setup ldap server

Just followed.

http://linuxrackers.com/doku.php?id=389_directory_server_setup_using_centos6_rhel6

Install ldap server.

yum' -y install openldap openldap-clients openldap-devel openldap-servers

Configure ldap.

/etc/openldap/ldap.conf

URI ldap://ldap.halfface.se/
BASE dc=halfface,dc=se

Configure ldap.

/etc/openldap/slapd.conf

include         /etc/openldap/schema/redhat/autofs.schema
database bdb
suffix "dc=halfface,dc=se"
rootdn "uid=root,dc=halfface,dc=se"
rootpw secret

Change rootpw to output from the following command.

slappasswd

rootpw {SSHA}0BO9AGrX8

Copy database defaults.

 cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

To generate ldif to feed your ldap database.

Change varables to suite your domain.

/usr/share/openldap/migration/migrate_common.ph

Convert local users to ldap users.

/usr/share/openldap/migration/migrate_passwd.pl /temp/user /temp/user.ldif

Import users.

ldapadd -x -D "cn=Manager,dc=halfface,dc=se" -w secret -f /temp/user.ldif -c

Example ldif to add user.

dn: uid=bjorklun,ou=people,dc=halfface,dc=se
uid: bjorklun
cn: Andreas Bjorklund
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}$1$encryptedpasswordheretowork
shadowLastChange: 13080
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 501
gidNumber: 501
homeDirectory: /home/bjorklun
gecos: Andreas Bjorklund

Adding local groups.

cat /etc/group | sort -k3 -t : -n | tail -22 | head -20 > /temp/group
/usr/share/openldap/migration/migrate_group.pl /temp/group /temp/group.ldif
ldapadd -x -D "uid=root,dc=halfface,dc=se" -w ned71na -f /temp/group.ldif -v

Adding passwd and group.

dn: ou=people,dc=halfface,dc=se
objectclass: organizationalUnit
ou: people

dn: ou=group,dc=halfface,dc=se
objectclass: organizationalUnit
ou: group

Organization Units.

dn: ou=Friends,dc=halfface,dc=se
ou: Friends
objectClass: top
objectClass: organizationalUnit
description: Members of Friends

dn: ou=Work,dc=halfface,dc=se
ou: Work
objectClass: top
objectClass: organizationalUnit
description: Members of Work

ldap attribute.

dn: dc=halfface,dc=se
dc: halfface
description: Root LDAP entry for halfface.se
objectClass: dcObject
objectClass: organizationalUnit
ou: rootobject

dn: ou=People, dc=halfface,dc=se
ou: People
description: All people in organisation
objectClass: organizationalUnit

dn: dc=halfface,dc=se
objectclass: dcObject
objectclass: organization
o: halfface
dc: halfface

dn: cn=Manager,dc=halfface,dc=se
objectclass: organizationalRole
cn: Manager

ldapadd -x -D "cn=Manager,dc=halfface,dc=se" -w secret -f /tmp/newentry -v

ldapsearch -x -b 'dc=halfface,dc=se' '(objectclass=*)'

Configure client.

authconfig --enableshadow --enablemd5 --enableldap --enableldapauth --ldapserver=ldap.halfface.se --ldapbasedn=dc=halfface,dc=se --disableldaptls --disablekrb5 --disablesmbauth --disablehesiod --update

Configure client. /etc/sysconfig/autofs

# Other common LDAP nameing
#
DEFAULT_MAP_OBJECT_CLASS="automountMap"
DEFAULT_ENTRY_OBJECT_CLASS="automount"
DEFAULT_MAP_ATTRIBUTE="ou"
DEFAULT_ENTRY_ATTRIBUTE="cn"
DEFAULT_VALUE_ATTRIBUTE="automountInformation"
#

ldapsearch examples.

Search for user bjorklun.

ldapsearch -x uid=bjorklun

Search for specified field.

ldapsearch -x -b ou=People,ou=Nordic,ou=eng,dc=infineon,dc=com ifxGlobalUniqueId

Look for the auto.master structure.

ldapsearch -x -s subtree -b 'ou=auto.master,dc=halfface,dc=se' 'objectclass=automount'

Search ad for ldap information.

ldapsearch -LLL -x -h ad.ongame.com -W -p 3268 -b DC=ongame,DC=com -D 'ONGAME\username' '(&(objectClass=person)(cn=User Name))'