The Virtualization Cookbook for SLES 10 SP2 - z/VM - IBM
The Virtualization Cookbook for SLES 10 SP2 - z/VM - IBM
The Virtualization Cookbook for SLES 10 SP2 - z/VM - IBM
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Complete!<br />
OpenLDAP should now be installed on LINUX02.<br />
11.2.2 Configuring the OpenLDAP server<br />
Any detailed description of LDAP is outside the scope of this book. Rather, short<br />
configuration recommendations are given in this section.<br />
<strong>The</strong>re are two important configuration values that must be chosen.<br />
1. <strong>The</strong> suffix or base distinguished name of the LDAP Domain In<strong>for</strong>mation Tree (DIT) - the<br />
most common suffix is to use your company’s DNS name.<br />
2. <strong>The</strong> LDAP administrator or root name and password.<br />
Per<strong>for</strong>m the following steps:<br />
► Choose an administrative password and run the slappasswd command which displays an<br />
encrypted version of it. <strong>The</strong> output of this command will be used shortly in a configuration<br />
file so you may want to make a copy of it.<br />
# slappasswd<br />
New password: lnx4vm<br />
Re-enter new password: lnx4vm<br />
{SSHA}6KT4R+YjZqDidFUNGUa4jrWFGaqEFfkV<br />
► <strong>The</strong> OpenLDAP server configuration file that will contain the LDAP manager (root)<br />
password is /etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb.ldif. Make a<br />
backup copy of that file:<br />
# cd /etc/openldap/slapd.d/cn=config<br />
# cp olcDatabase={1}bdb.ldif olcDatabase={1}bdb.ldif.orig<br />
► Edit the file and add one line to set the LDAP manager’s password. Use the variable<br />
olcRootPW and set the password to the output of the previous slappasswd command:<br />
# vi olcDatabase={1}bdb.ldif<br />
dn: olcDatabase={1}bdb<br />
objectClass: olcDatabaseConfig<br />
objectClass: olcBdbConfig<br />
olcDatabase: {1}bdb<br />
olcSuffix: dc=my-domain,dc=com<br />
olcAddContentAcl: FALSE<br />
olcLastMod: TRUE<br />
olcMaxDerefDepth: 15<br />
olcReadOnly: FALSE<br />
olcRootDN: cn=Manager,dc=my-domain,dc=com<br />
olcRootPW: {SSHA}6KT4R+YjZqDidFUNGUa4jrWFGaqEFfkV<br />
olcMonitoring: TRUE<br />
olcDbDirectory: /var/lib/ldap<br />
...<br />
► Save the file. Your LDAP server should now be minimally configured.<br />
Start the LDAP service<br />
To start the LDAP server, per<strong>for</strong>m the following steps:<br />
► Start LDAP at boot time with the chkconfig command and <strong>for</strong> this session with the<br />
service command:<br />
# chkconfig slapd on<br />
# service slapd start<br />
174 <strong>The</strong> <strong>Virtualization</strong> <strong>Cookbook</strong> <strong>for</strong> RHEL 6