📄 1881.html
字号:
<br>
增加slapd.account.oc.conf:(账号信息配置文件)<br>
objectclass AccountPerson<br>
requires<br>
objectClass,<br>
card_id<br>
allows<br>
card_pass<br>
指定了卡号和卡密码<br>
<br>
重新启动LDAP SERVER:<br>
这里主LDAP服务器的启动脚本如下<br>
/etc/rc2.d/S94slapd<br>
#!/bin/sh<br>
#<br>
#ident LDAP Service<br>
case "$1" in<br>
'start')<br>
if [ -f /opt/openldap/etc/openldap/slapd.conf -a -f /opt/openldap/libexec/slapd ]; then<br>
echo "LDAP service starting."<br>
/opt/openldap/libexec/slapd -f /opt/openldap/etc/openldap/slapd.conf 1>/dev/console 2>&1 &<br>
fi<br>
if [ -f /opt/openldap/etc/openldap/slapd.conf -a -f /opt/openldap/libexec/slurpd ]; then<br>
echo "LDAP sync service starting."<br>
/opt/openldap/libexec/slurpd -f /opt/openldap/etc/openldap/slapd.conf -t /opt/openldap/log >/tmp/slurpd.log 2>&1 &<br>
fi<br>
<br>
;;<br>
'stop')<br>
[ ! -f /opt/openldap/var/slapd.pid ] && exit 0<br>
slappid=`cat /opt/openldap/var/slapd.pid`<br>
if [ "$slappid" -gt 0 ]; then<br>
echo "Stopping the LDAP service."<br>
kill -15 $slappid 2>&1 | /usr/bin/grep -v "no such process"<br>
fi<br>
slurpdpid=`/usr/bin/ps -e |grep slurpd | awk '{print $1}'`<br>
if [ "$slurpdpid" -gt 0 ]; then<br>
echo "Stopping the LDAP SYNC service."<br>
kill -15 $slurpdpid 2>&1 | /usr/bin/grep -v "no such process"<br>
fi<br>
<br>
;;<br>
*)<br>
echo "Usage: /etc/init.d/syslog { start | stop }"<br>
;;<br>
esac<br>
exit 0<br>
<br>
注意:主LDAP服务器比辅LDAP服务器多启动了一个slurpd的同步进程,而辅助服务器只需要启动一个slapd的LDAP进程就可以了。<br>
<br>
配置syslog:<br>
为了记录LDAP的日志,在slapd.conf中设置了loglevel的级别设置了8,所以可以配合操作系统的syslog做ldap的日志记录。/etc/syslog.conf文件增加:<br>
#log for slapd<br>
local4.emerg;local4.alert;local4.crit;local4.err;local4.warning;local4.notice;local4.info;local4.debug /opt/openldap/log/openldap.log<br>
注意用TAB键做分割,这样重新启动syslog进程就可以了,LDAP的日志文件在/opt/opendlap.log/openldap.log<br>
4. 数据导入<br>
首先用LDIF文件建立一个层次数据库的框架:<br>
global.ldif文件:<br>
<br>
dn: dc=info, dc=net<br>
objectClass: top<br>
objectClass: organization<br>
o: info.net<br>
<br>
dn: ou=People, dc=info, dc=net<br>
objectClass: top<br>
objectClass: organizationalUnit<br>
ou: People<br>
description: User Info<br>
<br>
dn: cn=Admin, dc=info, dc=net<br>
objectClass: top<br>
objectClass: person<br>
objectClass: organizationalPerson<br>
cn: Admin<br>
sn: Admin<br>
userPassword: Admin<br>
description: Administrator for info.net<br>
<br>
dn: ou=Account, dc=info, dc=net<br>
objectClass: top<br>
objectClass: organizationalUnit<br>
ou: Account<br>
description: Card Account<br>
<br>
用在线命令(即LDAP服务开启的状态下)<br>
/opt/openldap/bin/ldapadd -D "cn=root,dc=info,dc=net" -w root –f global.ldif<br>
可以建立该数据库的框架。<br>
接下来可以加入数据库的数据:<br>
data.ldif文件:<br>
<br>
dn: id=1, ou=people, dc=info, dc=net<br>
objectclass: top<br>
objectclass: InfoPerson<br>
id: 1<br>
username: 张三<br>
tel:021-63138990<br>
card_id:ABC001<br>
<br>
dn: card_id=ABC001, ou=Account, dc=info, dc=net<br>
objectclass: top<br>
objectclass: AccountPerson<br>
card_id: ABC001<br>
card_pass ABC123<br>
<br>
加入了用户id为1的用户和卡号为ABC001的会员卡,并且该用户和该卡通过卡号ABC001相关联<br>
<br>
如果导入的数据量大,并且要求实效性很强,用在线命令导入就会占用很长的时间,为了快速批量导入,可以在LDAP服务关闭的状态下使用非在线命令导入数据:<br>
cp global.ldif /tmp/info.ldif<br>
cat data.ldif >> /tmp/info.ldif //现在info.ldif为全部信息的LDIF文件<br>
/etc/rc2.d/S94slapd stop 应该在LDAP进程关闭的情况下导入:<br>
/opt/openldap/sbin/ldif2ldbm -i /tmp/info.ldif -f /opt/openldap/etc/openldap/slapd.conf //将文本LDIF文件转换成LDBM的二进制文件<br>
/etc/rc2.d/S94slapd start<br>
<br>
有时为了在原数据库的基础上继续追加数据,可以:<br>
1./opt/openldap/sbin/ldbmcat -n /opt/openldap/data/id2entry.dbb > n_id2entry(先将LDBM库导出无序号的LDIF文件,LDIF文件是一种有格式的文本文件)<br>
2.追加LDIF文件<br>
3//opt/openldap/sbin/ldif2ldbm -i n_id2entry -f /opt/openldap/etc/openldap/slapd.conf(在LDAP服务关闭的情况下批量导入)<br>
<br>
有时可能会发觉索引比较紊乱,以至于在LDAP下无法查询到相关FILTER的记录,为了重建索引,可以:<br>
1./opt/openldap/sbin/ldbmcat /opt/openldap/data/id2entry.dbb > id2entry (导出有序号的LDIF文件)<br>
2./opt/openldap/sbin/ldif2index -i id2entry -f /opt/openldap/etc/openldap/slapd.conf <索引关键字> (重建索引,索引关键字在slapd.conf文件中用index指定)<br>
具体这些二进制数据的存放都在openldap/data下<br>
5. 检查LDAP上的操作和主从同步是否正确:<br>
可用以下命令来测试数据库的增加、删除、修改和查询:<br>
1.查询命令<br>
/opt/openldap/bin/ldapsearch -D "cn=Admin,dc=info,dc=net" -w Admin id=”1”<br>
