install LDAP di ubuntu 10.10
1. Dari console ketik
# apt-get install slapd ldap-utils
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
# apt-get install slapd ldap-utils
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
2. Buat file backend.ldif yang isinya atau download file .txt nya disini)
** asumsi domainnya:example.com dengan admin:admin, password admin:secret
—————————————————
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb.la
—————————————————
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb.la
# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=example,dc=com
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=example,dc=com
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn=”cn=admin,dc=example,dc=com” write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base=”" by * read
olcAccess: to * by dn=”cn=admin,dc=example,dc=com” write by * read
————————————————————
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=example,dc=com
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=example,dc=com
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn=”cn=admin,dc=example,dc=com” write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base=”" by * read
olcAccess: to * by dn=”cn=admin,dc=example,dc=com” write by * read
————————————————————
3. #ldapadd -Y EXTERNAL -H ldapi:/// -f backend.ldif
4. Buat fiel frontend.ldif (atau download .txt disini)
———————————————————-
# Create top-level object in domain
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: Example Organization
#dc: Example
description: LDAP Example
# Create top-level object in domain
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: Example Organization
#dc: Example
description: LDAP Example
# Admin user.
dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secret
dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secret
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people
objectClass: organizationalUnit
ou: people
dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups
———————————————————-
objectClass: organizationalUnit
ou: groups
———————————————————-
4. #ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.ldif
Kalau ditanya password ketik secret (atau sesuai setingan anda di backend.ldif)
Kalau ditanya password ketik secret (atau sesuai setingan anda di backend.ldif)
5. Beres…
Manajemen lewat browser bisa digunakan phpldapadmin
tetapi terlebih dahulu pastikan php support ldap
#apt-get install php5-ldap
Manajemen lewat browser bisa digunakan phpldapadmin
tetapi terlebih dahulu pastikan php support ldap
#apt-get install php5-ldap
6. Setelah download phpldapadmin, extract dan copy folder phpldapadmin ke /var/www
#tar xzvf phpldapadmin.xxx
#cp phpldapadmin.xxx /var/www
#tar xzvf phpldapadmin.xxx
#cp phpldapadmin.xxx /var/www
7. Ubah config.php.example ke config.php di folder config
#mv /var/www/phpldapadmin.xxx/config/config.php.example /var/www/phpldapadmin.xxx/config/config.php
#mv /var/www/phpldapadmin.xxx/config/config.php.example /var/www/phpldapadmin.xxx/config/config.php
8. Buka browser dan ketik address
http://serverweb/phpldapadmin.xxx
9. Login dengan
user : cn=admin,dc=example,dc=com
password: secret
user : cn=admin,dc=example,dc=com
password: secret
Untuk konfigurasi lanjutan bisa dilihat disini
BACKUP DATABASE OPENLDAP
script sederhana:
buat file backup-ldap.sh yang isinya :
buat file backup-ldap.sh yang isinya :
#!/bin/bash
DATADIR=/var/backup/ldap
DATE=$(date +%Y-%m-%d)
# Backup LDAP
echo “Backup LDAP”
slapcat -l $DATADIR/ldap-backup-$DATE.ldif
echo “Compress LDAP backup files”
gzip -9 $DATADIR/ldap-backup-$DATE.ldif
echo “Delete backup file older than 5 days”
# Delete old file
find $DATADIR/*.gz -mtime +5 -exec rm {} \;echo “Done!”
exit
DATADIR=/var/backup/ldap
DATE=$(date +%Y-%m-%d)
# Backup LDAP
echo “Backup LDAP”
slapcat -l $DATADIR/ldap-backup-$DATE.ldif
echo “Compress LDAP backup files”
gzip -9 $DATADIR/ldap-backup-$DATE.ldif
echo “Delete backup file older than 5 days”
# Delete old file
find $DATADIR/*.gz -mtime +5 -exec rm {} \;echo “Done!”
exit
buat executable dengan chmode +x backup-ldap.sh, terus jalankan :
sudo backup-ldap.sh
sudo backup-ldap.sh
RESTORE DATABASE OPENLDP
Pertama-tama decompress file gzip :
#gunzip ldap-backup-2009-12-30.ldif.gz
#gunzip ldap-backup-2009-12-30.ldif.gz
Matikan slapd :
#/etc/init.d/slapd stop
#/etc/init.d/slapd stop
setelah itu jalankan perintah:
#slapadd -v -c -l ldap-backup-2009-12-30.ldif -f /etc/ldap/slapd.conf
#slapadd -v -c -l ldap-backup-2009-12-30.ldif -f /etc/ldap/slapd.conf
setelah itu restart slapd
#/etc/init.d/slapd restart
#/etc/init.d/slapd restart
Tidak ada komentar:
Posting Komentar