LDAP Client Login Authentication & SSH server Setup
Posted 06-03-2008 at 07:00 AM by sujit123
Hello,
First Download the RPM
ssh-1.2.27-7us.i386.rpm
ssh-clients-1.2.27-7us.i386.rpm
ssh-server-1.2.27-7us.i386.rpm
ssh-extras-1.2.27-7us.i386.rpm
You will then need to use rpm to install them.
rpm -Uvh ssh*
LDAP Client Login Authentication:
LDAP Installation and Configuration
Packages
OpenLDAP v1.2.9 (http://www.openldap.org/) – Open Source LDAP Server
GDBM v1.8.0 (http://www.gnu.org/gnulist/production/gdbm.html) – GNU dbm database routines
1. Install the above packages according to the documentation provided with the distribution.
2. Modify slapd.conf and ldap.conf which were installed in /usr/local/etc/openldap by default with v1.2.9. These are the main config files for the LDAP server. See Appendix A for sample config files.
3. Make sure that the directory specified for the ldbm database exists.
4. Start the slapd daemon (may need to use the –f command to point to slapd.conf, see man pages)
5. There is a small problem (as of v1.2.9) with OpenLDAP. An initial database is supposed to be created when you add the first entry into LDAP, however if you try to do this with JNDI, it doesn't seem to work correctly. To get around this problem, create the first entry using the command-line "ldapadd" utility provided with OpenLDAP.
Create a temporary file called newentry, an example is shown below:
o=TVW, c=US
objectClass=organization
o=The Virtual Workshop
telephoneNumber=123.456.7890
Run: ldapadd –f newentry –D “cn=Manager, o=TVW, c=US” –w myPassword
Replace myPassword with the password specified in slapd.conf.
6. You can then verify that an entry has been created using the "ldapsearch" utility (example: ldapsearch telephoneNumber=123.456.7890), or look in the directory where you specify to store the LDAP database and look to see that it has created a few database files. Once the database is created, there should be no problems using JNDI to interface with LDAP.
Appendix A – OpenLDAP Config Files
slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/slapd.at.conf
include /usr/local/etc/openldap/slapd.oc.conf
schemacheck off
#referral ldap://root.openldap.org/
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "o=TVW, c=US"
rootdn "cn=Manager, o=TVW, c=US"
rootpw vrtp
#defaultaccess write
# cleartext passwords, especially for the rootdn, should
# be avoid. See slapd.conf(5) for details.
directory /usr/tmp/ldbm-tvw
ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable.
BASE o=TVW, c=US
HOST dino.virtualworkshop.com
#HOST ldap.openldap.org ldap-master.openldap.org:666
#PORT 389
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
Please follow the Link:
http://www.yolinux.com/TUTORIALS/LDAP_Authentication.html
First Download the RPM
ssh-1.2.27-7us.i386.rpm
ssh-clients-1.2.27-7us.i386.rpm
ssh-server-1.2.27-7us.i386.rpm
ssh-extras-1.2.27-7us.i386.rpm
You will then need to use rpm to install them.
rpm -Uvh ssh*
LDAP Client Login Authentication:
LDAP Installation and Configuration
Packages
OpenLDAP v1.2.9 (http://www.openldap.org/) – Open Source LDAP Server
GDBM v1.8.0 (http://www.gnu.org/gnulist/production/gdbm.html) – GNU dbm database routines
1. Install the above packages according to the documentation provided with the distribution.
2. Modify slapd.conf and ldap.conf which were installed in /usr/local/etc/openldap by default with v1.2.9. These are the main config files for the LDAP server. See Appendix A for sample config files.
3. Make sure that the directory specified for the ldbm database exists.
4. Start the slapd daemon (may need to use the –f command to point to slapd.conf, see man pages)
5. There is a small problem (as of v1.2.9) with OpenLDAP. An initial database is supposed to be created when you add the first entry into LDAP, however if you try to do this with JNDI, it doesn't seem to work correctly. To get around this problem, create the first entry using the command-line "ldapadd" utility provided with OpenLDAP.
Create a temporary file called newentry, an example is shown below:
o=TVW, c=US
objectClass=organization
o=The Virtual Workshop
telephoneNumber=123.456.7890
Run: ldapadd –f newentry –D “cn=Manager, o=TVW, c=US” –w myPassword
Replace myPassword with the password specified in slapd.conf.
6. You can then verify that an entry has been created using the "ldapsearch" utility (example: ldapsearch telephoneNumber=123.456.7890), or look in the directory where you specify to store the LDAP database and look to see that it has created a few database files. Once the database is created, there should be no problems using JNDI to interface with LDAP.
Appendix A – OpenLDAP Config Files
slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/slapd.at.conf
include /usr/local/etc/openldap/slapd.oc.conf
schemacheck off
#referral ldap://root.openldap.org/
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "o=TVW, c=US"
rootdn "cn=Manager, o=TVW, c=US"
rootpw vrtp
#defaultaccess write
# cleartext passwords, especially for the rootdn, should
# be avoid. See slapd.conf(5) for details.
directory /usr/tmp/ldbm-tvw
ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable.
BASE o=TVW, c=US
HOST dino.virtualworkshop.com
#HOST ldap.openldap.org ldap-master.openldap.org:666
#PORT 389
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
Please follow the Link:
http://www.yolinux.com/TUTORIALS/LDAP_Authentication.html
