0%

OpenLDAP 安装(Ubuntu 18.04)

安装Server端和Client端

1
2
root@jp-vps:~$apt-get install slapd
root@jp-vps:~$apt-get install ldap-utils
  • slapd OpenLDAP server
  • ldap-utils OpenLDAP utilities

默认配置

学习目的,认为是黑盒环境,通过服务脚本/etc/init.d/slapd进行追踪和信息确认

关键信息如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
31 # Source the init script configuration
32 if [ -f "/etc/default/slapd" ]; then
33 . /etc/default/slapd
34 fi
35
36 # Load the default location of the slapd config file
37 if [ -z "$SLAPD_CONF" ]; then
38 if [ -e /etc/ldap/slapd.d ]; then
39 SLAPD_CONF=/etc/ldap/slapd.d
40 else
41 SLAPD_CONF=/etc/ldap/slapd.conf
42 fi
43 fi

53 # extend options depending on config type
54 if [ -f "$SLAPD_CONF" ]; then
55 SLAPD_OPTIONS="-f $SLAPD_CONF $SLAPD_OPTIONS"
56 elif [ -d "$SLAPD_CONF" ] ; then
57 SLAPD_OPTIONS="-F $SLAPD_CONF $SLAPD_OPTIONS"
58 fi

基于以上信息,配置相关:

  • /etc/default/slapd文件
  • /etc/ldap/slapd.d目录 或 /etc/ldap/slapd.conf文件

配置信息确认

1
2
root@jp-vps:~$ls /etc/ldap/
ldap.conf sasl2 schema slapd.d

存在slapd.d, 所以/etc/ldap/slapd.d是配置目录
ldap.conf是client配置文件,不要被误导

通过Git做到配置信息持续跟踪(学习用,生产环境不建议)

这时候很多Baidu/Google过相关OpenLDAP信息的人会有疑惑,缺少slapd.conf文件

但是如果通读过OpenLDAP文档的人,应该不会有此疑惑。在5. Configuring slapd章节有描述

1
2
3
4
5
OpenLDAP 2.3 and later have transitioned to using a
dynamic runtime configuration engine, slapd-config(5). slapd-config(5)

The older style slapd.conf(5) file is still supported,
but its use is deprecated and support for it will be withdrawn in a future OpenLDAP release.

至此,软件安装完毕, 配置目录也已确认. 建议通过git维护/etc/ldap目录

1
2
3
4
cd /etc/ldap
git init
git add *
git commit -m '/etc/ldap/ init'