OpenLDAP 安装(Ubuntu 18.04)

安装Server端和Client端

1 2	root@jp-vps:~$apt-get install slapd root@jp-vps:~$apt-get install ldap-utils

slapd OpenLDAP server
ldap-utils OpenLDAP utilities

默认配置

学习目的,认为是黑盒环境,通过服务脚本/etc/init.d/slapd进行追踪和信息确认

关键信息如下

31 # Source the init script configuration
32 if [ -f "/etc/default/slapd" ]; then
33     . /etc/default/slapd
34 fi
35
36 # Load the default location of the slapd config file
37 if [ -z "$SLAPD_CONF" ]; then
38     if [ -e /etc/ldap/slapd.d ]; then
39         SLAPD_CONF=/etc/ldap/slapd.d
40     else
41         SLAPD_CONF=/etc/ldap/slapd.conf
42     fi
43 fi

53 # extend options depending on config type
54 if [ -f "$SLAPD_CONF" ]; then
55     SLAPD_OPTIONS="-f $SLAPD_CONF $SLAPD_OPTIONS"
56 elif [ -d "$SLAPD_CONF" ] ; then
57     SLAPD_OPTIONS="-F $SLAPD_CONF $SLAPD_OPTIONS"
58 fi

基于以上信息,配置相关:

/etc/default/slapd文件
/etc/ldap/slapd.d目录或 /etc/ldap/slapd.conf文件

配置信息确认

1 2	root@jp-vps:~$ls /etc/ldap/ ldap.conf sasl2 schema slapd.d

存在slapd.d, 所以/etc/ldap/slapd.d是配置目录
ldap.conf是client配置文件,不要被误导

通过Git做到配置信息持续跟踪(学习用,生产环境不建议)

这时候很多Baidu/Google过相关OpenLDAP信息的人会有疑惑，缺少slapd.conf文件

但是如果通读过OpenLDAP文档的人，应该不会有此疑惑。在5. Configuring slapd章节有描述

OpenLDAP 2.3 and later have transitioned to using a
dynamic runtime configuration engine, slapd-config(5). slapd-config(5)

The older style slapd.conf(5) file is still supported,
but its use is deprecated and support for it will be withdrawn in a future OpenLDAP release.

至此,软件安装完毕, 配置目录也已确认. 建议通过git维护/etc/ldap目录

cd /etc/ldap
git init
git add *
git commit -m '/etc/ldap/ init'