-
-
Save mahirrudin/9b7754e54f1e8e532049484864beba42 to your computer and use it in GitHub Desktop.
| ## installation openldap with backend mysql | |
| sudo apt update && sudo apt upgrade -y && sudo reboot | |
| sudo apt install mysql-server unixodbc make gcc libmysqlclient-dev unixodbc-dev groff ldap-utils | |
| ## mysql login as root | |
| sudo mysql -u root | |
| CREATE DATABASE ldap | |
| CREATE USER 'ldap'@'%' IDENTIFIED BY 'S3cureP4ssw0rd$'; | |
| GRANT ALL PRIVILEGES ON ldap.* TO 'ldap'@'%'; | |
| CREATE USER 'ldap'@'localhost' IDENTIFIED BY 'S3cureP4ssw0rd$'; | |
| GRANT ALL PRIVILEGES ON ldap.* TO 'ldap'@'localhost'; | |
| FLUSH PRIVILEGES; | |
| EXIT | |
| ## create table to ldap database | |
| git clone https://gist.github.com/mahirrudin/bdde7e60fe2a4a3e7b17c5ee28bf02c0 init-ldap.sql | |
| sudo mysql -u root ldap < init-ldap.sql | |
| ## install mysql odbc connector | |
| wget https://dev.mysql.com/get/Downloads/Connector-ODBC/8.0/mysql-connector-odbc-8.0.11-linux-ubuntu18.04-x86-64bit.tar.gz | |
| tar -xvzf mysql-connector-odbc-8.0.11-linux-ubuntu18.04-x86-64bit.tar.gz | |
| cd mysql-connector-odbc-*/ | |
| sudo cp lib/libmyodbc8* /usr/lib/x86_64-linux-gnu/odbc/ | |
| ## create file /etc/odbcinst.ini | |
| [MySQL Unicode] | |
| Description = MySQL ODBC 8.0 Unicode Driver | |
| Driver = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8w.so | |
| Setup = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8S.so | |
| FileUsage = 1 | |
| [MySQL ANSI] | |
| Description = MySQL ODBC 8.0 ANSI Driver | |
| Driver = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8a.so | |
| Setup = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8S.so | |
| FileUsage = 1 | |
| ## edit /etc/odbc.ini | |
| [ldap] | |
| Description = MySQL Connector for LDAP | |
| Driver = MySQL Unicode | |
| Database = ldap | |
| Server = 127.0.0.1 | |
| User = ldap | |
| Password = ldap | |
| Port = 3306 | |
| ## check ldap connection if it works | |
| sudo echo "show databases" | isql -v ldap | |
| +---------------------------------------+ | |
| | Connected! | | |
| | | | |
| | sql-statement | | |
| | help [tablename] | | |
| | quit | | |
| | | | |
| +---------------------------------------+ | |
| SQL> show databases | |
| +-----------------------------------------------------------------+ | |
| | Database | | |
| +-----------------------------------------------------------------+ | |
| | information_schema | | |
| | ldap | | |
| +-----------------------------------------------------------------+ | |
| ## download, compile, and install openldap from source | |
| ## more information http://www.linuxfromscratch.org/blfs/view/svn/server/openldap.html | |
| wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.46.tgz | |
| tar -xvzf openldap-2.4.46.tgz | |
| sudo mv openldap-2.4.* /opt/openldap | |
| cd /opt/openldap | |
| sudo ./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info --enable-sql --disable-bdb --disable-ndb --disable-hdb | |
| sudo make depend | |
| sudo make | |
| sudo make install | |
| ## create password for openldap configuration | |
| sudo /usr/sbin/slappasswd -h {SSHA} | |
| ## edit /etc/openldap/slapd.conf | |
| ################### Start of Configuration ############################ | |
| # OpenLDAP Configuration by mahirrudin | |
| ####################################################################### | |
| include /etc/openldap/schema/core.schema | |
| include /etc/openldap/schema/cosine.schema | |
| include /etc/openldap/schema/inetorgperson.schema | |
| pidfile /var/run/slapd.pid | |
| argsfile /var/run/slapd.args | |
| ####################################################################### | |
| # SQL database definitions | |
| ####################################################################### | |
| database sql | |
| suffix "dc=boekoe,dc=id" | |
| rootdn "cn=administrator,dc=boekoe,dc=id" | |
| rootpw {SSHA}Th2pCgWlUzNg2gghclpU1IF4lWfPRIKV | |
| # SQL configuration | |
| dbname ldap | |
| dbuser ldap | |
| dbpasswd S3cureP4ssw0rd$ | |
| has_ldapinfo_dn_ru no | |
| subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)" | |
| ################### End of Configuration ############################## | |
| ## running openldap | |
| sudo /opt/openldap/servers/slapd/slapd -d 5 -h 'ldap:/// ldapi:///' -f /etc/openldap/slapd.conf & | |
| ## check if ldap working normally | |
| ldapsearch -x -b "dc=life,dc=com" |
edit /etc/odbc.ini 密碼應該是mysql 授權給 ldap 的密碼
可以再撰寫加入 phpldapadmin 會更完美,另外這個設定 "cn=administrator,dc=boekoe,dc=id" 是如何來的,查詢時又怎會查 ldapsearch -x -b "dc=life,dc=com" 這個 dc ,不解?
Thanks... thats resolved now.
