Wụnye ihe nkesa OpenLDAP wee jiri phpLDAPadmin na-elekọta na Debian/Ubuntu


LDAP na-anọchi anya Lightweight Directory Access Protocol nke enwere ike iji n'ọtụtụ ụzọ dịka maka nyocha, akwụkwọ ndekọ aha (maka ndị ahịa ozi), akwụkwọ adreesị, wdg. Enwere ike iji usoro LDAP guzobe na chekwaa ụdị ozi ọ bụla. Ihe nkesa OpenLDAP na-enye gị ohere ịnweta ozi echekwara na nhazi osisi.

N'ime edemede a, anyị ga-egosi gị otu esi etinye ma hazie ihe nkesa OpenLDAP yana otu esi ejikwa ya na phpLDAPadmin na sistemụ Debian, Ubuntu na Linux Mint.

Ntinye nke OpenLDAP Server na Linux

Site na ndabara ihe nkesa OpenLDAP dị na ebe nchekwa n'okpuru ngwugwu slapd. Ị nwere ike ịwụnye ya ngwa ngwa site na enyemaka nke ngwa njikwa ngwugwu a na-akpọ apt-get. Mana tupu ịwụnye ihe nkesa OpenLDAP, jide n'aka na sistemụ gị dị ọhụrụ.

N'oge echichi, ọ ga-ajụ gị ka itinye paswọọdụ maka ntinye nchịkwa na ndekọ LDAP gị. Tinye paswọọdụ siri ike wee kwado ya site na ịhọrọ OK.

 
$ sudo apt-get update 
$ sudo apt-get install slapd ldap-utils

Hazie sava OpenLDAP

Iji hazie ihe nkesa OpenLDAP ị ga-edezi faịlụ ldap.conf, nke echekwara n'okpuru ndekọ aha /etc. Iji dezie faịlụ ldap.conf, ị ga-achọ onye editọ ederede dị ka vim, nano wdg. Gbaa iwu a ka imepe faịlụ nhazi ldap maka edezi.

$ sudo nano /etc/ldap/ldap.conf

E gosipụtara nsonaazụ nke iwu dị n'elu na ngalaba dị n'okpuru.

#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE   dc=example,dc=com
#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never

# TLS certificates (needed for GnuTLS)
TLS_CACERT      /etc/ssl/certs/ca-certificates.crt

Weghachite ahịrị BASE na URI, yabụ ị nwere ike iji aha ngalaba gị na adreesị IP dezie ha. Ebe ọ bụ na nke a bụ nrụnye na nhazi ule, m ga-eji tecmint123.com dị ka aha ngalaba m.

#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE   dc=tecmint123,dc=com
URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never

# TLS certificates (needed for GnuTLS)
TLS_CACERT      /etc/ssl/certs/ca-certificates.crt

Chekwaa faịlụ ma mee iwu na-esonụ ka ịhazigharịa ngwugwu LDAP.

$ sudo dpkg-reconfigure slapd

Iji wuo isi DN nke ndekọ ndekọ LDAP ị ga-achọ ngalaba aha DNS.

Tinye aha ngalaba DNS gị wee kụọ Tinye iji kwado ya. Mgbe ahụ ldap ga-arịọ ka itinye aha nzukọ a iji na ntọala DN nke ndekọ LDAP gị. Tinye aha ụlọ ọrụ ma ọ bụ nzukọ gị wee kụọ Tinye ọzọ.

Mgbe agbakwunyere nzukọ ma ọ bụ aha ụlọ ọrụ, nhazi ngwugwu ga-ajụ itinye paswọọdụ maka ntinye nchịkwa na LDAP gị
ndekọ. Ịkwesịrị itinye paswọọdụ maka admin nke ị mepụtara na usoro ndị gara aga.

