下內(nèi)容
#
#??Web-based?tool?for?managing?LDAP?servers
#
?
Alias?/phpldapadmin?/usr/share/phpldapadmin/htdocs
Alias?/ldapadmin?/usr/share/phpldapadmin/htdocs
?

??
????#?Apache?2.4
????Require?local
????Require?ip?172.20.0.0/8????????
??
??
????#?Apache?2.2
????Order?Deny,Allow
????Deny?from?all
????Allow?from?127.0.0.1
????Allow?from?::1
??


###?:wq?保存
chown?-R?apache.apache?/usr/share/phpldapadmin
systemctl?restart?httpd.service

最后訪問(wèn)

http://172.20.20.201/ldapadmin/

輸入上面建立的管理員用戶名及密碼

LDAP及phpLDAPAdmin部署

至此LDAP及phpLDAPAdmin全部部署完成

本文名稱：LDAP及phpLDAPAdmin部署
文章轉(zhuǎn)載：http://weahome.cn/article/psgjps.html

真实的国产乱ⅩXXX66竹夫人,五月香六月婷婷激情综合,亚洲日本VA一区二区三区,亚洲精品一区二区三区麻豆

LDAP及phpLDAPAdmin部署

其他資訊

網(wǎng)站制作

企業(yè)服務(wù)

網(wǎng)站建設(shè)

服務(wù)器托管