Ubuntu14下OpenLdap常规的安装方法是:
apt-get install slapd ldap-utils
dpkg-reconfigure slapd
绿色版OpenLdap的好处是,在相同操作系统环境下,解压到任意目录就可以使用,所有东西都在一个目录里,不需要安装配置,带数据,不像常规方法安装后配置、数据、库,二进制文件东一块西一块。
制作绿色版OpenLdap的关键,主要是相关目录的配置,服务启动方法,以及如何绕过一些坑儿。
制作过程:
1.在已经安装好openLdap的Ubuntu14上,参考slapd.conf,从各个相关目录提取文件,放到openldap目录下的对应文件夹下(比如把/usr/local/libexec/openldap下的东西都放到mod目录下),定制slapd.conf:
# slapd.conf - Configuration file for LDAP SLAPD
##########
# Basics #
##########
#include /etc/ldap/schema/core.schema
#include /etc/ldap/schema/cosine.schema
#include /etc/ldap/schema/inetorgperson.schema
include conf/schema_topca/core.schema
include conf/schema_topca/corba.schema
include conf/schema_topca/cosine.schema
include conf/schema_topca/inetorgperson.schema
include conf/schema_topca/misc.schema
include conf/schema_topca/openldap.schema
include conf/schema_topca/nis.schema
include conf/schema_topca/java.schema
#include /etc/ldap/schema_topca/powerChina.schema
pidfile run/slapd.pid
argsfile run/slapd.args
loglevel none
modulepath mod
# modulepath /usr/local/libexec/openldap
moduleload back_hdb
##########################
# Database Configuration #
##########################
database hdb
suffix "o=moxiaobei,c=cn"
rootdn "cn=admin,o=moxiaobei,c=cn"
rootpw yourpassword
directory data
# directory /usr/local/var/openldap-data
index objectClass,cn eq
########
# ACLs #
########
access to attrs=userPassword
by anonymous auth
by self write
by * none
access to *
by self write
by * none
2.启动:start_openldap.sh
#!/bin/bash
ps -ef|grep -v grep|grep slapd|while read u p o
do
kill -9 $p
#echo $p
done
sleep 1
export LD_LIBRARY_PATH=lib
export PATH=bin:$PATH
nohup slapd -d 1 -h "ldap://:389 ldapi://xx" -g root -u root -f conf/slapd.conf &
sleep 1
echo ""
echo "Openldap已经启动!"
3.注意这里的一个坑儿:ldapi://xx,表示启动后在当前目录下产生一个名为xx的socket文件。
4.如果想把这个socket文件放在其他目录下,需要把路径里的/写成%2f,如放到当前目录下的run目录下:
ldapi://.%2frun%2fxx
5.测试:
把openldap目录打包复制到其他未安装OpenLdap的Ubuntu14上,解压到任意目录,运行start_openldap.sh,看看是否启动成功。