Mgbe ị kwadoro paswọọdụ onye nchịkwa, ị ga-ahọrọ nchekwa data. Enwere ọdụ data abụọ ịhọrọ site na, BDB na HDB nchekwa data. Ha abụọ na-akwado otu nhọrọ nhazi ahụ, na-eji ụdị nchekwa nchekwa yiri ya, ma ebe ọ bụ na nchekwa data HDB na-agbakwụnye nkwado maka aha sub-osisi ọ bụ nke a tụrụ aro.

Ị nwere ike họrọ nchekwa data ị chere na ọ ga-abara gị uru. Mgbe ị mechara mkpebi nchekwa data ị ga-eji, pịa Tinye iji kwado nhọrọ ahụ. Mgbe ahụ, a ga-ajụ gị ajụjụ ọzọ. Họrọ E-eh ka iwepu nchekwa data mgbe a na-ehicha ụra.

Họrọ ọzọ Ee wee pịa Tinye.

Họrọ Mba na ihe nkesa LDAP ga-amalite ịgba ọsọ.

[sudo] password for ravisaive: 
 * Stopping OpenLDAP slapd                                                                                       [ OK ] 
  Moving old database directory to /var/backups:
  - directory unknown... done.
  Creating initial configuration... done.
  Creating LDAP directory... done.
 * Starting OpenLDAP slapd                                                                                       [ OK ] 
Processing triggers for libc-bin ...

Iji nwalee ihe nkesa LDAP, a na-eji iwu ldapsearch -x.

ldapsearch -x

Ọ na-emepụta ihe na-esonụ.

# extended LDIF
#
# LDAPv3
# base <dc=tecmint123,dc=com> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# tecmint123.com
dn: dc=tecmint123,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: tecmint
dc: tecmint123

# admin, tecmint123.com
dn: cn=admin,dc=tecmint123,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

Nlekọta LDAP nwere phpLDAPadmin

phpLDAPadmin bụ ngwa nchịkwa GUI maka nchịkwa sava LDAP. Ngwá ọrụ GUI a ga-enyere anyị aka ka anyị na ihe nkesa LDAP gị na-emekọrịta ihe site na ntanetị weebụ. Ọ dị na ebe nchekwa ndabara, enwere ike itinye ya na iwu apt-get.

Mana tupu ịwụnye phpLDAPadmin, ị ga-enwerịrị sava weebụ Apache na PHP arụnyere ma na-agba ọsọ. Ọ bụrụ na ọ bụghị, tinye ya site na iji iwu a.

$ sudo apt-get install apache2 php5 php5-mysql

Ọzọ wụnye ngwugwu “phpldapadmin” dị ka egosiri n'okpuru.

$ sudo apt-get install phpldapadmin

Otu ụzọ anyị si hazie faịlụ ldap.conf, anyị kwesịrị ịhazi faịlụ nhazi ihe ntanetị phpldapadmin tupu iji ya. Gbaa iwu a ka imepe faịlụ phpldapadmin config.php.

$ sudo nano /etc/phpldapadmin/config.php

Ihe niile ị ga - eme bụ iji ụkpụrụ nke gị dochie ngalaba aha. Akụkụ nhazi achọrọ maka ikpe a dị n'okpuru ngalaba Kwapụta sava LDAP gị.

$servers = new Datastore();
$servers->newServer('ldap_pla'); 
$servers->setValue('server','name','Tecmint LDAP Server');
$servers->setValue('server','host','127.0.0.1'); 
$servers->setValue('server','base',array('dc=tecmint123,dc=com'));
$servers->setValue('login','bind_id','cn=admin,dc=tecmint123,dc=com');

Mgbe ịmechara faịlụ nhazi config.php, mepee taabụ na ihe nchọgharị weebụ gị wee pịa URL http://ip_address_here/phpldapadmin. Tinye nzere nbanye ldap gị wee pịa nbanye.

Njikọ ntụaka

  1. Mepee ibe obibi LDAP
  2. phpLDAPadmin ibe obibi