blob: ea245662b6ec821badf32f8ff763c141d8a29df9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
# Initial Setup
Set the directory suffix and Manager user in your slapd.conf(5):
[...]
suffix "dc=example,dc=org"
rootdn "cn=Manager,dc=example,dc=org"
rootpw {SSHA}CjQ2ddDHu92qd2BrcNYT1hQDzLrVlgCo # Encryted password using slappasswd(8)
[...]
Create the DB_CONFIG file to initialize the database:
# cd /var/lib/openldap
# cp -a DB_CONFIG.example DB_CONFIG
# Logging
Add this to your /etc/syslog.conf file, and then restart syslogd,
to enable the slapd log file:
local4.* -/var/log/slapd
# Configuration
All configuration and schemas are stored in /etc/openlap
slapd.conf legacy OpenLDAP configuration file (see slapd.conf(5))
slapd.ldif OpenLDAP configuration file (see slapd-config(5))
ldap.conf ldap client (eg. ldapsearch) configuration file (see ldap.conf(5))
certs/ directory can contains server certificates
schema/ OpenLDAP schema
The default OpenLDAP database is located in /var/lib/openldap
*NOTE* OpenLDAP 2.3 and later supports old slapd.conf(5) and dynamic
configuration engine, slapd-config(5).
# Using the slapd.d directory
An existing slapd.conf(5) file can be converted to the new format using
slaptest(8):
# sh /etc/rc.d/rc.openldap stop
# mkdir -p /etc/openldap/slapd.d
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
# chown ldap:ldap /etc/openldap/slapd.d
# Starting and Stopping the OpenLDAP server
This package provides the /etc/rc.d/rc.openldap start/stop script.
Slackware is OpenLDAP server ready (see the rc.M script) and you can start
the OpenLDAP server automatically at boot by adding execution permission to
/etc/rc.d/rc.openldap
# Troubleshooting
## Can't contact LDAP server via ldapi:/// url
$ ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/test.ldif
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
openldap-server package use the same libraries from n/openldap-client Slackware
package. The openldap-client package use a non-standard location for ldapi socket.
### Solution 1
Create a symlink from /var/run/openldap/ldapi to /var/lib/run/ldapi
# mkdir -p /var/lib/run
# ln -sf /var/run/openldap/ldapi /var/lib/run/ldapi
### Solution 2
Change or add the URI in ldap.conf(5) file:
URI ldapi://%2fvar%2frun%2fopenldap%2fldapi
Run the ldap utility command without "-H" argument (example):
$ ldapadd -Y EXTERNAL -f /tmp/test.ldif
### Solution 3
Use ldapi url with ldap utility command:
$ ldapadd -Y EXTERNAL -H ldapi://%2fvar%2frun%2fopenldap%2fldapi -f /tmp/test.ldif
# Documentation
See /usr/doc/openldap-2.4.42/guide.html (OpenLDAP Administrator Guide)
|
