Shigar OpenLDAP Server da Gudanarwa tare da phpLDAPadmin a cikin Debian/Ubuntu
LDAP tana tsaye ne don Ƙa'idar Samun Hannun Hankali mai sauƙi wanda za a iya amfani da shi ta hanyoyi da yawa kamar don tantancewa, kundin adireshi (na abokan ciniki), littafin adireshi, da sauransu. Ana iya amfani da ka'idar LDAP don kafawa da adana kowane irin bayanai. Sabar OpenLDAP tana ba ku damar samun damar bayanan da aka adana a tsarin bishiya.
A cikin wannan labarin za mu nuna muku yadda ake shigarwa da daidaita sabar OpenLDAP da yadda ake gudanar da shi tare da phpLDAPadmin akan tsarin Debian, Ubuntu da Linux Mint.
Shigar da Sabar OpenLDAP A cikin Linux
Ta hanyar tsoho uwar garken OpenLDAP tana cikin ma'ajiyar ajiya a ƙarƙashin kunshin slapd. Kuna iya shigar dashi cikin sauƙi tare da taimakon kayan aikin sarrafa fakiti da ake kira apt-get. Amma kafin shigar da uwar garken OpenLDAP, tabbatar cewa tsarin ku na zamani ne.
Yayin shigarwa, zai tambaye ku shigar da kalmar sirri don shigarwar mai gudanarwa a cikin kundin adireshin ku na LDAP. Shigar da kalmar sirri mai ƙarfi kuma tabbatar da shi ta zaɓi Ok.
$ sudo apt-get update $ sudo apt-get install slapd ldap-utils
Sanya OpenLDAP Server
Domin saita uwar garken OpenLDAP kuna buƙatar gyara fayil ɗin ldap.conf, wanda aka adana a ƙarƙashin directory/sauransu. Don shirya fayil ɗin ldap.conf kuna buƙatar editan rubutu kamar vim, nano da sauransu. Gudanar da umarni mai zuwa don buɗe fayil ɗin daidaitawar ldap don gyarawa.
$ sudo nano /etc/ldap/ldap.conf
Ana nuna fitar da umarnin da ke sama a sashin da ke ƙasa.
# # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example,dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never # TLS certificates (needed for GnuTLS) TLS_CACERT /etc/ssl/certs/ca-certificates.crt
Rarraba layin BASE da URI, don haka zaku iya gyara su da sunan yankin ku da adireshin IP. Tun da wannan shigarwar gwaji ne da daidaitawa zan yi amfani da tecmint123.com azaman sunan yanki na.
# # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. BASE dc=tecmint123,dc=com URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never # TLS certificates (needed for GnuTLS) TLS_CACERT /etc/ssl/certs/ca-certificates.crt
Ajiye fayil ɗin kuma gudanar da umarni mai zuwa don sake saita fakitin LDAP.
$ sudo dpkg-reconfigure slapd
Don gina tushen DN na LDAP directory kuna buƙatar sunan yankin DNS.
Shigar da sunan yankin ku na DNS kuma danna Shigar don tabbatar da shi. Sannan ldap zai nemi shigar da sunan ƙungiyar don amfani da shi a cikin tushen DN na kundin adireshin ku na LDAP. Shigar da sunan kamfani ko ƙungiyar ku kuma sake buga Shigar.
Bayan an ƙara ƙungiyar ko sunan kamfani, tsarin kunshin zai nemi shigar da kalmar sirri don shigarwar mai gudanarwa a cikin LDAP ɗin ku
directory. Kuna buƙatar shigar da kalmar sirri don admin wanda kuka ƙirƙira a cikin matakan da suka gabata.
Bayan kun tabbatar da kalmar sirrin mai gudanarwa, dole ne ku zaɓi bayanan. Akwai bayanai guda biyu da za a zaɓa daga, BDB da HDB database. Dukansu suna goyan bayan zaɓuɓɓukan sanyi iri ɗaya, suna amfani da tsarin ajiya iri ɗaya, amma tunda bayanan HDB yana ƙara goyan bayan sake sunaye na bishiya shine shawarar da aka ba da shawarar.
Kuna iya zaɓar bayanan da kuke tunanin zai yi muku aiki mafi kyau. Bayan kun yanke shawarar wanne bayanan za ku yi amfani da shi, danna Shigar don tabbatar da zaɓin. Sa'an nan kuma za a tambaye ku da wata tambaya. Zaɓi Ee don cire bayanan bayanai lokacin da aka goge mari.
Zaɓi Ee kuma danna Shigar.
Zaɓi A'a kuma uwar garken LDAP zata fara aiki.
[sudo] password for ravisaive: * Stopping OpenLDAP slapd [ OK ] Moving old database directory to /var/backups: - directory unknown... done. Creating initial configuration... done. Creating LDAP directory... done. * Starting OpenLDAP slapd [ OK ] Processing triggers for libc-bin ...
Don gwada uwar garken LDAP, ana amfani da umarnin ldapsearch -x.
ldapsearch -x
Yana samar da fitarwa mai zuwa.
# extended LDIF # # LDAPv3 # base <dc=tecmint123,dc=com> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL # # tecmint123.com dn: dc=tecmint123,dc=com objectClass: top objectClass: dcObject objectClass: organization o: tecmint dc: tecmint123 # admin, tecmint123.com dn: cn=admin,dc=tecmint123,dc=com objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator # search result search: 2 result: 0 Success # numResponses: 3 # numEntries: 2
Gudanar da LDAP tare da phpLDAPadmin
phpLDAPadmin kayan aikin gudanarwa ne na GUI don gudanar da uwar garken LDAP. Wannan kayan aikin GUI zai taimake mu mu yi hulɗa tare da uwar garken LDAP ta hanyar haɗin yanar gizo. Akwai shi a cikin tsoffin ma'ajiyar ajiya, ana iya shigar dashi tare da umarnin apt-samun.
Amma kafin shigar da phpLDAPadmin, dole ne ku sami sabar yanar gizon Apache da PHP da aka shigar da aiki. Idan ba haka ba, shigar da shi ta amfani da umarni mai zuwa.
$ sudo apt-get install apache2 php5 php5-mysql
Na gaba shigar da kunshin phpldapadmin kamar yadda aka nuna a kasa.
$ sudo apt-get install phpldapadmin
Kamar yadda muka tsara fayil ɗin ldap.conf, muna buƙatar saita fayilolin sanyi na phpldapadmin na yanar gizo kafin amfani da shi. Gudun umarni mai zuwa don buɗe fayil ɗin phpldapadmin config.php.
$ sudo nano /etc/phpldapadmin/config.php
Duk abin da kuke buƙatar yi shine maye gurbin sunayen yanki tare da ƙimar ku. Bangaren daidaitawa da ake buƙata don wannan harka yana ƙarƙashin sashin Ƙanata sabar LDAP ɗin ku.
$servers = new Datastore(); $servers->newServer('ldap_pla'); $servers->setValue('server','name','Tecmint LDAP Server'); $servers->setValue('server','host','127.0.0.1'); $servers->setValue('server','base',array('dc=tecmint123,dc=com')); $servers->setValue('login','bind_id','cn=admin,dc=tecmint123,dc=com');
Bayan kun gama gyara fayil ɗin sanyi na config.php, buɗe shafi a cikin burauzar gidan yanar gizon ku kuma danna URL http://ip_address_here/phpldapadmin. Shigar da bayanan shiga ldap ɗin ku kuma danna shiga.
Rubutun Magana
- Bude LDAP Shafin Farko
- phpLDAPadmin Shafin Gida