Hostname e arquivo hosts:
root@ldap:~# cat /etc/hostname ldap
root@ldap:~# cat /etc/hosts 127.0.0.1 localhost 198.51.100.250 ldap.exemplo.org ldap [...]
ConfiguraĆ§Ć£o de rede:
root@ldap:~# cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 198.51.100.250 netmask 255.255.255.0 gateway 198.51.100.254 dns-nameservers 198.51.100.200
root@ldap:~# aptitude update
root@ldap:~# aptitude install slapd ldap-utils
Configurando
root@ldap:~# systemctl stop slapd root@ldap:~# ls /var/lib/ldap/ data.mdb lock.mdb root@ldap:~# rm -rf /var/lib/ldap/*
root@ldap:~# cp /usr/share/doc/slapd/examples/slapd.conf /etc/ldap/
root@ldap:~# chown openldap.openldap /etc/ldap/slapd.conf
Schema qmail
root@ldap:~# cd /etc/ldap/schema/ root@ldap:/etc/ldap/schema# wget https://raw.githubusercontent.com/amery/qmail/master/qmail.schema
root@ldap:~# egrep -v "^#|^$" /etc/ldap/slapd.conf include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/qmail.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 256 modulepath /usr/lib/ldap moduleload back_hdb sizelimit 500 tool-threads 1 backend hdb database hdb suffix "dc=exemplo,dc=org" rootdn "cn=admin,dc=exemplo,dc=org" rootpw "{SSHA}Ph4deQZmYrIcP48I9lYemmhS+OGF8yM/" directory "/var/lib/ldap" dbconfig set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass eq index cn,sn,ou eq,sub,approx index uid,uidNumber,gidNumber eq index mail,mailAlternateAddress,mailMessageStore,mailHost eq,pres,sub index default eq,pres,sub lastmod on checkpoint 512 30 access to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=exemplo,dc=org" write by anonymous auth by self write by * none access to dn.base="" by * read access to * by dn="cn=admin,dc=exemplo,dc=org" write by * read
root@ldap:~# egrep -v "^#|^$" /etc/default/slapd SLAPD_CONF=/etc/ldap/slapd.conf SLAPD_USER="openldap" SLAPD_GROUP="openldap" SLAPD_PIDFILE= SLAPD_SERVICES="ldap:/// ldapi:///" SLAPD_SENTINEL_FILE=/etc/ldap/noslapd SLAPD_OPTIONS=""
root@ldap:~# systemctl start slapd
Estrutura
root@ldap:~# slappasswd New password: Re-enter new password: {SSHA}jq8mEH1UvLyxWKMVhMDOT5/ImZ7vTAch
root@ldap:~# cat estrutura.ldif dn: dc=exemplo,dc=org dc: exemplo o: exemplo objectClass: top objectClass: dcObject objectClass: organization dn: ou=Usuarios,dc=exemplo,dc=org ou: Usuarios objectClass: top objectClass: organizationalUnit dn: cn=Alice Schneier,ou=Usuarios,dc=exemplo,dc=org telephoneNumber: (11)3333-9999 displayName: Alice Schneier objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: qmailUser o: Exemplo LTDA. mobile: (94)3333-9999 sn: Schneier mail: alice@exemplo.org homePhone: (94)3333-9999 givenName: Alice cn: Alice Schneier mailHost: localhost mailMessageStore: maildir:/home/vmail/alice/Maildir/ homeDirectory: /home/vmail/alice/ accountStatus: A mailAlternateAddress: alice.schneier@exemplo.org userPassword: {SSHA}jq8mEH1UvLyxWKMVhMDOT5/ImZ7vTAch dn: cn=Bob Schneier,ou=Usuarios,dc=exemplo,dc=org telephoneNumber: (11)3333-9999 displayName: Bob Schneier objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: qmailUser o: Exemplo LTDA. mobile: (94)3333-9999 sn: Schneier mail: bob@exemplo.org homePhone: (94)3333-9999 givenName: Bob cn: Bob Schneier mailHost: localhost mailMessageStore: maildir:/home/vmail/bob/Maildir/ homeDirectory: /home/vmail/bob/ accountStatus: A mailAlternateAddress: bob.schneier@exemplo.org userPassword: {SSHA}jq8mEH1UvLyxWKMVhMDOT5/ImZ7vTAch
root@ldap:~# ldapadd -x -D cn=admin,dc=exemplo,dc=org -W -h localhost -f estrutura.ldif Enter LDAP Password: adding new entry "dc=exemplo,dc=org" adding new entry "ou=Usuarios,dc=exemplo,dc=org" adding new entry "cn=Alice Schneier,ou=Usuarios,dc=exemplo,dc=org" adding new entry "cn=Bob Schneier,ou=Usuarios,dc=exemplo,dc=org"
root@ldap:~# ldapsearch -x -D cn=admin,dc=exemplo,dc=org -b dc=exemplo,dc=org -W -h localhost -LLL Enter LDAP Password: dn: dc=exemplo,dc=org dc: exemplo o: exemplo objectClass: top objectClass: dcObject objectClass: organization dn: ou=Usuarios,dc=exemplo,dc=org ou: Usuarios objectClass: top objectClass: organizationalUnit dn: cn=Alice Schneier,ou=Usuarios,dc=exemplo,dc=org telephoneNumber: (11)3333-9999 displayName: Alice Schneier objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: qmailUser o: Exemplo LTDA. mobile: (94)3333-9999 sn: Schneier mail: alice@exemplo.org homePhone: (94)3333-9999 givenName: Alice cn: Alice Schneier mailHost: localhost mailMessageStore: maildir:/home/vmail/alice/Maildir/ homeDirectory: /home/vmail/alice/ accountStatus: A mailAlternateAddress: alice.schneier@exemplo.org userPassword:: e1NTSEF9anE4bUVIMVV2THl4V0tNVmhNRE9UNS9JbVo3dlRBY2g= dn: cn=Bob Schneier,ou=Usuarios,dc=exemplo,dc=org telephoneNumber: (11)3333-9999 displayName: Bob Schneier objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: qmailUser o: Exemplo LTDA. mobile: (94)3333-9999 sn: Schneier mail: bob@exemplo.org homePhone: (94)3333-9999 givenName: Bob cn: Bob Schneier mailHost: localhost mailMessageStore: maildir:/home/vmail/bob/Maildir/ homeDirectory: /home/vmail/bob/ accountStatus: A mailAlternateAddress: bob.schneier@exemplo.org userPassword:: e1NTSEF9anE4bUVIMVV2THl4V0tNVmhNRE9UNS9JbVo3dlRBY2g=