本文共 1856 字，大约阅读时间需要 6 分钟。

CentOS 7 ?? OpenLDAP ? BDB

????

• ?????CentOS 7 x86_64 1511
• ??? IP?172.18.12.203

????

• OpenLDAP?2.4.44
• BDB?5.1.29

1. selinux

?? selinux?

sudo yum install selinuxsudo setenforce

2. TCP 389 ? 636

# ?? TCP 389 ? 636 ??sudo firewall-cmd --permanent --add-service=ldapsudo firewall-cmd --permanent --add-service=nslcdsudo firewall-cmd --permanent --add-socket=udp:389sudo firewall-cmd --permanent --add-socket=tcp:389sudo firewall-cmd --permanent --add-socket=tcp:636sudo firewall-cmd --permanent --add-socket=tcp:1635sudo firewall-cmd --reload

3. ?? Berkeley DB

# ????? BDB 5.1.29sudo yum install -y libtool-ltdl-develtar -zxvf db-5.1.29.tar.gzcd db-5.1.29/build_unix../dist/configure --prefix=/usr/local/berkeleydb-5.1.29makemake install

4. ?? OpenLDAP

# ?? OpenLDAP 2.4.44sudo yum install -y openldap openldap-serverssudo cp /usr/local/berkeleydb-5.1.29/lib/* /etc/ld.so.confsudo ldconfig -v# ?? slapd.confvim /usr/local/openldap-2.4.44/etc/openldap/slapd.conf

5. ?????

# ?? DB_CONFIG ??cp DB_CONFIG.example DB_CONFIGvim /usr/local/openldap-2.4.44/var/openldap-data/DB_CONFIG

6. ?? OpenLDAP

# ?? slapd ??sudo systemctl start slapdsudo systemctl enable slapd# ?? slapd ??sudo systemctl status slapd

7. ?? ldapsearch ??

ldapsearch -x -b '' -s base '(objectclass=*)'ldapsearch -x -b '' -s base namingContexts

8. ?? ldapadmin

sudo yum install -y ldapadmin

9. OpenLDAP ??

??? DN

slappasswd -D "cn=admin,dc=sys,dc=com" -W

??????

vim test.ldifldapadd -x -D "cn=admin,dc=sys,dc=com" -W -f test.ldif

????

ldapsearch -x -b 'dc=sys,dc=com' '(objectclass=*)'

?? IT ??

vim test2.ldifldapadd -x -D "cn=admin,dc=sys,dc=com" -W -f test2.ldif

???? IT ??

ldapsearch -x -b 'dc=sys,dc=com' '(objectclass=*)'

10. ?? ldapadmin ??

ldapadmin -u "cn=admin,dc=sys,dc=com" -H 172.18.12.203:389

????