353 lines
7.2 KiB
HTML
353 lines
7.2 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>OpenLDAP Creation and Maintenance Tools</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Linux OpenLDAP Server"
|
|
HREF="net-oLDAP.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Securing OpenLDAP"
|
|
HREF="chap26sec215.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Create the LDMB backend database on-line"
|
|
HREF="chap26sec217.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap26sec215.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 26. Linux OpenLDAP Server</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap26sec217.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN16450"
|
|
>26.7. OpenLDAP Creation and Maintenance Tools</A
|
|
></H1
|
|
><P
|
|
> To Create of the LDMB backend database, there are two methods to create a database for <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
>,
|
|
<P
|
|
></P
|
|
><OL
|
|
TYPE="1"
|
|
><LI
|
|
><P
|
|
> The first is off-line with the <B
|
|
CLASS="command"
|
|
>ldif2ldbm</B
|
|
> command utility
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> The other is on-line with the <B
|
|
CLASS="command"
|
|
>ldapadd</B
|
|
> command utility.
|
|
</P
|
|
></LI
|
|
></OL
|
|
>
|
|
Usually you use the off-line method when you have many thousands of entries to insert into your database and the on-line method when you have only a small number of entries to put into your database. It is also important to
|
|
note that
|
|
<P
|
|
></P
|
|
><UL
|
|
><LI
|
|
><P
|
|
> The off-line method requires that your <TT
|
|
CLASS="literal"
|
|
>slapd</TT
|
|
> daemon is not running
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> The on-line method requires that your <TT
|
|
CLASS="literal"
|
|
>slapd</TT
|
|
> daemon of <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> is running.
|
|
</P
|
|
></LI
|
|
></UL
|
|
>
|
|
</P
|
|
><DIV
|
|
CLASS="section"
|
|
><H2
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN16469"
|
|
>26.7.1. <SPAN
|
|
CLASS="acronym"
|
|
>LDMB</SPAN
|
|
> backend database off-line</A
|
|
></H2
|
|
><P
|
|
> The first thing to do is to create an <SPAN
|
|
CLASS="acronym"
|
|
>LDIF</SPAN
|
|
> input file containing a text representation of your entries. The text file named <TT
|
|
CLASS="filename"
|
|
>my-data-file</TT
|
|
> below can be used as an example file. <EM
|
|
>Of course, your
|
|
real LDIF input file will handle much more information than this example</EM
|
|
>. When you install OpenLDAP for the first time and have big entries to put in your backend database, it's always a good idea to put all this information into
|
|
a text file and add them into your backend database with the <B
|
|
CLASS="command"
|
|
>ldif2ldbm</B
|
|
> command utility.
|
|
</P
|
|
><DIV
|
|
CLASS="example"
|
|
><A
|
|
NAME="AEN16477"
|
|
></A
|
|
><P
|
|
><B
|
|
>Example 26-1. <TT
|
|
CLASS="filename"
|
|
>my-data-file</TT
|
|
></B
|
|
></P
|
|
><P
|
|
> Create the file, <B
|
|
CLASS="command"
|
|
>touch</B
|
|
> <TT
|
|
CLASS="filename"
|
|
>/tmp/my-data-file</TT
|
|
> and add as an example in this file the following lines:
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="procedure"
|
|
><OL
|
|
TYPE="1"
|
|
><LI
|
|
><P
|
|
>
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="programlisting"
|
|
> dn: o=openna, c=com
|
|
o: openna
|
|
objectclass: organization
|
|
|
|
dn: cn=Gerhard Mourani, o=openna, c=com
|
|
cn: Gerhard Mourani
|
|
sn: Mourani
|
|
mail: gmourani@videotron.ca
|
|
title: Author
|
|
objectclass: person
|
|
|
|
dn: cn=Anthony Bay, o=openna, c=com
|
|
cn: Anthony Bay
|
|
sn: Bay
|
|
homephone: (444) 111-2233
|
|
mobile: (444) 555-6677
|
|
mail: abay@openna.com
|
|
objectclass: person
|
|
|
|
dn: cn=George Parker, o=openna, c=com
|
|
cn: George Parker
|
|
sn: Parker
|
|
telephonenumber: (555) 234-5678
|
|
fax: (543) 987-6543
|
|
mobile: (543) 321-4354
|
|
description: E-Commerce
|
|
objectclass: person
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
The above example shows you how to convert your information into <SPAN
|
|
CLASS="acronym"
|
|
>LDIF</SPAN
|
|
> files before adding them to your new backend directory. Consult your OpenLDAP documentation or book for more information.
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Once the <SPAN
|
|
CLASS="acronym"
|
|
>LDIF</SPAN
|
|
> input file containing our entries has been created, we must insert it in the <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> directory server.
|
|
To insert the LDIF input file and create the database off-line, use the following command:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep ]/tmp# <B
|
|
CLASS="command"
|
|
>ldif2ldbm</B
|
|
> -i <inputfile> -f <slapdconfigfile>
|
|
[root@deep ]/tmp# <B
|
|
CLASS="command"
|
|
>ldif2ldbm</B
|
|
> -i my-data-file -f /etc/openldap/slapd.conf
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
The -i option with the <inputfile> option specifies the location of the LDIF input file containing the entries in text form to add. The <slapdconfigfile> option specifies the location of the slapd configuration file, which specifies where to create the indexes, what indexes to create, etc.
|
|
</P
|
|
></LI
|
|
></OL
|
|
></DIV
|
|
><DIV
|
|
CLASS="important"
|
|
><BLOCKQUOTE
|
|
CLASS="important"
|
|
><P
|
|
><B
|
|
><SPAN
|
|
CLASS="inlinemediaobject"
|
|
><IMG
|
|
SRC="./images/Important.gif"
|
|
ALT="Important"
|
|
></IMG
|
|
></SPAN
|
|
>: </B
|
|
>
|
|
It is important to note that the <B
|
|
CLASS="command"
|
|
>slapd</B
|
|
> daemon of <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> is not started in this mode of creation.
|
|
</P
|
|
></BLOCKQUOTE
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap26sec215.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap26sec217.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Securing OpenLDAP</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="net-oLDAP.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Create the LDMB backend database on-line</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |