1. Dari console ketik
# apt-get install slapd ldap-utils
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
#ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
2. Buat file backend.ldif yang isinya atau download file .txt nya disini)
** asumsi domainnya:example.com dengan admin:admin, password admin:secret
---------------------------------------------------
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb.la
# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=example,dc=com
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=example,dc=com
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=example,dc=com" write by * read
------------------------------------------------------------
3. #ldapadd -Y EXTERNAL -H ldapi:/// -f backend.ldif
4. Buat fiel frontend.ldif (atau download .txt disini)
----------------------------------------------------------
# Create top-level object in domain
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: Example Organization
#dc: Example
description: LDAP Example
# Admin user.
dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secret
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people
dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups
----------------------------------------------------------
4. #ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.ldif
Kalau ditanya password ketik secret (atau sesuai setingan anda di backend.ldif)
5. Beres...
Manajemen lewat browser bisa digunakan phpldapadmin
tetapi terlebih dahulu pastikan php support ldap
#apt-get install php5-ldap
6. Setelah download phpldapadmin, extract dan copy folder phpldapadmin ke /var/www
#tar xzvf phpldapadmin.xxx
#cp phpldapadmin.xxx /var/www
7. Ubah config.php.example ke config.php di folder config
#mv /var/www/phpldapadmin.xxx/config/config.php.example /var/www/phpldapadmin.xxx/config/config.php
8. Buka browser dan ketik address
http://serverweb/phpldapadmin.xxx
9. Login dengan
user : cn=admin,dc=example,dc=com
password: secret
Untuk konfigurasi lanjutan bisa dilihat disini
BACKUP DATABASE OPENLDAP
script sederhana:
buat file backup-ldap.sh yang isinya :
#!/bin/bash
DATADIR=/var/backup/ldap
DATE=$(date +%Y-%m-%d)
# Backup LDAP
echo “Backup LDAP”
slapcat -l $DATADIR/ldap-backup-$DATE.ldif
echo “Compress LDAP backup files”
gzip -9 $DATADIR/ldap-backup-$DATE.ldif
echo “Delete backup file older than 5 days”
# Delete old file
find $DATADIR/*.gz -mtime +5 -exec rm {} \;echo “Done!”
exit
buat executable dengan chmode +x backup-ldap.sh, terus jalankan :
sudo backup-ldap.sh
RESTORE DATABASE OPENLDP
Pertama-tama decompress file gzip :
#gunzip ldap-backup-2009-12-30.ldif.gz
Matikan slapd :
#/etc/init.d/slapd stop
setelah itu jalankan perintah:
#slapadd -v -c -l ldap-backup-2009-12-30.ldif -f /etc/ldap/slapd.conf
setelah itu restart slapd
#/etc/init.d/slapd restart
Selamat mencoba...
No comments:
Post a Comment