2.3. Setup LDAP
[TOP]
2.3.1. Multiple LDAP repositories
By default this test suite provides three LDAP repositories using
OpenLDAP and
virtual host function.
2.3.2. Installed Files and Directories
/etc/init.d/cpkildap
/usr/local/etc/openldap/cpki_slapd1.conf
/usr/local/etc/openldap/cpki_slapd2.conf
/usr/local/etc/openldap/cpki_slapd3.conf
/var/lib/ldap1
/var/lib/ldap2
/var/lib/ldap3
2.3.3. When the LDAP server is already running
You must stop existing ldap service.
If the LDAP service automatically runs while boot,
you may change the settings with 'chkconfig' command.
% /etc/init.d/ldap stop
% /sbin/chkconfig --list ldap
2.3.4. If you want to change the number of running LDAP repositories
Edit '/etc/init.d/cpkildap' then comment out the line begins with
'daemon ${sldapd}'.
2.3.5. Startup Multiple LDAP services
Type following as root.
% /etc/init.d/cpkildap start
2.3.6. Check Multiple LDAP services
Type following and confirm that you get 'Success'.
% ldapsearch -h ldap1
% ldapsearch -h ldap2
% ldapsearch -h ldap3
2.3.7. Stop Multiple LDAP services
Type following as root.
% /etc/init.d/cpkildap stop
2.3.8. Regist LDIF file
To regist LDIF file into LDAP repository use
the following command.
% cpki_ldapadd -h LDAP_HOST -f LDAP_LDIF
2.3.9. Clean LDAP repository
Type following.
% cpki_ldapclean -h LDAP_HOST
2.3.10. List of Utility Commands
command | description |
cpki_ldapadd |
regist LDIF file to the LDAP repository. |
cpki_ldapclean |
delete all nodes of the LDAP repository. |
The 'rootdn' and 'passwd' value will be refered from
'/usr/local/cpki/bin/cpki_ldapconf.pl' to access LDAP repository.
2.3.11. Administrator's Password and RootDN
This information can be found in the following files.
/usr/local/etc/openldap/cpki_slapd*.conf
/usr/local/cpki/bin/cpki_ldapconf.pl
You should modify and set permission of above files
if you care about LDAP security.