compat-openldap.i386 0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
ou can install them using the command:
yum install *openldap* -y
-----------------------------------------------------------
vi /etc/openldap/sldap.conf
openssl passwd
add in /etc/openldap/sldap.conf
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw {crypt}BreLcru48OqmA
-------------------------------------------------------------------------
service ldap restart
tail -f /var/log/messages
useradd -d /home/users/system1-user01 system1-user01
useradd -d /home/users/system2-user02 system2-user02
useradd -d /home/users/system3-user03 system3-user03
useradd -d /home/users/system4-user04 system4-user04
useradd -d /home/users/system5-user05 system5-user05
useradd -d /home/users/system6-user06 system6-user06
useradd -d /home/users/system7-user07 system7-user07
useradd -d /home/users/system8-user08 system8-user08
useradd -d /home/users/system9-user09 system9-user09
useradd -d /home/users/system10-user10 system10-user10
passwd system1-user01
passwd system2-user02
passwd system3-user03
passwd system4-user04
passwd system5-user05
passwd system6-user06
passwd system7-user07
passwd system8-user08
passwd system9-user09
passwd system10-user10
groupadd -g 10000 system01
groupadd -g 10001 system02
usermod -G 10000 system1-user01
usermod -G 10000 system2-user02
usermod -G 10001 system3-user03
vi /etc/exports
/home/users 192.168.0.0/255.255.255.0(rw,sync)
vi /etc/openldap/init.ldif
dn: dc=example,dc=com
objectClass: dcObject
objectClass: organization
o: example
dc: example
dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
cn: Manager
dn: ou=Account,dc=example,dc=com
objectClass: organizationalUnit
ou: Account
dn: ou=Group,dc=example,dc=com
objectClass: organizationalUnit
ou: Group
#ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f init.ldif
#ldapsearch -x -LLL -b "dc=example, dc=com" "(objectClass=*)"
----------------------------------------------------------------------------------------vi /etc/openldap/group.ldif
dn: cn=system01,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: system01
gidNumber: 10000
dn: cn=system02,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: system02
gidNumber: 10001
ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f group.ldif
before create user.ldif
su - system1-user01
id <-- check user id
openssl passwd
copy and paste on
vi /etc/openldap/user.ldif
dn: uid=system1-user01,ou=Account,dc=example,dc=com
uid: system1-user01
cn: test user 01
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}FLVvKA5gz4RUk
loginShell: /bin/bash
uidNumber: 511
gidNumber: 10000
homeDirectory: /home/users/system1-user01
dn: uid=system2-user02,ou=Account,dc=example,dc=com
uid: system2-user02
cn: test user 02
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}9oB/59btUGpGM
loginShell: /bin/bash
uidNumber: 512
gidNumber: 10000
homeDirectory: /home/users/system2-user02
dn: uid=system3-user03,ou=Account,dc=example,dc=com
uid: system3-user03
cn: test user 03
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}xopW7X41D.w/6
loginShell: /bin/bash
uidNumber: 513
gidNumber: 10001
homeDirectory: /home/users/system3-user03
ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f user.ldif
export home directory on server1.example.com
/home/users 192.168.0.0/255.255.255.0(rw,sync)
### LDAP Clients ###
authconfig-tui
- Use LDAP
- Use LDAP Authentication
ldap://server1.example.com
dc=example,dc=com
vi /etc/auto.master
/home/users /etc/auto.users --timeout=60
vi /etc/auto.users
* -fstype=nfs,rw,soft,intr server1.example.com:/home/users/&
No comments:
Post a Comment