User Tools

Site Tools

Trace:
openldap_centos7

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
openldap_centos7 [2015/06/24 12:02] herwarthopenldap_centos7 [2015/06/25 08:22] (current) – [Preparation] herwarth
Line 4: Line 4:
   * Install chronyd and configure timeserver   * Install chronyd and configure timeserver
   * Install initial firewall rules   * Install initial firewall rules
 +  * Download my superscript {{:ldap-el7.tar.gz|}} or when using EL6: {{:ldap-el6.tar.gz|}}
  
 =====Installation===== =====Installation=====
Line 11: Line 12:
 Install my created superscript, including LDIF files! Answer all the questions and you have an empty LDAP server. Install my created superscript, including LDIF files! Answer all the questions and you have an empty LDAP server.
   cd /root   cd /root
-  tar -xvzf ldap-latest.tar.gz+  tar -xvzf ldap-el7.tar.gz
   cd ldap   cd ldap
   ./generate_slapd.sh   ./generate_slapd.sh
Line 21: Line 22:
  
 ====phpldapadmin==== ====phpldapadmin====
-  yum install phpldapadmin+  yum install phpldapadmin mod_ssl
  
 =====Configuration===== =====Configuration=====
Line 38: Line 39:
  
   firewall-cmd --permanent --zone=management --add-service=http   firewall-cmd --permanent --zone=management --add-service=http
 +  firewall-cmd --permanent --zone=management --add-service=https
   firewall-cmd --permanent --zone=local --add-service=http   firewall-cmd --permanent --zone=local --add-service=http
 +  firewall-cmd --permanent --zone=local --add-service=https
 <code> <code>
 systemctl enable httpd systemctl enable httpd
Line 46: Line 49:
 firewall-cmd --reload firewall-cmd --reload
 </code> </code>
 +=====Apache configuration=====
 +<code - etc/httpd/conf.d/namevirtualhost>
 +NameVirtualHost 172.16.2.27:80
 +NameVirtualHost 172.16.2.27:443
 +NameVirtualHost [2a02:22a0:bbb7:402::27]:80
 +NameVirtualHost [2a02:22a0:bbb7:402::27]:443
 +</code>
 +<code - /etc/httpd/conf.d/ldap.mngt.bh.helux.nl.conf>
 +<VirtualHost ldap.mngt.bh.helux.nl:80>
 +    ServerAdmin webmaster@ldap.mngt.bh.helux.nl
 +    ServerName ldap.mngt.bh.helux.nl
 +
 +    RewriteEngine on
 +    RewriteRule ^/(.*)$ https://ldap.mngt.bh.helux.nl/$1 [R,L]
 +
 +    ErrorLog /var/log/httpd/ldap-error.log
 +    CustomLog /var/log/httpd/ldap-access.log common
 +</VirtualHost>
 +
 +<VirtualHost ldap.mngt.bh.helux.nl:443>
 +    ServerAdmin webmaster@ldap.mngt.bh.helux.nl
 +    ServerName ldap.mngt.bh.helux.nl
 +
 +    DocumentRoot /usr/share/phpldapadmin/htdocs/
 +    <Directory /usr/share/phpldapadmin/htdocs>
 +      Require all granted
 +    </Directory>
 +
 +    SSLEngine On
 +    SSLCertificateFile    /etc/pki/tls/certs/localhost.crt
 +    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
 +
 +    ErrorLog /var/log/httpd/ldap-error.log
 +    CustomLog /var/log/httpd/ldap-access.log common
 +</VirtualHost>
 +</code>
 +=====Notes=====
 +  * Problem: When creating a Samba user with phpldapadmin, you will get a user must change password on the first login.
 +  * Solution: add attribute "sambaPwdLastSet" and set the value to 1.
 +
 {{tag>centos}} {{tag>centos}}
openldap_centos7.1435147375.txt.gz · Last modified: by herwarth

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki