Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Ldap Abscisse

    Uploaded by

    Ruben Assandja
    This document provides instructions for installing and configuring an LDAP server on CentOS. It describes downloading required packages, configuring the LDAP configuration file, generating a root password, importing schema files, adding an LDAP manager account, creating the LDAP directory structure, and installing and configuring PHPLDAPadmin for a web-based LDAP client.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Ldap Abscisse

    Uploaded by

    Ruben Assandja
    7 views3 pages
    This document provides instructions for installing and configuring an LDAP server on CentOS. It describes downloading required packages, configuring the LDAP configuration file, generating a root password, importing schema files, adding an LDAP manager account, creating the LDAP directory structure, and installing and configuring PHPLDAPadmin for a web-based LDAP client.

    Original Description:

    Configuration Ldap Centos9

    Original Title

    ldap abscisse

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides instructions for installing and configuring an LDAP server on CentOS. It describes downloading required packages, configuring the LDAP configuration file, generating a root password, importing schema files, adding an LDAP manager account, creating the LDAP directory structure, and installing and configuring PHPLDAPadmin for a web-based LDAP client.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    7 views3 pages

    Ldap Abscisse

    Uploaded by

    Ruben Assandja
    This document provides instructions for installing and configuring an LDAP server on CentOS. It describes downloading required packages, configuring the LDAP configuration file, generating a root password, importing schema files, adding an LDAP manager account, creating the LDAP directory structure, and installing and configuring PHPLDAPadmin for a web-based LDAP client.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 3

    Install & configure Slapd on CentOS

    installation de paquets et des dépendences


    //Passer en mode root avec sudo su

    dnf install epel-release


    dnf -y install openldap openldap-servers openldap-clients --nobest
    dnf -y install httpd
    dnf -y install phpldapadmin
    // j'installe aussi nano mon éditeur de texte favori
    dnf -y install nano

    Modifier la base de notre annuaire LDAP en ouvrant le fichier en dessous

    sudo nano /etc/openldap/ldap.conf

    Décommenter les lignes suivantes


    BASE dc=asur,dc=local
    URI ldap://192.168.8.32

    Créer le mot de passe root et le sauvegarder quelque part


    slappasswd

    //copier le mot de passe crypter generer {SSHA}F81Lm52jkS34c2dU4zFgnPY93hvk5X7R


    et le copier dans ce fichier txt à olcRootPW:

    systemctl start slapd

    Créer le fichier LDIF de l'administrateur

    nano rootpw.ldif
    dn: olcDatabase={0}config,cn=config
    changetype: modify
    add: olcRootPW
    olcRootPW: {SSHA}F81Lm52jkS34c2dU4zFgnPY93hvk5X7R

    Importer le schema du root


    ldapadd -Y EXTERNAL -H ldapi:/// -f rootpw.ldif

    Importer les schémas de config de ldap


    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/openldap.ldif
    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/dyngroup.ldif

    ********************************************************************
    LE TERMINAL VOUS RENVOIE CES LIGNES
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=cosine,cn=schema,cn=config"

    SASL/EXTERNAL authentication started


    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=nis,cn=schema,cn=config"
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=inetorgperson,cn=schema,cn=config"

    SASL/EXTERNAL authentication started


    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=openldap,cn=schema,cn=config"

    SASL/EXTERNAL authentication started


    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=dyngroup,cn=schema,cn=config"
    *************************************************************************

    Ajouter un manager à votre annuaire ldap


    nano manager.ldif

    dn: olcDatabase={2}mdb,cn=config
    changetype: modify
    replace: olcSuffix
    olcSuffix: dc=asur,dc=local

    dn: olcDatabase={2}mdb,cn=config
    changetype: modify
    replace: olcRootDN
    olcRootDN: cn=Manager,dc=asur,dc=local

    dn: olcDatabase={2}mdb,cn=config
    changetype: modify
    add: olcRootPW
    olcRootPW: {SSHA}F81Lm52jkS34c2dU4zFgnPY93hvk5X7R

    Appliquer les modifications apportées

    ldapmodify -Y EXTERNAL -H ldapi:/// -f manager.ldif


    **********************************************************************
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    modifying entry "olcDatabase={2}mdb,cn=config"

    modifying entry "olcDatabase={2}mdb,cn=config"

    modifying entry "olcDatabase={2}mdb,cn=config"


    ************************************************************************
    Créer la base de notre organisation de l'annuaire
    nano org.ldif

    dn: dc=asur,dc=local
    objectClass: top
    objectClass: dcObject
    objectclass: organization
    o: asur Server
    dc: asur

    dn: cn=Manager,dc=asur,dc=local
    objectClass: organizationalRole
    cn: Manager
    description: LDAP Manager

    dn: ou=users,dc=asur,dc=local
    objectClass: organizationalUnit
    ou: Users

    Appliquer les changements


    ldapadd -x -D cn=Manager,dc=asur,dc=local -W -f org.ldif
    *****************************************************************************
    Enter LDAP Password:
    adding new entry "dc=asur,dc=local"

    adding new entry "cn=Manager,dc=asur,dc=local"

    adding new entry "ou=users,dc=asur,dc=local"

    ****************************************************************************
    Install de PHPLDAPADMIN
    Configurer le host d'apache
    vim /etc/httpd/conf.d/phpldapadmin.conf
    Require all granted
    Allow from 192.168.8.32

    Modifier le fichier de configuration ouvrir avec nano -l pour afficher les numéros
    des lignes
    nano -l /etc/phpldapadmin/config.php

    117 $config->custom->appearance['timezone'] = 'Africa/Libreille';


    193 $config->custom->appearance['hide_template_warning'] = true;
    322 $servers->setValue('server','name','Asur LDAP');
    329 $servers->setValue('server','host','192.168.8.32');
    332 $servers->setValue('server','port',389);
    336 $servers->setValue('server','base',array('dc=asur,dc=local'));
    364 $servers->setValue('login','bind_id',cn=Manager,dc=asur,dc=local);
    369 $servers->setValue('login','bind_id','m1');
    453 $servers->setValue('login','attr','dn');
    454 // $servers->setValue('login','attr','uid');

    systemctl disable --now firewalld


    nano /etc/selinux/config SELINUX=disabled
    init 6
    systemctl restart slapd
    systemctl restart httpd

    PAM NSS

    You might also like