This will guide you through installation of OpenLDAP server, necessary schemas and basic configuration.
Perform all operation as root.
yum install openldap-servers openldap-clients
First, prepare a hash of password for Manager account (cn=Manager,dc=global).
/usr/sbin/slappasswdYour hash will look like
{SSHA}3UEQ/xde0xhzQ8jn6tAQEkqHSlPJawqa
Find and edit file /etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif
, change following lines:
olcSuffix: dc=global olcRootDN: cn=Manager,dc=global olcRootPW: {SSHA}3UEQ/xde0xhzQ8jn6tAQEkqHSlPJawqaIf olcRootPW line doesn't exist, just add it.
Find file /etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif
and modify permissions, so
our Manager account can manage the top config level (needed to add domains).
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by dn.base="cn=Manager,dc=global" manage by * none
service slapd start
wget http://www.tnsadmin.com/resources/tnsadmin.ldif -O /tmp/tnsadmin.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/tnsadmin.ldif
Now, you have OpenLDAP server installed. Next, we will create structure and populate data.
service slapd restart
Now, you have OpenLDAP server installed. Next, we will create structure and populate data.
/tmp/base-global.ldif
with structure definition
dn: dc=global objectclass: dcObject objectclass: organization o: Global root dc: global dn: cn=Manager,dc=global objectclass: organizationalRoleAnd execute ldapadd command
ldapadd -f /tmp/base-global.ldif -D cn=Manager,dc=global -W
First, create directory to hold database datafiles
mkdir /var/lib/ldap/mydomain.com chown ldap:ldap /var/lib/ldap/mydomain.comThen create file
/tmp/domain-mydomaincom.ldif
with structure definition
# /tmp/domain-mydomaincom dn: olcDatabase=bdb,cn=config changetype: add objectClass: olcBdbConfig olcDatabase: bdb olcSuffix: dc=mydomain,dc=com olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by dn.base="cn=Manager,dc=global" manage by * read olcDbDirectory: /var/lib/ldap/mydomain.comCreate database
ldapadd -f /tmp/domain-mydomaincom.ldif -D cn=Manager,dc=global -WNow we have an empty database, and need to populate it with new structure. To do this, create another ldif file
/tmp/mydomaincom-init.ldif
# /tmp/mydomaincom-init.ldif dn: dc=mydomain,dc=com objectClass: top objectClass: dcObject objectClass: organization o: mydomain.com domain dc: mydomain dn: cn=OracleContext,dc=mydomain,dc=com objectclass: orclContext cn: OracleContextand execute ldapadd to populate database
ldapadd -x -D cn=Manager,dc=global -W -f /tmp/mydomaincom-init.ldifAt this point, our database is ready to be filled with TNS records.
# /tmp/db1.mydomain.com.ldif dn: cn=DB1,cn=OracleContext,dc=mydomain,dc=com objectclass: top objectclass: orclNetService cn: DB1 orclNetDescString: (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.171.208)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=DB1)))and have to run ldapadd to add it to database
ldapadd -x -D cn=Manager,dc=global -W -f /tmp/db1.mydomain.com.ldif