Ceci est une ancienne révision du document !
Ce tutorial se base sur celui ci, mais précise les spécificités pour Gentoo.
emerge openldap
allow bind_v2 # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args ####################################################################### # BDB database definitions ####################################################################### database hdb suffix "dc=ceric35,dc=homelinux,dc=org" # <kbyte> <min> checkpoint 32 30 rootdn "cn=admin,dc=ceric35,dc=homelinux,dc=org" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw azertyuiop # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/openldap-data # Indices to maintain index objectClass eq
Le fichier d'import est diffèrent ici et contient la définition de l'organisation en plus :
dn: dc=ceric35,dc=homelinux,dc=org objectclass: dcObject objectclass: organization o: ceric35 dc: ceric35 dn: uid=ceric35,dc=ceric35,dc=homelinux,dc=org uid: ceric35 cn: Administrateur Ceric35 sn: Ceric35 mail: ceric35@ceric35.homelinux.org userPassword: motdepassedeceric35 objectClass: inetOrgPerson dn: uid=eric,dc=ceric35,dc=homelinux,dc=org uid: eric cn: Utilsateur eric sn: Ceric35 mail: eric@ceric35.homelinux.org userPassword: motdepassedeeric objectClass: inetOrgPerson
BASE dc=ceric35,dc=homelinux,dc=org #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 URI ldap://localhost
dev-libs/cyrus-sasl ldap
emerge cyrus-sasl cyrus-imapd cyrus-imap-admin
# SERVEUR LDAP LDAP_SERVERS: ldap://localhost # DOMAINE LDAP_DEFAULT_DOMAIN: ceric35.homelinux.org LDAP_TIMEOUT: 10 LDAP_TIME_LIMIT: 10 LDAP_CACHE_TTL: 30 LDAP_CACHE_MEM: 32768 # VERSION LDAP LDAP_VERSION: 3 # SASL Pour l'accès au serveur LDAP_USE_SASL: no # Méthode d'authentification (bind / custom / fastbind) LDAP_AUTH_METHOD: bind # Utilisateur utilisé pour la connexion - Si vide = Anonyme LDAP_BIND_DN: cn=admin,dc=ceric35,dc=homelinux,dc=org # Et le mot de passe LDAP_BIND_PW: azertyuiop # Base de départ de la recherche LDAP_SEARCH_BASE: dc=ceric35,dc=homelinux,dc=org # Et profondeur (sub / one / base ) LDAP_SCOPE: sub # Filtre de recherche : uid dans notre cas LDAP_FILTER: uid=%u # Et nom du champ contenant le mot de passe LDAP_PASSWORD_ATTR: userPassword
# Initial (empty) options. SASLAUTHD_OPTS="" # Use /etc/saslauthd.conf parameter file SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O /etc/saslauthd.conf" # Use ldap authentications mechanism SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a ldap"
emerge postgrey