用mysql作openldap的后台数据库(3)
时间:2016-05-07 15:18 来源:linux.it.net.cn 作者:IT
After the make install process, we will copy over the slapd.conf file that is configured to use a SQL backend. This file is buried under the OpenLDAP ports directory in the following path:
在安装过程完毕后,我们将复制使用SQL作后台的slapd.conf文件,这个文件在openldap的ports目录的下面的路径中生成:
work/openldap-2.1.30/servers/slapd/back-sql/rdbms_depend/mysql
Change to this directory, from the ports directory of OpenLDAP, and copy the configuration file over
>; cp slapd.conf /usr/local/etc/openldap
Then we can import the back SQL file from this directory into our running MySQL server database
root@host # mysql < backsql_create.sql ldap
root@host # mysql < testdb_create.sql ldap
Optionally we can import the testdb_data and testdb_metadata files into the database so that we can have example data with which to work
Next we need to edit the /usr/local/etc/openldap/slapd.conf file and make the protper adjustments. We need to setup the slapd service to use a SQL backend under the "SQL database definitions" section
database sql
suffix "o=sql,c=RU"
rootdn "cn=root,o=sql,c=RU"
rootpw secret
dbname ldap
dbuser ldap
dbpasswd password
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
insentry_query "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)"
Go ahead and comment out or delete any other example configurations for alternate SQL connectors such as Postgres and/or MsSQL settings. (Unless of course you are using a Postgres or MsSQL server as your backend
Post installation configuration
Next, we need to edit the /etc/rc.conf and configure the OpenLDAP server to star on boot by making the following changes
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
slapd_sockets="/var/run/openldap/ldapi"
And finally we need to edit the OpenLDAP startup script and setup the ODBC path for the server to use. Edit /etc/rc.d/slapd file and add the following line:
export ODBCINI=/usr/local/etc/libiodbc/odbc.ini
Just as we performed the iodbctest, this variable is essential for OpenLDAP to know where the configuration file to use for ODBC connectivity
Now we are ready to try and bring up our OpenLDAP server. Let us start by running slapd manually in debug mode to see the output of startup:
root@host # /usr/local/libexec/slapd -d 1
We should see the following at the end of the debug output:
<==load_schema_map()
<==backsql_get_db_conn()
==>;backsql_free_db_conn()
backsql_free_db_conn(): closing db connection
==>;backsql_close_db_conn()
<==backsql_close_db_conn()
<==backsql_free_db_conn()
<==backsql_db_open(): test succeeded, schema map loaded
slapd starting
If this is the given output then it looks like our configuration is correct and we are ready to start up OpenLDAP normally for operation.
/etc/rc.d/slapd start
This will startup the OpenLDAP server and we can verify it is running with the following command:
root@host # sockstat |grep slapd
ldap slapd 71838 5 dgram -< /var/run/log
ldap slapd 71838 8 stream /var/run/openldap/ldapi
ldap slapd 71838 9 tcp4 *:389 *:*
From here, use any OpenLDAP Administration tool of your choice to add, edit and remove data
(责任编辑:IT)
After the make install process, we will copy over the slapd.conf file that is configured to use a SQL backend. This file is buried under the OpenLDAP ports directory in the following path: 在安装过程完毕后,我们将复制使用SQL作后台的slapd.conf文件,这个文件在openldap的ports目录的下面的路径中生成: work/openldap-2.1.30/servers/slapd/back-sql/rdbms_depend/mysql Change to this directory, from the ports directory of OpenLDAP, and copy the configuration file over >; cp slapd.conf /usr/local/etc/openldap Then we can import the back SQL file from this directory into our running MySQL server database root@host # mysql < backsql_create.sql ldap root@host # mysql < testdb_create.sql ldap Optionally we can import the testdb_data and testdb_metadata files into the database so that we can have example data with which to work Next we need to edit the /usr/local/etc/openldap/slapd.conf file and make the protper adjustments. We need to setup the slapd service to use a SQL backend under the "SQL database definitions" section database sql suffix "o=sql,c=RU" rootdn "cn=root,o=sql,c=RU" rootpw secret dbname ldap dbuser ldap dbpasswd password subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)" insentry_query "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)" Go ahead and comment out or delete any other example configurations for alternate SQL connectors such as Postgres and/or MsSQL settings. (Unless of course you are using a Postgres or MsSQL server as your backend Post installation configuration Next, we need to edit the /etc/rc.conf and configure the OpenLDAP server to star on boot by making the following changes slapd_enable="YES" slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"' slapd_sockets="/var/run/openldap/ldapi" And finally we need to edit the OpenLDAP startup script and setup the ODBC path for the server to use. Edit /etc/rc.d/slapd file and add the following line: export ODBCINI=/usr/local/etc/libiodbc/odbc.ini Just as we performed the iodbctest, this variable is essential for OpenLDAP to know where the configuration file to use for ODBC connectivity Now we are ready to try and bring up our OpenLDAP server. Let us start by running slapd manually in debug mode to see the output of startup: root@host # /usr/local/libexec/slapd -d 1 We should see the following at the end of the debug output: <==load_schema_map() <==backsql_get_db_conn() ==>;backsql_free_db_conn() backsql_free_db_conn(): closing db connection ==>;backsql_close_db_conn() <==backsql_close_db_conn() <==backsql_free_db_conn() <==backsql_db_open(): test succeeded, schema map loaded slapd starting If this is the given output then it looks like our configuration is correct and we are ready to start up OpenLDAP normally for operation. /etc/rc.d/slapd start This will startup the OpenLDAP server and we can verify it is running with the following command: root@host # sockstat |grep slapd ldap slapd 71838 5 dgram -< /var/run/log ldap slapd 71838 8 stream /var/run/openldap/ldapi ldap slapd 71838 9 tcp4 *:389 *:* From here, use any OpenLDAP Administration tool of your choice to add, edit and remove data (责任编辑:IT) |