406 lines
7.2 KiB
HTML
406 lines
7.2 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Create the LDMB backend database on-line</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Linux OpenLDAP Server"
|
|
HREF="net-oLDAP.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="OpenLDAP Creation and Maintenance Tools"
|
|
HREF="chap26sec216.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="OpenLDAP Users Tools"
|
|
HREF="chap26sec218.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap26sec216.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 26. Linux OpenLDAP Server</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap26sec218.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN16505"
|
|
>26.8. Create the LDMB backend database on-line</A
|
|
></H1
|
|
><P
|
|
> If the entries in your directory server are already created or if you have only a small amount of information to insert into your backend database, you'll prefer to use the <B
|
|
CLASS="command"
|
|
>ldapadd</B
|
|
> command utility to do
|
|
your job on-line. For example, to add the <TT
|
|
CLASS="literal"
|
|
>Europe Mourani</TT
|
|
> entry using the <B
|
|
CLASS="command"
|
|
>ldapadd</B
|
|
> tool, you could create a file called <TT
|
|
CLASS="filename"
|
|
>newentry</TT
|
|
> in your <TT
|
|
CLASS="filename"
|
|
>/tmp</TT
|
|
>
|
|
directory.
|
|
</P
|
|
><DIV
|
|
CLASS="example"
|
|
><A
|
|
NAME="AEN16513"
|
|
></A
|
|
><P
|
|
><B
|
|
>Example 26-2. <SPAN
|
|
CLASS="acronym"
|
|
>LDMB</SPAN
|
|
> backend</B
|
|
></P
|
|
><P
|
|
> Create the <TT
|
|
CLASS="filename"
|
|
>newentry</TT
|
|
> file, <B
|
|
CLASS="command"
|
|
>touch</B
|
|
> <TT
|
|
CLASS="filename"
|
|
>/tmp/newentry</TT
|
|
> and add in this file the following contents:
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="procedure"
|
|
><OL
|
|
TYPE="1"
|
|
><LI
|
|
><P
|
|
>
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="programlisting"
|
|
> cn=Europe Mourani, o=openna, c=com
|
|
cn=Europe Mourani
|
|
sn=Mourani
|
|
mail=emourani@old.com
|
|
description=Marketing relation
|
|
objectClass=person
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Once the file <TT
|
|
CLASS="filename"
|
|
>newentry</TT
|
|
> has been created, we must add the entry into the <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> directory server.
|
|
To actually create the entry on-line in the backend database, use the following command:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep] /# <B
|
|
CLASS="command"
|
|
>ldapadd</B
|
|
> -f /tmp/newentry -D "cn=admin, o=openna, c=com" -W
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="literallayout"
|
|
><TT
|
|
CLASS="computeroutput"
|
|
> Enter LDAP Password :
|
|
</TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
The above command assumes that you have set rootdn to <TT
|
|
CLASS="literal"
|
|
>cn=admin, o=openna, c=com</TT
|
|
> and rootpw to <TT
|
|
CLASS="literal"
|
|
>secret</TT
|
|
>. You will be prompted to enter the password.
|
|
</P
|
|
></LI
|
|
></OL
|
|
></DIV
|
|
><DIV
|
|
CLASS="important"
|
|
><BLOCKQUOTE
|
|
CLASS="important"
|
|
><P
|
|
><B
|
|
><SPAN
|
|
CLASS="inlinemediaobject"
|
|
><IMG
|
|
SRC="./images/Important.gif"
|
|
ALT="Important"
|
|
></IMG
|
|
></SPAN
|
|
>: </B
|
|
>
|
|
It is important to note that the <B
|
|
CLASS="command"
|
|
>slapd</B
|
|
> daemon of <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> is started in this mode of creation.
|
|
</P
|
|
></BLOCKQUOTE
|
|
></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H2
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN16544"
|
|
>26.8.1. ldapmodify</A
|
|
></H2
|
|
><P
|
|
> Contrary to relational databases where data is constantly changed, the directory server contains information that is rarely modified once inserted. But, some times you need to modify information, and the <B
|
|
CLASS="command"
|
|
>ldapmodify</B
|
|
>
|
|
tool will help you in your tasks. The <B
|
|
CLASS="command"
|
|
>ldapmodify</B
|
|
> command allows you to add or modify entries on the backend directory server.
|
|
</P
|
|
><DIV
|
|
CLASS="example"
|
|
><A
|
|
NAME="AEN16549"
|
|
></A
|
|
><P
|
|
><B
|
|
>Example 26-3. <TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
></B
|
|
></P
|
|
><P
|
|
> Assuming that we want to replace the contents of the <TT
|
|
CLASS="literal"
|
|
>Europe Mourani</TT
|
|
> entry's mail attribute with the new value <TT
|
|
CLASS="literal"
|
|
>emourani@new.com,</TT
|
|
> the following steps will be require:
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="procedure"
|
|
><OL
|
|
TYPE="1"
|
|
><LI
|
|
><P
|
|
>
|
|
Create the <TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
> file, <B
|
|
CLASS="command"
|
|
>touch</B
|
|
> <TT
|
|
CLASS="filename"
|
|
>/tmp/modifyentry</TT
|
|
> and add in this file the contents:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="programlisting"
|
|
> cn=Europe Mourani, o=openna, c=com
|
|
- mail=emourani@old.com # will delete the old mail address for Europe Mourani in the database.
|
|
+mail=emourani@new.com # will add the new mail address for Europe Mourani in the database.
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Once the <TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
> file has been created, we must replace the entry in the <SPAN
|
|
CLASS="acronym"
|
|
>LDAP</SPAN
|
|
> directory server with the one contained in this file -<TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
>.
|
|
To modify the contents of backend database, use the following command:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep] /# <B
|
|
CLASS="command"
|
|
>ladpmodify</B
|
|
> -D cn=Admin, o=openna, c=com -W -f <inputfile>
|
|
[root@deep] /# <B
|
|
CLASS="command"
|
|
>ladpmodify</B
|
|
> -D cn=Admin, o=openna, c=com -W -f modifyentry
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
Where <inputfile> is the name of the file <TT
|
|
CLASS="filename"
|
|
>modifyentry</TT
|
|
> we created in step 1 above.
|
|
</P
|
|
></LI
|
|
></OL
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap26sec216.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap26sec218.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>OpenLDAP Creation and Maintenance Tools</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="net-oLDAP.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>OpenLDAP Users Tools</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |