Showing posts with label ldap. Show all posts
Showing posts with label ldap. Show all posts

May 12, 2007

Ldap Install Guide

  
yum install openldap-servers.i386 openldap-devel openldap-clients compat-openldap

#加入Samba.schema


 cd /etc/openldap/schema
wget http://www.samba.org/cgi-bin/cvsweb/samba/examples/LDAP/samba.schema?rev=1.1.4.1
mv samba.schema?rev=1.1.4.1 samba.schema

#編輯ldap設定檔



vi /etc/openldap/slapd.conf

#slapd.conf #add


  include /etc/openldap/schema/samba.schema 

#取得加密密碼


 
slappasswd -s root-dn-passwd {SSHA}F+zPYmGidD3HdO5eO3aidWTKjaRZDsUe

#modify


 suffix "dc=im,dc=nuu,dc=edu,dc=tw" rootdn "cn=Manager,dc=im,dc=nuu,dc=edu,dc=tw" rootpw {SSHA}n9G1cmwcsikHDF1OAByZzrjr1f836S3i 

#chown


 chown -R ldap:ldap /var/lib/ldap/  

#TLS


./CA -newcert
./CA –newca
openssl req -new -nodes -keyout newreq.pem -out newreq.pem
./CA -sign
mkdir /etc/openldap/ssl
mv demoCA/cacert.pem /etc/openldap/ssl
mv newcert.pem /etc/openldap/ssl/servercrt.pem
mv newreq.pem /etc/openldap/ssl/serverkey.pem
chown ldap:ldap /etc/openldap/ssl/serverkey.pem
chmod 600 /etc/openldap/ssl/serverkey.pem
scp /etc/openldap/ssl/cacert.pem
root@203.64.178.106:/etc/openldap/ssl/cacert.pem

在客戶端的/etc/openldap/ldap.conf 中加入
TLS_CACERT /etc/openldap/ssl/cacert.pem ,
注意此文件時從服務器上生成的。

Some OpenLDAP Resourse

主要的站:

http://www.openldap.org/


電子書:

http://www.bspu.secna.ru/~swp/LDAP/

http://www.zytrax.com/books/ldap/

實體書(中文):

http://203.64.181.44/Webpac2/store.dll/?ID=169574&T=0&S=ASC&ty=ns

Tools:

ldapadmin

http://ldapadmin.sourceforge.net/

jxplorer

http://www.jxplorer.org/

CSV to LDIF Converter(perl)

http://www.novell.com/coolsolutions/tools/14462.html

CSV2LDIF

http://www.home.unix-ag.org/patrick/index.php?csv2ldif

http://www.bind9.net/ldap-tools

LDAP函式庫:

PHP_LDAP

http://tw.php.net/manual/tw/ref.ldap.php

JDNI

http://java.sun.com/products/jndi/

Perl-LDAP

http://ldap.perl.org/

參考網址:

http://del.icio.us/tag/ldap

http://en.wikipedia.org/wiki/LDAP

Introduction to LDAP

http://twistedmatrix.com/users/tv/ldap-intro/ldap-intro.html


Red Hat Enterprise Linux 4: Reference Guide:Chapter 13. Lightweight Directory Access Protocol (LDAP)

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/ch-ldap.html

jiing's BlogLDAP相關資料整理
http://jiing.blogspot.com/2004/12/ldap.html

LDAP Howto, LDAP Links, LDAP Whitepapers

http://www.bind9.net/ldap/

Steven's Linux Note - Articles

http://ms.ntcb.edu.tw/~steven/

OpenLDAP-輕量級目錄存取協定前言
http://www.weithenn.idv.tw/cgi-bin/wiki.pl/OpenLDAP-%e8%bc%95%e9%87%8f%e7%b4%9a%e7%9b%ae%e9%8c%84%e5%ad%98%e5%8f%96%e5%8d%94%e5%ae%9a%e5%89%8d%e8%a8%80

RedHat Enterprise Linux Server 4.3 + OpenLDAP + DNS + Samba + Postfix + OpenWebmail
http://www.nseasy.net/

OpenLDAP: Configuring Access Control Lists

http://sapiens.wustl.edu/~sysmain/info/openldap/openldap_configure_acl.html

vbird網友投書

http://linux.vbird.org/somepaper

延伸閱讀:

Single Sign on

http://en.wikipedia.org/wiki/Single_sign-on

LdapInjection

http://www.owasp.org/index.php/LDAP_injection


LDAP Software, LDAP Tools, LDAP Utilities