/opt/openldap/bin/ldapsearch -D "cn=Admin, dc=info, dc=net" -w Admin -b "ou= Account,dc=info,dc=net" "card_id=ABC001"<br>
<br>
2.增加命令<br>
/opt/openldap/bin/ldapadd -D "cn=root,dc=info,dc=net" -w root -f add.ldif<br>
<br>
3.删除命令<br>
/opt/openldap/bin/ldapdelete -D "cn=root,dc=info,dc=net" -w root "id=1,ou=People,dc=info,dc=net"<br>
<br>
4.修改命令<br>
/opt/openldap/bin/ldapmodify -D "cn=Admin,dc=info,dc=net" -w Admin -f modfile<br>
modfile的格式如下:<br>
dn: id=1, ou=People, dc=info, dc=net<br>
add: shenfenno<br>
shenfenno: 3101037108002<br>
<br>
dn: card_id=ABC001, ou=Account, dc=info, dc=net<br>
replace: card_pass<br>
card_pass: DEF001<br>
<br>
5.同步测试<br>
在主LDAP服务器上做了增加、删除或修改的操作,用查询命令查看主从LDAP服务器的信息是否一致(自动同步)<br>
同步日志在/opt/openldap/log/replica下,不同步的出错日志在/opt/openldap/log/replica下的以辅助IP 地址开头的.rej文件。而/opt/openldap/log/replica下的slurpd.status反应的是同步时间戳,如果你有多台辅助 LDAP服务器,通过查看该文件的时间戳是否一致也可以判断哪台服务器没有同步成功
</FONT><br>
</TD>
</TR>
<TR>
<TD colSpan=2><FONT
class=middlefont></FONT><BR>
<FONT
class=normalfont>全文结束</FONT> </TD>
</TR>
<TR>
<TD background="images/dot.gif" tppabs="http://www.linuxhero.com/docs/images/dot.gif" colSpan=2
height=10></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></DIV></TD>
<TD vAlign=top width="20%"
background="images/line.gif" tppabs="http://www.linuxhero.com/docs/images/line.gif" rowSpan=2>
<DIV align=center>
<table class=tableoutline cellspacing=1 cellpadding=4
width="100%" align=center border=0>
<tr class=firstalt>
<td noWrap background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif" colspan=2 height=21>
<font class=normalfont><b>所有分类</b></font></td>
</tr>
<tr class=secondalt> <td noWrap width=27%> <font class=normalfont>1:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type1.html" tppabs="http://www.linuxhero.com/docs/type1.html">非技术类</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>2:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type2.html" tppabs="http://www.linuxhero.com/docs/type2.html">基础知识</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>3:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type3.html" tppabs="http://www.linuxhero.com/docs/type3.html">指令大全</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>4:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type4.html" tppabs="http://www.linuxhero.com/docs/type4.html">shell</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>5:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type5.html" tppabs="http://www.linuxhero.com/docs/type5.html">安装启动</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>6:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type6.html" tppabs="http://www.linuxhero.com/docs/type6.html">xwindow</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>7:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type7.html" tppabs="http://www.linuxhero.com/docs/type7.html">kde</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>8:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type8.html" tppabs="http://www.linuxhero.com/docs/type8.html">gnome</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>9:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type9.html" tppabs="http://www.linuxhero.com/docs/type9.html">输入法类</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>10:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type10.html" tppabs="http://www.linuxhero.com/docs/type10.html">美化汉化</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>11:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type11.html" tppabs="http://www.linuxhero.com/docs/type11.html">网络配置</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>12:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type12.html" tppabs="http://www.linuxhero.com/docs/type12.html">存储备份</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>13:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type13.html" tppabs="http://www.linuxhero.com/docs/type13.html">杂项工具</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>14:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type14.html" tppabs="http://www.linuxhero.com/docs/type