29,276
edits
Changes
m
no edit summary
Line 1:
Line 1:
+<source lang="ini">+# Organization
−dn: dc=mydomain,dc=com
−objectclass: dcObject
−objectclass: organization
−dc: mydomain
−o: Description of annuary
−description: The description of annuary
−# Setting up container for Users OU
−dn: ou=People,dc=mydomain,dc=com
−objectclass: top
−objectclass: organizationalUnit
−ou: People
−# Setting up container for groups
−dn: ou=Groups,dc=mydomain,dc=com
−objectclass: top
−objectclass: organizationalUnit
−ou: Groups
−</source>
ldapadd -f init.ldif -D "cn=Manager,dc=mydomain,dc=com" -w secret
−or
+
+
+
<!-- BEGIN origin interlang links -->
+<!-- You can edit this section but do NOT remove these comments
+ Links below will be automatically replicated on translated pages by PolyglotBot -->
+[[fr:Installer_et_configurer_OpenLDAP]]
+[[es:Instalar_y_configurar_OpenLDAP]]
+<!-- END interlang links -->
+
[[Category:Admin]]
[[Category:Admin]]
+[[Category:Admin_en]]
+
This chapter is not related to Dolibarr iself. It contains a tutorial to install a LDAP annuary that could be linked with Dolibarr.
This chapter is not related to Dolibarr iself. It contains a tutorial to install a LDAP annuary that could be linked with Dolibarr.
Line 12:
Line 21:
Otherwise the DN root, user and password to connect may be available into:
Otherwise the DN root, user and password to connect may be available into:
* file '''slapd.conf'''. Port may also be into this file, if not, it is default port value: 389.
* file '''slapd.conf'''. Port may also be into this file, if not, it is default port value: 389.
−* file '''olcDatabase={1}hdb.ldif'''. Entry '''olcRootDN''' ans '''olcRootPW'''.
+* file '''olcDatabase={1}hdb.ldif'''. Entry with login/pass are '''olcRootDN''' and '''olcRootPW'''.
Stop the service
Stop the service
Line 19:
Line 28:
Modify file '''slapd.conf''' also to add includes of schemas you will need to declare your LDAP objects.
Modify file '''slapd.conf''' also to add includes of schemas you will need to declare your LDAP objects.
−<source lang="ini">
+<syntaxHighlight lang="ini">
include ./schema/core.schema
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/inetorgperson.schema
include ./schema/nis.schema
include ./schema/nis.schema
−</source>
+</syntaxHighlight>
or add shemas with
or add shemas with
−<source lang="ini">
+<syntaxHighlight lang="ini">
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
−</source>
+</syntaxHighlight>
Restart the service.
Restart the service.
Line 38:
Line 47:
* Server: Localhost
* Server: Localhost
* Port: 389
* Port: 389
−* User: cn=admin,dc=example,dc=com or cn=Manager,dc=example,dc=com
+* User: cn=admin,dc=example,dc=com or cn=Manager,dc=example,dc=com or cn=admin,dc=nodomain
* Password: secret
* Password: secret
* Base DN (optionnel): keep empty or set dc=mydomain,dc=com
* Base DN (optionnel): keep empty or set dc=mydomain,dc=com
Line 45:
Line 54:
Next step is to define information to store into your LDAP.
Next step is to define information to store into your LDAP.
−Create a file init.ldif with your organization. For example:
+Create a file init.ldif with your organization. For example (take care to keep empty line between each block. With some LDAP, you may also need to create several files for each block):
−{{TemplateInitLDapDif}}
−Execute file using the LDAP admin user:
Execute file using the LDAP admin user:
−<source lang="bash">
+<syntaxHighlight lang="bash">
−ldapadd -f init.ldif -D "cn=admin,dc=mydomain,dc=com" -w secret
ldapadd -f init.ldif -D "cn=admin,dc=mydomain,dc=com" -w secret
−</source>
+</syntaxHighlight>
+= Create few users =
+Create a file inituser.ldif with your organization. For example (take care to keep empty line between each block):
+<syntaxHighlight lang="ini">
+# Some User
+dn: sn=someuser,ou=mypeople,dc=nodomain
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+cn: Some User
+sn: someuser
+mail: someuser@nodomain
+userPassword: {SSHA}hnP4gNK7SbgsAW3eTZYf23a4R7Ob19l2
+</syntaxHighlight>
+Use '''slappasswd -s passwordtocrypt''' to generate a password.
= Troubleshooting =
= Troubleshooting =
Line 78:
Line 85:
To confirm problem, go onto DOS under directory data of OpenLDAP and launch command
To confirm problem, go onto DOS under directory data of OpenLDAP and launch command
−<source lang="bash">
+<syntaxHighlight lang="bash">
..\db_stat -e
..\db_stat -e
−</source>
+</syntaxHighlight>
If message is the one described, launch repare of base with
If message is the one described, launch repare of base with
−<source lang="bash">
+<syntaxHighlight lang="bash">
..\db_recover
..\db_recover
−</source>
+</syntaxHighlight>
Server should be able to start again.
Server should be able to start again.