Last active
December 3, 2015 02:05
-
-
Save machuz/036bc16ca661b5ed75a8 to your computer and use it in GitHub Desktop.
LDAP環境を簡単にローカルへ構築する ref: http://qiita.com/ma2k8/items/0bba6b62a0ea3deb87cc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dn: uid=a123456,ou=People,dc=hoge,dc=co,dc=jp | |
objectClass: inetOrgPerson | |
objectClass: posixAccount | |
objectClass: shadowAccount | |
objectClass: ldapPublicKey | |
sn: hoge | |
cn: foo | |
uid: a123456 | |
uidNumber: 10001 | |
gidNumber: 10001 | |
homeDirectory: /home/a123456 | |
userPassword: {SSHA}9yfE3ENwK0oaC/zo4tFPnu3LpXTwAsnH | |
mail: hoge_foo@xxx.co.jp | |
loginShell: /bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dn:ou=People,dc=hoge,dc=local | |
objectClass: organizationalUnit | |
ou: People |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ apt-get install ldap-utils slapd ldapvi libnss-ldapd libpam-ldapd nscd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ /etc/init.d/nscd restart | |
$ /etc/init.d/nslcd restart | |
$ /etc/init.d/slapd restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapadd -x -D cn=admin,dc=hoge,dc=local -W -f base.ldif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapsearch -x -D cn=admin,dc=hoge,dc=local -W -LLL -b dc=hoge,dc=local dn | |
Enter LDAP Password: | |
dn: dc=hoge,dc=local | |
dn: cn=admin,dc=hoge,dc=local | |
dn: ou=People,dc=hoge,dc=local |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/openssh-lpk.ldif | |
$ ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/sudo.ldif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapadd -x -D cn=admin,dc=hoge,dc=local -W -H ldapi:// -f a123456.lidf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ldapsearch -x -D cn=admin,dc=hoge,dc=local -W -LLL -b dc=hoge,dc=local dn | |
Enter LDAP Password: | |
dn: dc=hoge,dc=local | |
dn: cn=admin,dc=hoge,dc=local | |
dn: ou=People,dc=hoge,dc=local | |
dn: uid=a123456,ou=People,dc=hoge,dc=local |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
URI ldap://xxx.xxx.xxx.xxx | |
BASE ou=People,dc=hoge,dc=local | |
TIMELIMIT 120 | |
TIMEOUT 120 | |
NETWORK_TIMEOUT 120 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
uid nslcd | |
gid nslcd | |
uri ldap://xxx.xxx.xxx.xxx | |
base ou=People,dc=hoge,dc=local | |
ldap_version 3 | |
nss_initgroups_ignoreusers root | |
pam_authz_search (&(objectClass=posixAccount)(uid=$username)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment