70 lines
1.6 KiB
Markdown
70 lines
1.6 KiB
Markdown
Pre
|
|
===
|
|
|
|
Install slapd and ldap-utils:
|
|
|
|
sudo aptitude install slapd ldap-utils
|
|
|
|
It will ask for eg. domain, password.
|
|
If your domain is `example.net`, your basedn will be `dc=example,dc=net`.
|
|
If you want to use an other basedn, for example `o=example,c=de`,
|
|
debian/ubuntu will not provide any way to do that.
|
|
|
|
Thats because while these steps your database will be lost and you can choose your basedn.
|
|
|
|
Add your basedn to file `basedn`:
|
|
|
|
echo dc=example,dc=net > basedn
|
|
|
|
Init
|
|
====
|
|
|
|
Usefull defaults for security (better Passwordhashes):
|
|
|
|
ldapmodify -H ldapi:// -Y EXTERNAL -f 10.acls.ldif
|
|
ldapmodify -H ldapi:// -Y EXTERNAL -f 20.passwordhash.ldif
|
|
|
|
BaseDN
|
|
======
|
|
|
|
These steps will erase your database.
|
|
If you do not want to change your BaseDN, skip this step.
|
|
|
|
The next step will print your new password on STDERR, so note it.
|
|
You can change it any time.
|
|
|
|
./00.suffix.ldif.sh | sudo ldapmodify -H ldapi:// -Y external
|
|
./30.root.ldif.sh | sudo -u openldap -i slapadd -vb `cat basedn`
|
|
|
|
Clientconfig
|
|
============
|
|
|
|
Add these lines to `/etc/ldap/ldap.conf`:
|
|
|
|
cat >> /etc/ldap/ldap.conf <<EOF
|
|
BASE `cat basedn`
|
|
URI ldapi://
|
|
EOF
|
|
|
|
Add an user
|
|
===========
|
|
|
|
For adding an user run:
|
|
|
|
./90.user.ldif.sh "$username" "$givenname" "$surname" "$emailaddr" | ldapadd -H ldapi:// -Y EXTERNAL
|
|
|
|
It will print the password on STDERR.
|
|
|
|
The DN will be uid=$username,$basedn
|
|
|
|
Changing Passwords
|
|
==================
|
|
|
|
For changing password use:
|
|
|
|
ldappasswd -xASD $yourdn
|
|
|
|
If you forgot your password, the administator can change the password via:
|
|
|
|
./99.passwordrecovery.ldif.sh $yourdn| sudo ldapmodify -H ldapi:// -Y external
|