Shulou(Shulou.com)06/03 Report--

System environment

Hostnam

Operating system

IP address

Remarks

Node201

CentOS 7.6 x86_64

172.20.20.201

Description: the following are all actions performed by Super Admin root users

Basic environment configuration

Yum install-y wgetwget http://mirrors.aliyun.com/repo/Centos-7.repocp Centos-7.repo / etc/yum.repos.d/cd / etc/yum.repos.d/mv CentOS-Base.repo CentOS-Base.repo.bakmv Centos-7.repo CentOS-Base.repoyum clean allecho-e "172.20.20.201 www.node201.com node201.com node201" > > / etc/hostshostnamectl set-hostname node201systemctl stop firewalld.servicesed-I'/ SELINUX/s/enforcing/disabled/' / etc / selinux/config & & setenforce zero & systemctl disable firewalld.service & & systemctl stop firewalld.service & & logout

Install LDAP

Yum install-y openssl openssl-devel yum-y install openldap compat-openldap openldap-clients openldap-servers openldap-servers-sql openldap-devel migrationtools mkdir-p / var/lib/ldapchown-R ldap:ldap / var/lib/ldapsystemctl start slapd

View LDAP version and services and ports

Slapd-VVps-ef | grep slapdss-lntup | grep 38

Configure the LDAP administrator password

Slappasswd

Cd / etc/openldap/vi chrootpw.ldif # specify the password generated above for "olcRootPW" sectiondn: olcDatabase= {0} config,cn=configchangetype: modifyadd: olcRootPWolcRootPW: {SSHA} c22zti7umHh8l1HGbFSHMQ4eXGMWEoYS# wq Save and exit ldapadd-Y EXTERNAL-H ldapi:///-f chrootpw.ldif

Import Schema

Ldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/cosine.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/nis.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/collective.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/corba.ldifldapadd-Y EXTERNAL -H ldapi:///-D "cn=config"-f / etc/openldap/schema/core.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/duaconf.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/dyngroup.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/inetorgperson.ldifldapadd-Y EXTERNAL-H ldapi: / /-D "cn=config"-f / etc/openldap/schema/java.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/misc.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/openldap.ldifldapadd-Y EXTERNAL-H ldapi:///-D "cn=config"-f / etc/openldap/schema/pmi.ldifldapadd-Y EXTERNAL-H ldapi:/// -D "cn=config"-f / etc/openldap/schema/ppolicy.ldif

Modify the configuration file

Cp / etc/openldap/slapd.d/cn\ = config/olcDatabase\ =\ {1\} monitor.ldif / etc/openldap/slapd.d/cn\ = config/olcDatabase\ =\ {1\} monitor.ldif.baksed-I's roomcnkeeper Manager dcposit Dc=com#g' / etc/openldap/slapd.d/cn\ = config/olcDatabase\ =\ {1\} monitor.ldifcp / etc/openldap/slapd.d/cn\ = config/olcDatabase\ =\ {2\} hdb.ldif / etc/openldap/slapd.d/cn\ = config/olcDatabase\ =\ {2\} hdb.ldif.baksed-I'sroomcnfolk Manager hdb.ldif hdb.ldif

Configure DN for LdAP

Suppose my ROOT DN here is to use the local domain name as node201.com

Slappasswd

Vi chdomain.ldif # replace to your own domain name for "dc=***,dc=***" section# specify the password generated above for "olcRootPW" sectiondn: olcDatabase= {1} monitor,cn=configchangetype: modifyreplace: olcAccessolcAccess: {0} to * by dn.base= "gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.base= "cn=Manager,dc=node201,dc=com" read by * nonedn: olcDatabase= {2} hdb,cn=configchangetype: modifyreplace: olcSuffixolcSuffix: dc=node201,dc=comdn: olcDatabase= {2} hdb,cn=configchangetype: modifyreplace: olcRootDNolcRootDN: cn=Manager,dc=node201,dc=comdn: olcDatabase= {2} hdb Cn=configchangetype: modifyadd: olcRootPWolcRootPW: {SSHA} dmlBn+z3eUR4YYtOGMnoUUnWGxc8tyDJdn: olcDatabase= {2} hdb,cn=configchangetype: modifyadd: olcAccessolcAccess: {0} to attrs=userPassword,shadowLastChange by dn= "cn=Manager,dc=node201,dc=com" write by anonymous auth by self write by * noneolcAccess: {2} to dn.base= "by * readolcAccess: {2} to * by dn=" cn=Manager,dc=node201,dc=com "write by * read#wq! Save and exit ldapmodify-Y EXTERNAL-H ldapi:///-f chdomain.ldif

Import Base domain

Vi basedomain.ldif dn: dc=node201,dc=comdc: node201objectClass: topobjectClass: domaindn: ou=dev,dc=node201,dc=comou: devobjectClass: topobjectClass: organizationalUnitdn: ou=test,dc=node201,dc=comou: testobjectClass: topobjectClass: organizationalUnit#wq! Save the password created for the second time by exiting ldapadd-x-D cn=Manager,dc=node201,dc=com-W-f basedomain.ldif #. I have the same password for the first and second time here.

Query verification

Ldapsearch-x-b "dc=node201,dc=com"

Support LDAP installation successfully, now to add records, you must use the ldapadd command to add entries, is there a graphical interface to manipulate or view its directory structure? The answer is yes, that is: phpLDAPAdmin, here is how to deploy phpLDAPAdmin

Install phpLDAPAdmin

Yum-y install httpdmv / etc/httpd/conf.d/welcome.conf / etc/httpd/conf.d/welcome.conf.baksed-I "s/#ServerName www.example.com:80/ServerName www.node201.com:80/g" / etc/httpd/conf/httpd.confcp / etc/httpd/conf/httpd.conf / etc/httpd/conf/httpd.conf.baksed-I '151s/AllowOverride None/AllowOverride All/g' / etc/httpd/conf/httpd.confsed-I' 164s/ DirectoryIndex index.html/DirectoryIndex index.html index.cgi index.php/g' / etc/httpd/conf/httpd.confsystemctl start httpdsystemctl enable httpdecho "Apache is OK" > > / var/www/html/index.htmlcurl-I http://www.node201.com/

Install PHP

Yum-y install php php-mbstring php-pearcp / etc/php.ini / etc/php.ini.baksed-I '878sThe date. Timezone = # date.timezone = "Asia/Shanghai" # g' / etc/php.ini systemctl restart httpdcat > / var/www/html/index.php

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.