# yum install openldap-servers openldap-clients nss_ldap
2.Copy DB_CONFIG
#cp DB_CONFIG.example /var/lib/ldap/DB_CONFIG
3.Created encrypted password for slapd
# slappasswd
{SSHA}372BLnDbuRFpPdQpKi2SRISPaoQEcQW9
4.copy and pasted above encrypted password into slapd.conf
# rootpw {crypt}ijFYNcSNctBYg <--------------replace here
5.Change rootDN and suffix accordingly like below example
6.uncomment below partssuffix "dc=ezmcom,dc=com"rootdn "cn=Administrator,dc=ezmcom,dc=com"
#vi /etc/openldap/slapd.conf
TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
TLSCertificateFile /etc/pki/tls/certs/slapd.pem
TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem
7.edit ldap.conf file and change to
#vi /etc/openldap/ldap.conf
base dc=ezmcom,dc=com
uri ldap://127.0.0.1:636
TLS_CACERTDIR /etc/openldap/cacerts
ssl start_tls
8.Generate an RSA key using below command.
#openssl genrsa -out cert.key 1024
#openssl req -new -key cert.key -out cert.csr
Note:common name should match with ur suffix dc (ezmcom)
9.Generate self-signing certificate using below command
#openssl x509 -req -in cert.csr -days 365 -signkey cert.key -out cert.crt
10.restart ldap
#/etc/init.d/ldap restart
Credit to
No comments:
Post a Comment