[root@server ~]#Yum install openldap-servers openldap-clients
[root@server ~]#vi /etc/openldap/ldap.conf
17 BASE dc=server,dc=com
18 URI ldap://192.168.0.30
[root@server ~]#cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf
Cp
verwrite ‘/etc/openldap/slapd.conf’?y
[root@server ~]#cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
Cp
verwrite ‘/var/lib/ldap/DB_CONFIG’?y
[root@server ~]#slappasswd
New password:
Re-enter new password:
{SSHA}v5LeT/Da8H2bChQxWae5FToNYE9J/TNJ
[root@server ~]#vi /etc/openldap/slapd.conf
:%s/dc=my-domain/dc=server/g
124 rootpw {SSHA}v5LeT/Da8H2bChQxWae5FToNYE9J/TNJ
[root@server ~]#vi /root/root.ldif
#root
dn: dc=server,dc=com
dc: server
objectClass: dcObject
onjectClass: organizationalUnit
ou: server.com
#staff
dn: cn=root,ou=staff,dc=server,dc=com
ou: staff
cn: root
objectClass: organizationalUnit
[root@server ~]#rm –rf /etc/openldap/slapd.d/*
[root@server ~]#slapadd –n 2 –l /root/root.ldif
Performing database recovery to activate new settings
_############################# 100.00% eta none elapsed none fast!
Closing DB…
[root@server ~]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
Config file testing succeeded
[root@server ~]#chown –R ldap:ldap /var/lib/ldap
[root@server ~]#chown –R ldap:ldap /etc/openldap/slapd.d
[root@server ~]#chkconfig slapd on
[root@server ~]#service slapd start
Starting slapd: [OK]
[root@server ~]#rm –rf /etc/openldap/slapd.d/*
[root@server ~]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
Config file testing succeeded
[root@server ~]#service slapd restart
Stopping slapd: [OK]
Starting slapd: [OK]
[root@server ~]#cd /etc/pki/tls/certs
[root@server ~]#rm slapd.pem
rm: remove regular file ‘slapd.pem’?y
[root@server certs]#make slapd.pem
Country Name (2 letter code)[XX]:IT
(similarly answer the next few questions)
[root@server ~]# chown 650 slapd.pem
[root@server certs]# chown :ldap slapd.pem
[root@server certs]#ln -s /etc/pki/tls/certs/slapd.pem /etc/openldap/certs/slapd.pem
[root@server certs]#vi /etc/sysconfig/ldap
16 SLAPD_LDAPS=yes
[root@server certs]#vi /etc/openldap/slapd.conf
143 TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
144 TLSCertificateFile /etc/pki/tls/certs/slapd.pem
145 TLSCACertificateKeyFile /etc/pki/tls/certs/slapd.pem
[root@server certs]#vi /etc/openldap/ldap.conf
19 TLS_CACERTDIR /etc/openldap/cacerts
20 TLS_REQCERT never
[root@server certs]#rm –rf /etc/openldap/slapd.d/*
[root@server /]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
/etc/openldap/slapd.conf: line 145: unknown directive <TLSCACertificateKeyFile> inside backend database definition.
slaptest: bad configuration directory!
im new to linux.when i am Creating a slapd.d Configuration Directory for an openldap Server with the command slaptest i was not able to..it results some bad configuration directory error...why?how to clear the error.