14.html">编程技术</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>15:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type15.html" tppabs="http://www.linuxhero.com/docs/type15.html">网络安全</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>16:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type16.html" tppabs="http://www.linuxhero.com/docs/type16.html">内核技术</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>17:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type17.html" tppabs="http://www.linuxhero.com/docs/type17.html">速度优化</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>18:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type18.html" tppabs="http://www.linuxhero.com/docs/type18.html">apache</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>19:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type19.html" tppabs="http://www.linuxhero.com/docs/type19.html">email</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>20:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type20.html" tppabs="http://www.linuxhero.com/docs/type20.html">ftp服务</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>21:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type21.html" tppabs="http://www.linuxhero.com/docs/type21.html">cvs服务</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>22:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type22.html" tppabs="http://www.linuxhero.com/docs/type22.html">代理服务</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>23:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type23.html" tppabs="http://www.linuxhero.com/docs/type23.html">samba</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>24:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type24.html" tppabs="http://www.linuxhero.com/docs/type24.html">域名服务</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>25:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type25.html" tppabs="http://www.linuxhero.com/docs/type25.html">网络过滤</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>26:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type26.html" tppabs="http://www.linuxhero.com/docs/type26.html">其他服务</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>27:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type27.html" tppabs="http://www.linuxhero.com/docs/type27.html">nfs</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>28:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type28.html" tppabs="http://www.linuxhero.com/docs/type28.html">oracle</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>29:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type29.html" tppabs="http://www.linuxhero.com/docs/type29.html">dhcp</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>30:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type30.html" tppabs="http://www.linuxhero.com/docs/type30.html">mysql</a></font></td> </tr> </table></td></tr><tr class=secondalt> <td noWrap width=27%> <font class=normalfont>31:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type31.html" tppabs="http://www.linuxhero.com/docs/type31.html">php</a></font></td> </tr> </table></td></tr><tr class=firstalt> <td noWrap width=27%> <font class=normalfont>32:</font> </td><td noWrap width=73%> <table width=100% border=0> <tr> <td><font class=normalfont><a href="type32.html" tppabs="http://www.linuxhero.com/docs/type32.html">ldap</a></font></td> </tr> </table></td></tr> </table>
</DIV></TD></TR>
<TR vAlign=top>
<TD width="80%">
<DIV align=center><BR>
</DIV>
</TD></TR></TBODY></TABLE></TD></TR>
</TABLE></TD></TR>
</TABLE>
<TABLE cellSpacing=0 cellPadding=4 width="100%" bgColor=#eeeeee
border=0><TBODY>
<TR>
<TD width="50%">
<P><FONT class=middlefont>版权所有 © 2004 <A
href="mailto:bjchenxu@sina.com">linux知识宝库</A><BR>
违者必究. </FONT></P>
</TD>
<TD width="50%">
<DIV align=right><FONT class=middlefont>Powered by: <A
href="mailto:bjchenxu@sina.com">Linux知识宝库</A> Version 0.9.0 </FONT></DIV>
</TD></TR></TBODY></TABLE>
<CENTER></CENTER></TD></TR>
</TABLE></CENTER></BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -