doc:appunti:linux:sa:sldap_2_5
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
doc:appunti:linux:sa:sldap_2_5 [2023/12/02 11:41] – [Testing an ldapsearch] niccolo | doc:appunti:linux:sa:sldap_2_5 [2023/12/02 12:31] (current) – [Enable SSL] niccolo | ||
---|---|---|---|
Line 14: | Line 14: | ||
FIXME La **[[https:// | FIXME La **[[https:// | ||
+ | |||
+ | Per ripristinare il servizio si sono eseguite ex-nove tutte le operazoni necessarie, in particolare: | ||
+ | |||
+ | * Caricato lo schema **mozillaAbPersonAlpha**. | ||
+ | * Creato il database #2 per gestire il suffisso **ou=Addressbook, | ||
+ | * Creata la organizationalUnit **Addressbook**. | ||
+ | * Creata la inetOrgPerson **cn=guest**. | ||
+ | * Caricate tutte le entry objectClass **mozillaAbPersonAlpha**. | ||
===== (Re)installation from scratch ===== | ===== (Re)installation from scratch ===== | ||
Line 34: | Line 42: | ||
Reading the dump of database #0, you can see that the **cn=config** database has the **olcRootDN: | Reading the dump of database #0, you can see that the **cn=config** database has the **olcRootDN: | ||
+ | |||
+ | ===== Enable SSL ===== | ||
+ | |||
+ | Create a self signed certificate or get it from some provider, like **[[https:// | ||
+ | |||
+ | Create the following file **config-ssl.ldif**: | ||
+ | |||
+ | < | ||
+ | dn: cn=config | ||
+ | changetype: modify | ||
+ | replace: olcTLSCertificateFile | ||
+ | olcTLSCertificateFile: | ||
+ | - | ||
+ | replace: olcTLSCertificateKeyFile | ||
+ | olcTLSCertificateKeyFile: | ||
+ | - | ||
+ | replace: olcTLSCACertificatePath | ||
+ | olcTLSCACertificatePath: | ||
+ | </ | ||
+ | |||
+ | and load it into the slapd 2.5 configuration: | ||
+ | |||
+ | < | ||
+ | ldapmodify -Y EXTERNAL -H ldapi:/// -f config-ssl.ldif | ||
+ | </ | ||
+ | |||
+ | Enable ldaps into **/ | ||
+ | |||
+ | < | ||
+ | SLAPD_SERVICES=" | ||
+ | </ | ||
+ | |||
+ | Restart the slapd service. | ||
===== Adding a second (new) database ===== | ===== Adding a second (new) database ===== | ||
Line 224: | Line 265: | ||
<code bash> | <code bash> | ||
ldapsearch -W \ | ldapsearch -W \ | ||
- | -H ldap:// | + | -H ldap:// |
-D " | -D " | ||
-b ' | -b ' |
doc/appunti/linux/sa/sldap_2_5.txt · Last modified: 2023/12/02 12:31 by niccolo