Usefull defaults for LDAP provided by ldifs.
Find a file
2018-03-29 23:59:59 +02:00
.gitignore init 2018-03-29 21:44:11 +02:00
00.root.ldif.sh base64 oneline 2018-03-29 23:59:59 +02:00
10.acls.ldif init 2018-03-29 21:44:11 +02:00
20.passwordhash.ldif init 2018-03-29 21:44:11 +02:00
90.user.ldif.sh base64 oneline 2018-03-29 23:59:59 +02:00
README.md extend ldap.conf instead overwrite 2018-03-29 23:54:42 +02:00

Add your basedn to basedn (eg: echo o=denkn,c=at > basedn).

For initialization, first shutdown slapd and delete the content of /var/lib/ldap/ (you will loose all of your data!), then use:

./00.root.ldif.sh | slapadd -b `cat basedn` -v
chown -R openldap:openldap /var/lib/ldap/

Now you can start slapd with your fresh config.

Add these lines to /etc/ldap/ldap.conf:

cat >> /etc/ldap/ldap.conf <<EOF
BASE    `cat basedn`
URI     ldapi://
EOF

Via ldapadd -Y EXTERNAL you can add any other ldif.

For adding 10 and 20 use: [BROKEN, do it manually in /etc/...]

ldapmodify -Y EXTERNAL -f 10.acls.ldif
ldapmodify -Y EXTERNAL -f 20.passwordhash.ldif

For adding an user run:

./90.user.ldif.sh username givenname surname emailaddr | ldapadd -Y EXTERNAL

It will print the password on STDERR.

For changing password use:

ldappasswd -xASD YOURDN