°Ô½Ã¹° 260°Ç
   
[RedHat] LDAP ±¸¼º
±Û¾´ÀÌ : ÃÖÀå¼· ³¯Â¥ : 2013-11-22 (±Ý) 17:23 Á¶È¸ : 4964

¡á [Linux] - LDAP


1. openldap, openldap-servers, openldap-clients ÆÐÅ°Áö ¼³Ä¡

 

±âº»ÀûÀ¸·Î ¼³Ä¡µÈ ÆÐÅ°Áö´Â openldap ÀÌ ¼³Ä¡°¡ µÇ¾î ÀÖ¾î ÀÌ¿Ü¿¡ ´Ù¸¥ °ÍµéÀ» ¼³Ä¡ÇØ¾ß ÇÕ´Ï´Ù.


yum -y install openldap openldap-servers openldap-clients

 

openldap-servers-2.3.43-12.el5_5.2

openldap-2.3.43-12.el5_5.2

openldap-clients-2.3.43-12.el5_5.2


2. /etc/openldap/slapd.conf ¼öÁ¤


86, 87ÁÙ

suffix          "dc=my-domain,dc=com"

rootdn          "cn=Manager,dc=my-domain,dc=com"

 

 

suffix          "dc=mytempsite,dc=com"

rootdn          "cn=Manager,dc=mytempsite,dc=com"


92ÁÙ

# rootpw                {crypt}ijFYNcSNctBYg

 

92ÁÙÀº slappasswd ¸í·ÉÀ¸·Î Æнº¿öµå¸¦ ¸¸µé¾î º¹»çÇؼ­ ³Ö¾îÁà¾ß ÇÕ´Ï´Ù.


/usr/sbin/slapadd

slappasswd


New password:

Re-enter new password:

{SSHA}Gjm1sMoyAjFbdcxg7tACzHZ9qCkZ5DfB


rootpw          {SSHA}Gjm1sMoyAjFbdcxg7tACzHZ9qCkZ5DfB


#µµ Á¦°Å¸¦ ÇØ¾ß ÇÕ´Ï´Ù.

 

/var/lib/ldap µð·ºÅ丮¸¦ »ç¿ëÀÚ : ldap, ±×·ì : ldap ÀÎÁö È®ÀÎÇÏ°í ´Ù¸¦ °æ¿ì¿¡¸¸ ¼öÁ¤ÇÕ´Ï´Ù.

chown ldap:ldap /var/lib/ldap

 

/etc/rc5.d/K73ldap ÆÄÀÏÀÇ À̸§À» ¹Ù²ãÁÝ´Ï´Ù(ÇÊ¿äÇÏ´Ù¸é /etc/rc3.d/K73ldap µµ ó¸®ÇÕ´Ï´Ù).

mv K73ldap S73ldap

 

xÀ©µµ¿ì·Î Á¢¼ÓÇÏ¿© "½Ã½ºÅÛ"-"°ü¸®"-"ÀÎÁõ"À» ½ÇÇàÇؼ­ ÀÎÁõÀ» ÇÕ´Ï´Ù.

[»ç¿ëÀÚ Á¤º¸] ÅÇ¿¡¼­ LDAP Áö¿ø È°¼ºÈ­ üũ, [ÀÎÁõ] ÅÇ¿¡¼­ LDAP Áö¿ø È°¼ºÈ­ üũ


* ³»ºÎ ÀÎÆ®¶ó³Ý¿¡¼­ µµ¸ÞÀÎÀ» »ç¿ëÇÒ ¿©°ÇÀÌ µÇÁö ¾Ê¾Æ¼­ ¸®´ª½º ¼­¹ö¿¡ ¾Ë¸®¾Æ½º·Î mytempsite.com À̶ó°í ¸¸µé°í Á¢¼ÓÇÏ´Â À©µµ¿ì ÄÄÇ»ÅÍ¿¡¼­µµ ¾Ë¸®¾Æ½º·Î c:\windows\system32\drivers\etc\hosts ÆÄÀÏ¿¡ ±âÀçÇß½À´Ï´Ù.

 

127.0.0.1       localhost

192.168.1.210   mytempsite.com  


LDAP µ¥¸óÀ» ½ÇÇàÇÕ´Ï´Ù.

service ldap start


¼­¹ö ±¸µ¿½Ã ´ÙÀ½°ú ºñ½ÁÇÑ ¿À·ù°¡ ¹ß»ýÇÑ´Ù¸é,

bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/openldap-data: (2) Expect poor performance for suffix

 

cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

chown ldap:ldap /var/lib/ldap/DB_CONFIG

service ldap restart

 

 

¿©±â±îÁöÀÔ´Ï´Ù.


¾Æ·¡¿¡¼­´Â ·Î±×¿¡¼­ ¿À·ù°¡ ¹ß»ýÇÑ ºÎºÐÀ» ã¾Æ ¼öÁ¤ÇÑ(¸®´ª½º°¡ ¼³Ä¡µÈ ÄÄÇ»ÅÍ°¡ ±¸Çü±âÁ¾À̾) ºÎºÐÀÔ´Ï´Ù.

vi /var/log/messages

 

nss_ldap: failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server


ºÎÆýà MySQL ¿À·ù°¡ »ý°Ü¼­ /var/log/mysqld.log ÆÄÀÏÀ» È®ÀÎÇß½À´Ï´Ù.


100909 17:00:43  mysqld started

100909 17:00:43 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295

100909 17:00:43 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295

100909 17:01:44  InnoDB: Started; log sequence number 0 43655

100909 17:01:44 [Note] /usr/libexec/mysqld: ready for connections.

Version: '5.0.77-log'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  Source distribution

100909 17:06:49 [Note] /usr/libexec/mysqld: Normal shutdown


Çؼ­ /etc/my.cnf ÆÄÀÏÀ» ¼öÁ¤ÇØÁÖ¾ú½À´Ï´Ù.


# Uncomment the following if you are using BDB tables

bdb_cache_size = 64M

bdb_max_lock = 100000


bdb °ü·Ã ¿É¼ÇÀ¸·Î º¸À̴µ¥ ÀÏ´Ü ÀÌ°É Ç®¾îÁÖ°í ½ÇÇàÇÏ¸é ¹®Á¦°¡ ¾ø¾îº¸ÀÔ´Ï´Ù.


 


À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

miwit.com sir.co.kr DNS Powered by DNSEver.com DNS Powered by DNSEver.com