Whatunga SWL (III): Debian Wheezy me ClearOS. Motuhēhēnga LDAP

Kia ora e hoa !. Ka mahi maatau i tetahi hononga me etahi rorohiko papamahi, engari i tenei wa me te punaha Whakahaere a Debian 7 "Wheezy". Hei kaiwhakarato ClearOS. Hei tuhinga, me maarama tatou ko te kaupapa Debian-Edu whakamahia a Debian ki o kaiwhakarato me nga waahi mahi. Ana ma taua kaupapa e ako ana kia maama ake ai te whakatuu i tetahi kura katoa.

He mea nui kia panuihia i mua:

  • Whakataki ki te Whatunga me te Raupaparorohiko Koreutu (I): Whakaaturanga o ClearOS

Ka kite tatou:

  • Tauira whatunga
  • Ka whirihorahia e maatau te kaihoko LDAP
  • I hangaia nga konae whirihoranga me / i whakarerekehia ranei
  • Ko te /etc/ldap/ldap.conf konae

Tauira whatunga

  • Kaitoha Rohe, DNS, DHCP, OpenLDAP, NTP: ClearOS Enterprise 5.2sp1.
  • Ingoa Kaiwhakahaere: Tuhinga
  • Ingoa Rohe: hoa.cu
  • Kaiwhakahaere IP: 10.10.10.60
  • ---------------
  • Putanga Debian: Wheehe.
  • Ingoa ropu: Debian7
  • Wāhitau IP: Ma te whakamahi i te DHCP

debian7-dhcp-ip

Ka whirihorahia e maatau te kaihoko LDAP

Me mau e tatou nga raraunga tuuturu OpenLDAP, ka mauhia mai e taatau mai i te hononga paetukutuku a ClearOS i roto i te «Whaiaronga »->« Rohe me te LDAP":

LDAP Base DN: dc = hoa, dc = cu LDAP Herea DN: cn = kaiwhakahaere, cn = a roto, dc = hoa, dc = cu LDAP Herea Kupuhipa: kLGD + Mj + ZTWzkD8W

Ka whakauruhia e maatau nga kohinga tika. Ka rite ki te kaiwhakamahi pakiaka mahia e matou:

he maarama whakauru i te maihao libnss-ldap nscd

Panui kei te putanga o te whakahau o mua kei roto ano te kohinga libpam-ldap. I te wa e whakauru ana ka paatai ​​ratou ki a maatau, he maha nga paatai, me tika te whakautu. Ko nga whakautu hei te tauira o tenei tauira:

Tūmau LDAP URI: ldap: //10.10.10.60
Te ingoa rongonui (DN) o te papa rapu: dc = hoa, dc = cu
Putanga LDAP hei whakamahi: 3
Kaute LDAP mo te pakiaka: cn = kaiwhakahaere, cn = a roto, dc = hoa, dc = cu
Kupuhipa mo te kaute LDAP pakiaka: kLGD + Mj + ZTWzkD8W

Inaianei kei te kii ia ko te konae tena /etc/nsswitch.conf kaore e whakahaerehia ana, ana me whakarereke a-ringa. Kei te hiahia koe ki te tuku i te kaute kaiwhakahaere LDAP ki te whakahaere hei kaiwhakahaere mo te rohe?: Si
Kei te hiahiatia he kaiwhakamahi kia uru ki te papaarangi LDAP?: No
Pūkete kaiwhakahaere LDAP: cn = kaiwhakahaere, cn = a roto, dc = hoa, dc = cu
Kupuhipa mo te kaute LDAP pakiaka: kLGD + Mj + ZTWzkD8W

Mena he he taatau ki nga whakautu o mua, ka whakamahia e taatau te kaiwhakamahi pakiaka:

dpkg-whakahou i nga libnss-ldap
dpkg-whakahou i te libpam-ldap

Ka tika ana ta maatau whakautu i nga patai i paatai ​​i mua, me te taapiri noa iho o te paatai:

Te algorithm whakamunatanga rohe hei whakamahi mo nga kupuhipa: Md5

Ojo ka whakautu ana na te mea ko te uara taunoa kua whakaekea mai ki a maatau Kariri, a me kii atu e tika ana Md5. Ka whakaatuhia mai he mata ki te aratau papatohu me te putanga o te whakahau pam-auth-whakahou mahia rite pakiaka, e ti'a ia tatou ki te whakaae.

