{"id":3362,"date":"2023-12-17T13:50:12","date_gmt":"2023-12-17T12:50:12","guid":{"rendered":"https:\/\/bob-team.de\/wordpress\/?p=3362"},"modified":"2024-08-25T11:35:33","modified_gmt":"2024-08-25T09:35:33","slug":"openldap-installieren","status":"publish","type":"post","link":"https:\/\/bob-team.de\/wordpress\/2023\/12\/17\/openldap-installieren\/","title":{"rendered":"OpenLDAP installieren"},"content":{"rendered":"

OpenLDAP unter Ubuntu 22.04<\/a><\/p>\n

LDAP and Transport Layer Security<\/a><\/p>\n

LDIF-Dateien verwenden<\/a><\/p>\n

OpenLDAP memberOf overlay<\/a> + memberof overlay<\/a><\/p>\n

dpkg-reconfigure slapd\r\n\r\nslapcat\r\n\r\nldapadd -x -D \"cn=admin,dc=abc,dc=app\" -W -f ldap\/01_add_init.ldif\r\n\r\nopenssl s_client -connect abc.app:8080 -showcerts | head\r\nopenssl s_client -connect localhost:636 -showcerts\r\n\r\nopenssl x509 -outform der -in \/etc\/letsencrypt\/live\/abc.app\/fullchain.pem -out \/etc\/ldap\/sasl2\/abc.crt\r\nopenssl pkey -in \/etc\/letsencrypt\/live\/abc.app\/privkey.pem -out \/etc\/ldap\/sasl2\/abc.key\r\ncp \/etc\/ssl\/certs\/ca-certificates.crt \/etc\/ldap\/sasl2\r\nchown -R openldap. \/etc\/ldap\/sasl2\r\n\r\ncp \/etc\/letsencrypt\/live\/abc.app\/fullchain.pem \/etc\/ldap\/abc_crt.pem\r\nchmod +r \/etc\/ldap\/abc_crt.pem\r\ncp \/etc\/letsencrypt\/live\/abc.app\/privkey.pem \/etc\/ldap\/abc_key.pem\r\nchmod +r \/etc\/ldap\/abc_key.pem\r\n\r\nldapmodify -Y EXTERNAL -H ldapi:\/\/\/ -f ldap\/02_modify_ssl.ldif\r\n\r\nvim \/etc\/default\/slapd\r\nSLAPD_SERVICES=\"ldap:\/\/\/ ldapi:\/\/\/ ldaps:\/\/\/\"\r\n\r\nsystemctl restart slapd\r\n\r\nldapsearch -Q -LLL -Y EXTERNAL -H ldapi:\/\/\/\r\n\r\nldapwhoami -x -H ldaps:\/\/abc.app\r\nanonymous\r\n\r\njournalctl -efu slapd\r\n\r\nufw allow 636\r\nufw reload\r\n\r\nufw status numbered\r\nufw delete 9999<\/pre>\n","protected":false},"excerpt":{"rendered":"
OpenLDAP unter Ubuntu 22.04 LDAP and Transport Layer Security LDIF-Dateien verwenden OpenLDAP memberOf overlay + memberof overlay dpkg-reconfigure slapd slapcat ldapadd -x -D „cn=admin,dc=abc,dc=app“ -W -f ldap\/01_add_init.ldif openssl s_client -connect abc.app:8080 -showcerts | head openssl s_client -connect localhost:636 -showcerts openssl x509 -outform der -in \/etc\/letsencrypt\/live\/abc.app\/fullchain.pem -out \/etc\/ldap\/sasl2\/abc.crt openssl pkey -in \/etc\/letsencrypt\/live\/abc.app\/privkey.pem -out \/etc\/ldap\/sasl2\/abc.key cp \/etc\/ssl\/certs\/ca-certificates.crt […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[216],"class_list":["post-3362","post","type-post","status-publish","format-standard","hentry","category-linux","tag-openldap","entry"],"_links":{"self":[{"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/posts\/3362","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/comments?post=3362"}],"version-history":[{"count":5,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/posts\/3362\/revisions"}],"predecessor-version":[{"id":3687,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/posts\/3362\/revisions\/3687"}],"wp:attachment":[{"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/media?parent=3362"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/categories?post=3362"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bob-team.de\/wordpress\/wp-json\/wp\/v2\/tags?post=3362"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}