OpenLDAP 2.0.x updates

2000-09-26 13:32:23 +00:00 · 2000-09-26 13:32:23 +00:00 · 648e385618
parent 9f31200171
commit 648e385618
1 changed files with 24 additions and 15 deletions
--- a/LDP/howto/docbook/Ldap-Implementation-HOWTO/section-pamnss.sgml
+++ b/LDP/howto/docbook/Ldap-Implementation-HOWTO/section-pamnss.sgml
@ -286,23 +286,30 @@ LDAP database with the command:</PARA>
 #ldif2ldbm -i your_file.ldif 
 </PROGRAMLISTING></PARA> 

-<NOTE> <PARA>ldif2ldbm is provided with the OpenLDAP package</PARA> </NOTE>
+<NOTE> <PARA>ldif2ldbm is provided with the OpenLDAP 1.2.x  package, if you use
+OpenLDAP 2.0.x, you should use the <FILE>ldapadd</FILE> command (after the
+server is started).</PARA> </NOTE>
+
+<PARA>If you use OpenLDAP 2.0.x (LDAPv3) you can find the standard nis schema
+in the file <FILE>etc/openldap/schema/nis.schema</FILE>, include it in your
+<FILE>slapd.conf</FILE> with the include directive, to have schema
+enforcement.</PARA>

 <PARA>Here is an example of a minimal LDIF file. Each entry is
 separated by a blank line.</PARA>

 <PARA><PROGRAMLISTING FORMAT="LINESPECIFIC">
 dn:dc=yourorg, dc=com
-objectclass: top 
+objectclass: top
 objectclass: organizationalUnit

 dn:ou=groups, dc=yourorg, dc=com
-objectclass: top 
+objectclass: top
 objectclass: organizationalUnit
 ou: groups

 dn:ou=people, dc=yourorg, dc=com
-objectclass: top 
+objectclass: top
 objectclass: organizationalUnit
 ou: people

@ -396,8 +403,8 @@ Communicator certificate database.</PARA> </FOOTNOTE>.</PARA>
 <PARA>To compile and install pam_ldap, do the following:</PARA>

 <PARA><PROGRAMLISTING FORMAT="LINESPECIFIC">
-$ ./configure --with-ldap-lib=netscape4
- \ --with-ldap-dir=/usr/local/ldapsdk
+$ ./configure --with-ldap-lib=netscape4 \
+              --with-ldap-dir=/usr/local/ldapsdk
 $ make
 # make install
 </PROGRAMLISTING></PARA>
@ -588,7 +595,8 @@ host 192.111.111.111
 # The distinguished name of the search base.
 base dc=yourorg, dc=com
 #
-# The LDAP version to use (defaults to 2)
+# The LDAP version to use (defaults to 2,
+# use 3 if you are using OpenLDAP 2.0.x or Netscape Directory Server)
 # ldap_version 3
 #
 # The distinguished name to bind to the server with.
@ -699,7 +707,7 @@ with a command like:</PARA>


 <PARA><PROGRAMLISTING FORMAT="LINESPECIFIC">
-#/usr/local/libexec/slapd	 
+# slapd	 
 </PROGRAMLISTING></PARA>

 <PARA>If you use stunnel, it has to be started on the LDAPS port 636:</PARA>
@ -709,18 +717,19 @@ with a command like:</PARA>
 -p /usr/local/ssl/certs/stunnel.pem	 
 </PROGRAMLISTING></PARA>

-<PARA>For debugging you can start stunnel in foreground with the following
- syntax:</PARA>
+<PARA>If you use OpenLDAP 2.0.x, compiled with TLS (OpenSSL), you can start the
+server using the command</PARA>

-<PARA><PROGRAMLISTING FORMAT="LINESPECIFIC">
-# /usr/local/sbin/stunnel  -r ldap  -d 636 \
-	-D 7 -f -p /usr/local/ssl/certs/stunnel.pem
+<PARA><PROGRAMLISTING FORMAT="LINESPECIFIC">  
+# slapd -h "ldap:/// ldaps:///"
 </PROGRAMLISTING></PARA>

-<PARA>On the client nscd can be started with the RedHat startup script:</PARA>
+
+<PARA>On the client nscd can be started with the a startup script, usually
+found in many Linux distributions:</PARA>

 <PARA><PROGRAMLISTING FORMAT="LINESPECIFIC"> 
-#/etc/rc.d/init.d/nscd start
+# /etc/rc.d/init.d/nscd start
 </PROGRAMLISTING></PARA>

 <PARA>If PAM and NSS are correctly configured this should be enough.</PARA>