OpenLDAP 2.4.46 的安装
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了OpenLDAP 2.4.46 的安装相关的知识,希望对你有一定的参考价值。
?
?
?
?
源码包下载地址:http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.46.tgz
系统环境
[[email protected] ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) [[email protected] ~]# uname -r 3.10.0-514.el7.x86_64 [[email protected] ~]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:a5:6b:07 brd ff:ff:ff:ff:ff:ff inet 172.16.216.164/24 brd 172.16.216.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fea5:6b07/64 scope link valid_lft forever preferred_lft forever
一、yum 方式安装
[[email protected] ~]# yum install openldap-servers openldap-clients [[email protected] ~]# rpm -ql openldap-servers /usr/share/openldap-servers/DB_CONFIG.example /usr/share/openldap-servers/slapd.ldif [[email protected] ~]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG [[email protected] ~]# chown -R ldap.ldap /var/lib/ldap [[email protected] ~]# systemctl restart slapd [[email protected] ~]# ps -ef |grep slapd |grep -v grep ldap 2077 1 0 15:37 ? 00:00:00 /usr/sbin/slapd -u ldap -h ldap:/// ldap:/// [[email protected] ~]# netstat -tulnp |grep slapd tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 2077/slapd tcp6 0 0 :::389 :::* LISTEN 2077/slapd [[email protected] ~]# cd /etc/openldap/ [[email protected] openldap]# ls certs check_password.conf ldap.conf schema slapd.d [[email protected] openldap]# cd slapd.d/ [[email protected] slapd.d]# ls cn=config cn=config.ldif [[email protected] slapd.d]# cd cn=config/ [[email protected] cn=config]# ls cn=schema olcDatabase={0}config.ldif olcDatabase={1}monitor.ldif cn=schema.ldif olcDatabase={-1}frontend.ldif olcDatabase={2}hdb.ldif
二、源码的方式安装
编译安装 Berkeley DB
下载地址:http://download.oracle.com/otn/berkeley-db/db-5.3.28.tar.gz
[[email protected] software]# yum install libtool-ltdl libtool-ltdl-devel gcc openssl openssl-devel -y [[email protected] software]# tar xf db-5.3.28.tar.gz [[email protected] software]# cd db-5.3.28/ [[email protected] db-5.3.28]# ls build_android build_vxworks build_windows docs lang README test build_unix build_wince dist examples LICENSE src util [[email protected] db-5.3.28]# cd build_unix [[email protected] build_unix]# ../dist/configure --prefix=/usr/local/db_5.3.28 ...... checking for growing a file under an mmap region... yes configure: creating ./config.status config.status: creating Makefile config.status: creating db_cxx.h config.status: creating db_int.h config.status: creating clib_port.h config.status: creating include.tcl config.status: creating db.h config.status: creating db_config.h config.status: executing libtool commands [[email protected] build_unix]# make [[email protected] build_unix]# make install [[email protected] build_unix]# cd /usr/local/db_5.3.28/ [[email protected] db_5.3.28]# ls bin docs include lib [[email protected] db_5.3.28]# ls include/ db_cxx.h db.h [[email protected] db_5.3.28]# ls bin/ db_archive db_deadlock db_hotbackup db_log_verify db_recover db_stat db_upgrade db_checkpoint db_dump db_load db_printlog db_replicate db_tuner db_verify
编译安装 OpenLDAP
[[email protected] software]# tar xf openldap-2.4.46.tgz [[email protected] software]# cd openldap-2.4.46/ [[email protected] openldap-2.4.46]# ./configure CPPFLAGS="-I/usr/local/db_5.3.28/include" LDFLAGS="-L/usr/local/db_5.3.28/lib -Wl,-rpath,/usr/local/db_5.3.28/lib" --prefix=/usr/local/openldap.2.4.46 或 [[email protected] openldap-2.4.46]# vim /etc/profile export CPPFLAGS="-I/usr/local/db_5.3.28/include" export LDFLAGS="-L/usr/local/db_5.3.28/lib -Wl,-rpath,/usr/local/db_5.3.28/lib" [[email protected] openldap-2.4.46]# source /etc/profile [[email protected] openldap-2.4.46]# ./configure --prefix=/usr/local/openldap.2.4.46 ...... Making servers/slapd/backends.c Add config ... Add ldif ... Add monitor ... Add bdb ... Add hdb ... Add mdb ... Add relay ... Making servers/slapd/overlays/statover.c Add syncprov ... Please run "make depend" to build dependencies [[email protected] openldap-2.4.46]# make ...... done make[3]: 离开目录“/opt/software/openldap-2.4.46/doc/man/man8” make[2]: 离开目录“/opt/software/openldap-2.4.46/doc/man” make[1]: 离开目录“/opt/software/openldap-2.4.46/doc” [[email protected] openldap-2.4.46]# make install ...... done installing slapacl.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapadd.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapauth.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapcat.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapd.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapdn.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapindex.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slappasswd.