以前常使用别人配好的LDAP Server来测试程序,最近在网上找了很多资料,想亲手实践一下LDAP Server的配置,尝试了很多次,看了很多资料,以下是一些简单的步骤,希望后来的同学们少走一些弯路。
一、安装前软件的准备
1. OpenLDAP for windows(见附件)
2. LDAP browser(见附件)
|
文件: | LdapBrowser282.rar |
大小: | 632KB |
下载: | 下载 |
|
|
文件: | openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.zip |
大小: | 1599KB |
下载: | 下载 |
|
二、安装
1.下载安装openLDAP,这个比较简单,这里就不再说了
2.解压ldap browser,这个需要jre 1.6环境支持
三、配置OpenLDAP
1. 安装目录找到slapd.conf,找到 ucdata-path ./ucdata加入如下配置(有就不用了,没有的补上)
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/corba.schema
include ./schema/dyngroup.schema
include ./schema/java.schema
include ./schema/misc.schema
include ./schema/nis.schema
include ./schema/openldap.schema
2. 找到
database bdb
suffix "dc=my-domain,dc=com" ----line 1
rootdn "cn=Manager,dc=my-domain,dc=com" ----line 2
将 line 1 改为
suffix "dc=ibm,dc=com"
将 line 2 改为
rootdn "cn=Manager,dc=ibm,dc=com"
3. 编缉test.ldif文件
dn: dc=ibm,dc=com
dc: ibm
objectClass: dcObject
objectClass: organization
o: IBM, Inc.
dn: ou=dev,dc=ibm,dc=com
ou: dev
description: All people in dev team
objectclass: organizationalunit
dn: ou=qa,dc=ibm,dc=com
ou: qa
description: All people in qa team
objectclass: organizationalunit
dn: cn=Robert_Smith, ou=dev,dc=ibm,dc=com
objectClass: inetOrgPerson
cn: Robert_Smith
sn: smith
uid: rsmith
userpassword: smith
mail: robert@ibm.com
description: Robert Smith information
ou: dev
dn: cn=Jason, ou=qa,dc=ibm,dc=com
objectClass: inetOrgPerson
cn: Jason
sn: Jason
uid: rjason
userpassword: jason
mail: jason@ibm.com
description: Jason personal information
ou: qa
4.command窗口cd 到安装目录,运行
ldapadd -x -D "cn=manager,dc=ibm,dc=com" -w secret -f test.ldif
5.这里用LDAP Browser应该应能看到你所回的目录层次
dc = ibm, dc=com
| ou = dev
| cn = Robert_Smith
| ou = qa
| cn = Jason
6.command 窗口cd到安装目录,运行
ldapsearch -x -H ldap://localhost -b "cn=Jason_Smith,ou=qa,dc=ibm, dc=com"
或
ldapsearch -x -H ldap://localhost -b "dc=ibm, dc=com"
四、OpenLDAP与OpenSSL一起工作
未完,待续...
阅读(6345) | 评论(0) | 转发(0) |