Ka whakarerekehia e matou te konae /etc/nsswitch.conf, ka waiho e matou nga korero e whai ake nei:

# /etc/nsswitch.conf # # Tauira whirihoranga mo te GNU Ingoa Whakawhiti Ratonga mahi. # Mena kei a koe nga kohinga `glibc-doc-tohutoro 'me` info' kua whakauruhia, ngana: #` info libc "Whakawhiti Ratonga Ingoa" 'mo nga korero mo tenei konae. passwd:         whakatairite ldap
rōpū:          whakatairite ldap
atarangi:         whakatairite ldap

host: files mdns4_minimal [NOTFOUND = hokinga] dns mdns4 whatunga: konae konae: db files services: db files ethers: db files rpc: db files netgroup: nis

Ka whakarerekehia e matou te konae /etc/pam.d/common-session ki te hanga aunoa i nga kopae a nga kaiwhakamahi ka takiuru ana mena kaore ana:

[----]
huihuinga e hiahiatia ana pam_mkhomedir.so skel = / etc / skel / umask = 0022

### Ko te raina i runga ake nei me whakauru i MUA
# anei nga waahanga mo ia-paatete (te poraka "Paraimere") [----]

Ka mahia e matou i roto i te papatohu hei kaiwhakamahi pakiaka, Noa ki te Tirohia, pam-auth-whakahou:

debian7-pam-auth-whakahou

Ka tiimata ano te ratonga nscd, a ka tirohia e maatau:

: ~ # ratonga nscd timata ano
[ok] Te Whakaara Anō i te Keteroki Ratonga Ingoa Daemon: nscd. : ~ # hikoi maihao
Whakauru: strides Ingoa: Strides El Rey Whaiaronga: / home / strides Anga: / ipu / bash Kaua rawa e uru atu. Kaore he miera. Kaore he Mahere. : ~ # Tuhinga o mua
Nga nekehanga: x: 1006: 63000: Nga hikoi El Rey: / kaainga / hikoinga: / ipu / bash: ~ # haere mai i nga legolas
legolas: x: 1004: 63000: Legolas The Elf: / home / legolas: / bin / bash

Ka whakarerekehia e maatau te kaupapa here honohono-hono me te kaiwhakarato OpenLDAP.

Ka whakatika maatau hei kaiwhakamahi pakiaka me te tino tupato, te konae /etc/libnss-ldap.conf. Rapua te kupu «pakeke«. Ka tangohia e matou nga korero mai i te raina #bind_policy uaua a waiho ana e maatau penei: bind_policy ngohengohe.

Ko te panoni ano i whakahuatia i mua, ka tukuna e maatau ki te konae /etc/pam_ldap.conf.

Ko nga whakarereketanga o runga ake nei ka whakakore i te maha o nga karere e pa ana ki te LDAP i te wa o te whawhai, ana i te wa ano kia tere ake (te mahinga pana)

Ka tiimata ano e maatau te Wheezy na te mea he mea nui nga whakarereketanga i mahia:

: ~ # tīmata anō

Whai muri i te whakaara, ka taea e taatau te whakauru ki tetahi kaiwhakamahi kua rehitatia ki ClearOS OpenLDAP.

Ka tūtohu mātou ka oti tenei:

  • Whakaritehia nga kaiwhakamahi o waho hei mema o nga roopu rite ki nga kaiwhakamahi o te rohe i hangaia i te wa e whakauru ana to maatau Debian.
  • Te whakamahi i te whakahau matapo, mahia hei pakiaka, hoatu nga whakaaetanga mahia e tika ana ki nga kaiwhakamahi o waho.
  • Hangaia he tohu tohu me te wahitau https://centos.amigos.cu:81/?user en iceweasel, kia uru atu ki te whaarangi ake i ClearOS, hei huri i ta maatau kupuhipa.
  • Whakauruhia te OpenSSH-Tūmau-mena kaore i tohua e maatau i te wa e whakauru ana i te punaha- kia uru atu ai ki ta maatau Debian mai i tetahi atu rorohiko.