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slapschema.8 in /usr/local/openldap.2.4.46/share/man/man8 installing slaptest.8 in /usr/local/openldap.2.4.46/share/man/man8 make[3]: 离开目录“/opt/software/openldap-2.4.46/doc/man/man8” make[2]: 离开目录“/opt/software/openldap-2.4.46/doc/man” make[1]: 离开目录“/opt/software/openldap-2.4.46/doc” [[email protected] openldap-2.4.46]# cd /usr/local/openldap.2.4.46/ [[email protected] openldap.2.4.46]# ls bin etc include lib libexec sbin share var [[email protected] openldap.2.4.46]# ls bin/ ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami [[email protected] openldap.2.4.46]# ls sbin/ slapacl slapadd slapauth slapcat slapdn slapindex slappasswd slapschema slaptest [[email protected] openldap.2.4.46]# ls etc/ openldap [[email protected] openldap.2.4.46]# ls etc/openldap/ DB_CONFIG.example ldap.conf ldap.conf.default schema slapd.conf slapd.conf.default slapd.ldif slapd.ldif.default [[email protected] openldap.2.4.46]# ls etc/openldap/schema/ collective.ldif core.ldif duaconf.ldif inetorgperson.ldif misc.ldif openldap.ldif ppolicy.ldif collective.schema core.schema duaconf.schema inetorgperson.schema misc.schema openldap.schema ppolicy.schema corba.ldif cosine.ldif dyngroup.ldif java.ldif nis.ldif pmi.ldif README corba.schema cosine.schema dyngroup.schema java.schema nis.schema pmi.schema [[email protected] openldap.2.4.46]# ls lib/ liblber-2.4.so.2 liblber.la libldap-2.4.so.2.10.9 libldap_r-2.4.so.2 libldap_r.la liblber-2.4.so.2.10.9 liblber.so libldap.a libldap_r-2.4.so.2.10.9 libldap_r.so liblber.a libldap-2.4.so.2 libldap.la libldap_r.a libldap.so [[email protected] openldap.2.4.46]# ls libexec/ slapd [[email protected] openldap.2.4.46]# ls var/ openldap-data run [[email protected] openldap.2.4.46]# ls var/openldap-data/ DB_CONFIG.example [[email protected] openldap.2.4.46]# mv var/openldap-data/DB_CONFIG.example var/openldap-data/DB_CONFIG [[email protected] openldap.2.4.46]# mv etc/openldap/DB_CONFIG.example etc/openldap/DB_CONFIG [[email protected] ~]# vim /etc/profile export PATH="/usr/local/openldap.2.4.46/sbin:/usr/local/openldap.2.4.46/bin:$PATH" [[email protected] sbin]# . /etc/profile [[email protected] openldap.2.4.46]# cd libexec/ [[email protected] libexec]# ./slapd [[email protected] ~]# ps -ef |grep slapd |grep -v grep root 123115 1 0 16:58 ? 00:00:00 ./slapd [[email protected] ~]# netstat -tulnp |grep slapd tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 123115/./slapd tcp6 0 0 :::389 :::* LISTEN 123115/./slapd
三、OpenLDAP+OpenSSL 的安装
[[email protected] ~]# cd /opt/software/openldap-2.4.46 [[email protected] ldapBrowser]# yum install libicu-devel* cyrus-sasl* [[email protected] openldap-2.4.46]# ./configure --with-tls=openssl CPPFLAGS="-I/usr/local/db_5.3.28/include" LDFLAGS="-L/usr/local/db_5.3.28/lib -Wl,-rpath,/usr/local/db_5.3.28/lib" --prefix=/usr/local/openldap.2.4.46 |grep openssl checking openssl/ssl.h usability... yes checking openssl/ssl.h presence... yes checking for openssl/ssl.h... yes [[email protected] openldap-2.4.46]# make && make install [[email protected] libexec]# ./slapd -h "ldap:/// ldaps:///" -d 1 ldap_url_parse_ext(ldap://localhost/) ldap_init: trying /usr/local/openldap.2.4.46/etc/openldap/ldap.conf ldap_init: using /usr/local/openldap.2.4.46/etc/openldap/ldap.conf ldap_init: HOME env is /root ldap_init: trying /root/ldaprc ldap_init: trying /root/.ldaprc ldap_init: trying ldaprc ldap_init: LDAPCONF env is NULL ldap_init: LDAPRC env is NULL 5b4d6e18 @(#) $OpenLDAP: slapd 2.4.46 (Jul 17 2018 12:09:50) $ [email protected]:/opt/software/openldap-2.4.46/servers/slapd ldap_pvt_gethostbyname_a: host=openldap.jrgc.cn, r=0 5b4d6e18 daemon_init: listen on ldap:/// 5b4d6e18 daemon_init: listen on ldaps:/// 5b4d6e18 daemon_init: 2 listeners to open... ldap_url_parse_ext(ldap:///) 5b4d6e18 daemon: listener initialized ldap:/// ldap_url_parse_ext(ldaps:///) 5b4d6e18 daemon: listener initialized ldaps:/// 5b4d6e18 daemon_init: 4 listeners opened ldap_create 5b4d6e18 slapd init: initiated server. 5b4d6e18 bdb_back_initialize: initialize BDB backend 5b4d6e18 bdb_back_initialize: Berkeley DB 5.3.28: (September 9, 2013) 5b4d6e18 hdb_back_initialize: initialize HDB backend 5b4d6e18 hdb_back_initialize: Berkeley DB 5.3.28: (September 9, 2013) 5b4d6e18 mdb_back_initialize: initialize MDB backend 5b4d6e18 mdb_back_initialize: LMDB 0.9.22: (March 21, 2018) 5b4d6e18 mdb_db_init: Initializing mdb database 5b4d6e18 >>> dnPrettyNormal: <dc=abc> 5b4d6e18 <<< dnPrettyNormal: <dc=abc>, <dc=abc> 5b4d6e18 >>> dnPrettyNormal: <cn=Manager,dc=abc> 5b4d6e18 <<< dnPrettyNormal: <cn=Manager,dc=abc>, <cn=manager,dc=abc> 5b4d6e18 >>> dnNormalize: <cn=Subschema> 5b4d6e18 <<< dnNormalize: <cn=subschema> 5b4d6e18 matching_rule_use_init ......
?
??
以上是关于OpenLDAP 2.4.46 的安装的主要内容,如果未能解决你的问题,请参考以下文章