RHEL5.4下配置openldap

RHEL5.4系统中要实现openLDAP的功能必须要安装openldap,openldap-servers,openldap-cLients三个软件包。

其中openldap已经默认安装,用来提供LDAP服务的基本文件目录。Openldap-servers提供服务端功能,openldap-clients提供客户端的搜索工具,这两个包必须手动安装。

一服务器端配置:

#rpm –ivh openldap-servers-2.3.27-8.e15-1.3.i386.rpm

或者

#yum install  openldap* -y

[root@station3 Server]# rpm -vih openldap-servers-2.3.43-3.el5.i386.rpm
Preparing...                ########################################### [100%]
   1:openldap-servers       ########################################### [100%]
[root@station3 Server]# rpm -vih openldap-servers-overlays-2.3.43-3.el5.i386.rpm
Preparing...                ########################################### [100%]
   1:openldap-servers-overla########################################### [100%]
[root@station3 Server]# rpm -vih openldap-servers-sql-2.3.43-3.el5.i386.rpm
Preparing...                ########################################### [100%]
   1:openldap-servers-sql   ########################################### [100%]
[root@station3 Server]# cd /var/lib/ldap/    (现在安装完成-目录只有一个文件)
openldap-severs-update.log

下面的这一步非常重要 ( 必须要第一步就执行这个 slapd 命令)
[root@station3 ldap]# slapd        (会生成一些库文件)
[root@station3 ldap]# ls
alock     __db.003  __db.006      log.0000000001
__db.001  __db.004  dn2id.bdb     openldap-severs-update.log
__db.002  __db.005  id2entry.bdb

查看服务器进程:

#ps aux | grep ldap

查看端口:

[root@station3 ldap]# netstat -ntlp | grep 389
tcp        0      0 0.0.0.0:389                 0.0.0.0:*                   LISTEN      3782/slapd          
tcp        0      0 :::389                      :::*                        LISTEN      3782/slapd   


问题一:

[root@station3 ldap]# service ldap restart
停止 slapd:                                               [确定]
/var/lib/ldap/id2entry.bdb is not owned by "ldap"          [警告]
/var/lib/ldap/__db.002 is not owned by "ldap"              [警告]
/var/lib/ldap/__db.001 is not owned by "ldap"              [警告]
/var/lib/ldap/dn2id.bdb is not owned by "ldap"             [警告]
/var/lib/ldap/__db.005 is not owned by "ldap"              [警告]
/var/lib/ldap/__db.006 is not owned by "ldap"              [警告]
/var/lib/ldap/__db.003 is not owned by "ldap"              [警告]
/var/lib/ldap/__db.004 is not owned by "ldap"              [警告]
正在检查 slapd 的配置文件: bdb_db_open: alock package is unstable
backend_startup_one: bi_db_open failed! (-1)
slap_startup failed (test would succeed using the -u switch)
                                                           [失败]
/var/lib/ldap 中可能存在无效的锁文件                       [警告]
[root@station3 ldap]# service ldap status
slapd 已停
解决方法:
[root@station3 ldap]# pwd
/var/lib/ldap
[root@station3 ldap]# chown ldap:ldap *
[root@station3 ldap]# service ldap restart
停止 slapd:                                               [失败]
正在检查 slapd 的配置文件: bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2)
Expect poor performance for suffix dc=my-domain,dc=com.
config file testing succeeded
                                                                    [确定]
启动 slapd:                                                [确定]

bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2)   也是一个问题
解决方法:
[root@station3 ldap]# cp /etc/openldap/DB_CONFIG.example   /var/lib/ldap/DB_CONFIG
[root@station3 ldap]# ll
总计 756
-rw-r--r-- 1 ldap ldap     2048 04-23 15:32 alock
-rw------- 1 ldap ldap    24576 04-23 15:23 __db.001
-rw------- 1 ldap ldap   278528 04-23 15:23 __db.002
-rw------- 1 ldap ldap   270336 04-23 15:23 __db.003
-rw------- 1 ldap ldap    98304 04-23 15:23 __db.004
-rw------- 1 ldap ldap   352256 04-23 15:23 __db.005
-rw------- 1 ldap ldap    24576 04-23 15:23 __db.006
-rw-r----- 1 root root      921 04-23 15:35 DB_CONFIG
-rw------- 1 ldap ldap     8192 04-23 15:23 dn2id.bdb
-rw------- 1 ldap ldap    32768 04-23 15:23 id2entry.bdb
-rw------- 1 ldap ldap 10485760 04-23 15:29 log.0000000001
-rw-r--r-- 1 ldap ldap       37 04-23 15:19 openldap-severs-update.log
[root@station3 ldap]# chown ldap:ldap *
[root@station3 ldap]# service ldap restart
停止 slapd:                                               [确定]
正在检查 slapd 的配置文件: bdb_db_open: DB_CONFIG for suffix dc=my-domain,dc=com has changed. Performing database recovery to activate new settings. bdb_db_open: Recovery skipped in read-only mode. Run manual recovery if errors are encountered.
config file testing succeeded
                                                                  [确定]
启动 slapd:                                               [确定]
[root@station3 ldap]# chmod 600 *
[root@station3 ldap]# service ldap restart
停止 slapd:                                                                          [确定]
正在检查 slapd 的配置文件: config file testing succeeded  [确定]
启动 slapd:                                                                          [确定]
OK!

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/25335.html