docs:tips_n_tricks:ldap.html
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
docs:tips_n_tricks:ldap.html [10.07.2018 17:47 CEST] – peter | docs:tips_n_tricks:ldap.html [27.02.2024 23:32 CET] (current) – [Write olcAccess.ldif in "human readable" format from actual config] peter | ||
---|---|---|---|
Line 11: | Line 11: | ||
--- //Courtesy of Oliver D. 2010/05/04 15:04// | --- //Courtesy of Oliver D. 2010/05/04 15:04// | ||
+ | ===== Read cn=config ===== | ||
+ | |||
+ | ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config -o ldif-wrap=no ' | ||
+ | | sed -e '/ | ||
+ | | less -S | ||
+ | |||
+ | ===== Get DIT ===== | ||
+ | |||
+ | ldapsearch -Y EXTERNAL -H ldapi:/// (objectclass=*) dn \ | ||
+ | | sed -ne ' | ||
+ | | sort -u | ||
===== Use OpenLDAP and phpldapadmin on Ubuntu 14.04 ===== | ===== Use OpenLDAP and phpldapadmin on Ubuntu 14.04 ===== | ||
==== Server ==== | ==== Server ==== | ||
Line 133: | Line 144: | ||
</ | </ | ||
- | :!: I assume this depends on where your LDAP tree data is stored - this example assumes it to be in //lcDatabase={1}hdb, | + | :!: I assume this depends on where your LDAP tree data is stored - this example assumes it to be in //olcDatabase={1}hdb, |
- | ldapsearch -Y EXTERNAL -H ldapi:/// -b " | + | ldapsearch -Y EXTERNAL -H ldapi:/// -b " |
as //root//. | as //root//. | ||
Line 142: | Line 153: | ||
* https:// | * https:// | ||
+ | === Write olcAccess.ldif in "human readable" | ||
+ | |||
+ | ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config -o ldif-wrap=no -L ' | ||
+ | | sed -e '/^dn: / | ||
+ | |||
+ | or | ||
+ | |||
+ | ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config -o ldif-wrap=no -L ' | ||
+ | |||
+ | <file sed olcAccess.sed> | ||
+ | #!/bin/sed -f | ||
+ | /^dn: /{ | ||
+ | s/ | ||
+ | h | ||
+ | d | ||
+ | } | ||
+ | / | ||
+ | s/ by /\n by /gi | ||
+ | H | ||
+ | s/^.*$// | ||
+ | x | ||
+ | s/ | ||
+ | p | ||
+ | d | ||
+ | } | ||
+ | d | ||
+ | </ | ||
+ | |||
+ | [[docs: | ||
==== Client ==== | ==== Client ==== | ||
=== Configure nsswitch === | === Configure nsswitch === | ||
Line 170: | Line 210: | ||
(Found [[http:// | (Found [[http:// | ||
- | ===== Password Self Service on Ubuntu 14.10 ===== | + | |
===== Self Service Password on Ubuntu 14.10 ===== | ===== Self Service Password on Ubuntu 14.10 ===== | ||
Line 219: | Line 259: | ||
</ | </ | ||
+ | |||
+ | ===== Adding indexes ===== | ||
+ | |||
+ | Find out what is the right suffix for your tree by either of the following lines((The first one works only by the local root account, the second one will require a password)): | ||
+ | |||
+ | ldapsearch -Y EXTERNAL -H ldapi:/// -b " | ||
+ | |||
+ | ldapsearch -D cn=config -W -b " | ||
+ | |||
+ | This will also show you the indices already existing. Now create a file in //LDIF// format, using the database found out in the previous step for the dn: | ||
+ | |||
+ | <code ldif add_indices.ldif> | ||
+ | dn: olcDatabase={1}hdb, | ||
+ | changetype: modify | ||
+ | add: olcDbIndex | ||
+ | olcDbIndex: uid eq | ||
+ | - | ||
+ | add: olcDbIndex | ||
+ | olcDbIndex: cn eq | ||
+ | </ | ||
+ | |||
+ | Apply it with either of the following commands((The first one works only by the local root account, the second one will require a password)): | ||
+ | |||
+ | ldapmodify -Y EXTERNAL -H ldapi:/// -f add_indices.ldif | ||
+ | |||
+ | ldapmodify -D cn=config -W -f add_indices.ldif | ||
===== References & Credits ===== | ===== References & Credits ===== |
docs/tips_n_tricks/ldap.html.txt · Last modified: 27.02.2024 23:32 CET by peter