But now Im not able to start openldap.. here is the error message Im getting
5bf4bc5a backsql_db_open(): schema mapping failed, exiting
5bf4bc5a backend_startup_one (type=sql, suffix="dc=domain,dc=com"): bi_db_open failed! (1)
5bf4bc5a slapd shutdown: initiated
5bf4bc5a ==>backsql_db_close()
5bf4bc5a <==backsql_db_close()
5bf4bc5a slapd destroy: freeing system resources.
5bf4bc5a ==>backsql_close_db_handle(0x21ab440)
5bf4bc5a <==backsql_close_db_handle(0x21ab440)
5bf4bc5a ==>backsql_db_destroy()
5bf4bc5a ==>backsql_free_db_env()
5bf4bc5a <==backsql_free_db_env()
5bf4bc5a ==>destroy_schema_map()
5bf4bc5a <==destroy_schema_map()
5bf4bc5a <==backsql_db_destroy()
5bf4bc5a slapd stopped.
@samcookies: same here, take a look at https://github.com/openldap/openldap/tree/master/servers/slapd/back-sql/rdbms_depend/mysql for example schemas
Hello, got the same error as @samcookies
someone have the solution ?
Ok I fix it. you need to clean the /etc/openldap/slapd.conf file and add the following text (same as tutorial) :
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database sql
suffix "dc=boekoe,dc=id"
rootdn "cn=administrator,dc=boekoe,dc=id"
rootpw {SSHA}Th2pCgWlUzNg2gghclpU1IF4lWfPRIKV
dbname ldap
dbuser ldap
dbpasswd S3cureP4ssw0rd$
has_ldapinfo_dn_ru no
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
Can you please help me with ldap client configuration,
I am able to fetch user details using command line on client machine but login is not happening.
Please help.
When i start Open ldap : " Failed to start slapd.service: Unit slapd.service not found" and " Failed to start openldap.service: Unit openldap.service not found. "
Please help
When i start Open ldap : " Failed to start slapd.service: Unit slapd.service not found" and " Failed to start openldap.service: Unit openldap.service not found. "
Please help
is slapd server installed?
see journalctl -xe
When I start, I received permission denied (13) error. Kindly suggest.
root@ubuntu:/opt# /usr/sbin/slapd -d 5 -h 'ldap:/// ldapi:///' -f /etc/slapd.conf
ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/ldap/ldap.conf
ldap_init: using /etc/ldap/ldap.conf
ldap_url_parse_ext(ldap://172.16.0.217:389)
ldap_init: HOME env is /home/java
ldap_init: trying /home/java/ldaprc
ldap_init: trying /home/java/.ldaprc
ldap_init: trying ldaprc
ldap_init: LDAPCONF env is NULL
ldap_init: LDAPRC env is NULL
5ece5296 @(#)
buildd@lgw01-amd64-003:/build/openldap-GN0ofv/openldap-2.4.42+dfsg/debian/build/servers/slapd
ldap_pvt_gethostbyname_a: host=ubuntu, r=0
5ece5296 daemon_init: ldap:/// ldapi:///
5ece5296 daemon_init: listen on ldap:///
5ece5296 daemon_init: listen on ldapi:///
5ece5296 daemon_init: 2 listeners to open...
ldap_url_parse_ext(ldap:///)
5ece5296 daemon: listener initialized ldap:///
ldap_url_parse_ext(ldapi:///)
5ece5296 daemon: listener initialized ldapi:///
5ece5296 daemon_init: 3 listeners opened
ldap_create
5ece5296 slapd init: initiated server.
5ece5296 slap_sasl_init: initialized!
5ece5296 could not open config file "/etc/slapd.conf": Permission denied (13)
5ece5296 slapd destroy: freeing system resources.
5ece5296 slapd stopped.
5ece5296 connections_destroy: nothing to destroy.
按照文档在ubuntu18下执行,有如下注意事项:
1、第9行:CREATE USER 'ldap'@'localhost' IDENTIFIED BY 'S3cureP4ssw0rd$';
这里是mysql的数据库账号:ldap , 密码:S3cureP4ssw0rd$ ,密码在后面需要使用。
2、第18行:sudo mysql -u root ldap < init-ldap.sql
这里定义了表结构,需要额外添加数据
https://github.com/openldap/openldap/blob/master/servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql
https://github.com/openldap/openldap/blob/master/servers/slapd/back-sql/rdbms_depend/mysql/testdb_data.sql
3、第46行:Password = ldap
修改成 Password = S3cureP4ssw0rd$
4、第80行:sudo /usr/sbin/slappasswd -h {SSHA}
要求输入密码,这里根据testdb_data.sql中字段,输入"mit"。
返回 {SSHA}JvQPNRew1UBxGZoqYoMy+tXYfVE0ZnVT ,加密密码后面需要使用。
5、第100行,101行,102行,根据sql文件中内容修改如下:
suffix "dc=example,dc=com"
rootdn "cn=Mitya Kovalev,dc=example,dc=com"
rootpw {SSHA}JvQPNRew1UBxGZoqYoMy+tXYfVE0ZnVT
6、第117行:ldapsearch -x -b "dc=life,dc=com"
修改sql中定义的信息 ldapsearch -x -b "dc=example,dc=com"
I cant use cn=administrator,dc=boekoe,dc=id and password to login in phpldapadmin
Hello, I was unable to successfully create an entry after logging in with phpldapadmin. Do I need to do any other configuration?
Can you please help me with below error message...
sudo echo "show databases" | isql -v openldap
[IM002][unixODBC][Driver Manager]Data source name not found, and no default driver specified
[ISQL]ERROR: Could not SQLConnect