📅  最后修改于: 2023-12-03 14:59:54.500000             🧑  作者: Mango
OpenLDAP is an open source implementation of the LDAP protocol used for directory services. This guide will walk you through a step-by-step process for installing OpenLDAP on CentOS 7.
Before proceeding with the installation, make sure that your CentOS 7 system is up-to-date and that you have root access. You will also need to allocate enough disk space for your directory service.
To install OpenLDAP, you need to first enable the EPEL repository by running the following commands:
sudo yum install epel-release
sudo yum update
Next, install OpenLDAP:
sudo yum install openldap-servers openldap-clients
Once OpenLDAP is installed, you need to configure the server. First, create a configuration file for the server:
sudo nano /etc/openldap/slapd.conf
In this file, you will define the database backend that your OpenLDAP server will use. Add the following lines to the end of the file:
database hdb
suffix "dc=my-domain,dc=com"
rootdn "cn=admin,dc=my-domain,dc=com"
rootpw {SSHA}Your_Password_Here
Replace "Your_Password_Here" with a strong password.
Save the file and exit.
Now you need to create a database to use with OpenLDAP. You can use the following command to create an initial database:
sudo slappasswd -s Your_Password_Here
Replace "Your_Password_Here" with a strong password.
Next, create a database populating script:
sudo nano db.ldif
Add the following lines to the file:
dn: dc=my-domain,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: My Organization
dc: my-domain
dn: cn=admin,dc=my-domain,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
userPassword: {SSHA}Your_Password_Here
description: LDAP administrator
Again, replace "Your_Password_Here" with a strong password.
Save the file and exit.
Now populate the database using the following command:
sudo ldapadd -x -W -D "cn=admin,dc=my-domain,dc=com" -f db.ldif
Enter the password you set for the LDAP administrator when prompted.
If you have a firewall enabled on your CentOS 7 system, you will need to allow incoming LDAP connections. Use the following command to add a rule to allow LDAP connections:
sudo firewall-cmd --add-service=ldap --permanent
sudo firewall-cmd --reload
Finally, start the OpenLDAP server using the following command:
sudo systemctl start slapd
sudo systemctl enable slapd
You should now have a working OpenLDAP server running on your CentOS 7 system. By following this guide, you have learned how to install and configure OpenLDAP, populate its database, and set up appropriate firewall rules.