I hangaia nga konae whirihoranga me / i whakarerekehia ranei

Ko te kaupapa LDAP me nui te ako, te manawanui me te wheako. Ko te whakamutunga kaore i ahau. Ka tino taunakihia e maatau nga kohinga libnss-ldap y libpam-ldap, i nga waahanga whakarereke a-ringa e kore ai e tutuki te motuhēhēnga, me whakatika tika ma te whakamahi i te whakahau dpkg-whakahou, e hangaia e DEBCONF.

Ko nga konae whirihoranga e whai ake nei:

  • /etc/libnss-ldap.conf
  • /etc/libnss-ldap.secret
  • /etc/pam_ldap.conf
  • /etc/pam_ldap.secret
  • /etc/nsswitch.conf
  • /etc/pam.d/common-sessions

Ko te /etc/ldap/ldap.conf konae

Kaore ano matou kia pa ki tenei konae. Heoi, he tika te whakatuturutanga na te whirihoranga o nga konae i runga ake nei me te whirihoranga PAM i hangaia e pam-auth-whakahou. Heoi, me tika hoki te whirihora e tatou. He maama ki te whakamahi i nga whakahau penei Tuhinga o mua, he mea whakarato na te putea taputapu-ldap-utils. Ko te whirihoranga iti rawa ko:

BASE dc = hoa, dc = cu URI ldap: //10.10.10.60 SIZELIMIT 12 TIMELIMIT 15 KORE e kore

Ka taea e taatau te tirotiro mena he tika te mahi a te kaituku ClearOS OpenLDAP, mena ka mahi tatou i roto i te papatohu:

ldapsearch -d 5 -L "(objectclass = *)"

He nui te whakaputa whakahau. 🙂

Aroha ahau ki a Debian! Ana kua mutu te mahi mo tenei ra e hoa ma !!!

debian7.amigos.cu


Ko nga korero o te tuhinga e piri ana ki o maatau kaupapa o matatika whakatika. Ki te ripoata i tetahi paatene paato Here.

4 korero, waiho maau

Waiho to korero

Ka kore e whakaputaina tō wāhitau īmēra.

*

*

  1. He kawenga mo nga raraunga: Miguel Ángel Gatón
  2. Te kaupapa o te raraunga: Whakahaerehia te SPAM, te whakahaere korero.
  3. Ture: To whakaae
  4. Whakawhitinga korero: Kaore nga korero e tukuna ki nga taha tuatoru engari ma te ture herenga.
  5. Rokiroki raraunga: Paetukutuku e whakahaerehia ana e Occentus Networks (EU)
  6. Tika: I nga wa katoa ka taea e koe te whakaiti, te whakaora me te muku i o korero.

  1.   elav ka mea

    He tuhinga pai, whakatika tonu ki taku kaiutuutu tohutohu

    1.    Federico Antonio Valdes Toujague ka mea

      Mauruuru mo te korero mo Elav… he maha ake nga wahie 🙂 me te tatari mo te mea e whai ake nei ka ngana ki te whakamana ma te whakamahi i te sssd ki tetahi OpenLDAP.

  2.   euphoria ka mea

    Nga mihi nui ki a koutou mo te tohatoha mai, me te tumanako ki era atu tuku 😀

    1.    Federico Antonio Valdes Toujague ka mea

      Mauruuru mo te korero !!!. Te ahua nei ko te ngoikoretanga hinengaro o te motuhēhētanga ki te rohe Microsoft he kaha. No reira nga korero paku. Koina au ka tuhi mo nga whirinoa utu koreutu. Mena ka ata tirohia e koe, ka maama ake te whakamahi. He iti noa te kaupapa i te tuatahi. Engari kaore.

bool(pono)