Difference between revisions of "Cluster: New BobSCEd LDAP Log"
Jump to navigation
Jump to search
(Add command to get list of groups) |
|||
| (5 intermediate revisions by one other user not shown) | |||
| Line 5: | Line 5: | ||
** Follow quickstart guide: http://www.openldap.org/doc/admin24/quickstart.html | ** Follow quickstart guide: http://www.openldap.org/doc/admin24/quickstart.html | ||
* Workers and head node need to auth from it: | * Workers and head node need to auth from it: | ||
| − | ** yum install openldap-clients | + | ** yum install openldap-clients nss_ldap |
** http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html | ** http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html | ||
** Run <code>authconfig-tui</code> and enable LDAP | ** Run <code>authconfig-tui</code> and enable LDAP | ||
| Line 14: | Line 14: | ||
* -W means prompt for password | * -W means prompt for password | ||
| − | * Getting into ldapmodify: | + | * Getting into ldapmodify:= (see [http://docs.sun.com/source/816-6400-10/lmodify.html Sun's docs on ldapmodify]) |
:<code>ldapmodify -x -D "cn=admin,dc=bobsced,dc=loc" -W</code> | :<code>ldapmodify -x -D "cn=admin,dc=bobsced,dc=loc" -W</code> | ||
| + | |||
| + | * Getting list of groups on machine: | ||
| + | :<code>ldapsearch -x -b "ou=group,dc=cs,dc=earlham,dc=edu" -D "cn=admin,dc=cs,dc=earlham,dc=edu" -W > groups_cs.txt</code> | ||
| + | :<code>ldapsearch -x -b "ou=group,dc=cluster,dc=loc" -D "cn=Manager,dc=cluster,dc=loc" -W > groups_cluster.txt</code> | ||
== LDAP Base == | == LDAP Base == | ||
| Line 38: | Line 42: | ||
objectClass: posixGroup | objectClass: posixGroup | ||
cn: users | cn: users | ||
| − | gidNumber: | + | gidNumber: 115 |
memberUid: ... | memberUid: ... | ||
</pre> | </pre> | ||
| Line 53: | Line 57: | ||
shadowWarning: 7 | shadowWarning: 7 | ||
loginShell: /bin/bash | loginShell: /bin/bash | ||
| − | uidNumber: | + | uidNumber: 1273 |
| − | gidNumber: | + | gidNumber: 115 |
| − | homeDirectory: / | + | homeDirectory: /cluster/home/kwanous |
gecos: kwanous,, | gecos: kwanous,, | ||
</pre> | </pre> | ||
Latest revision as of 11:32, 22 September 2016
LDAP
- Head node: yum installed
openldap-servers.x86_64- Edited /etc/openldap/slapd.conf
- Ran slappasswd to set the ldap root password
- Follow quickstart guide: http://www.openldap.org/doc/admin24/quickstart.html
- Workers and head node need to auth from it:
- yum install openldap-clients nss_ldap
- http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html
- Run
authconfig-tuiand enable LDAP
Important Commands
Commands always need to be run with -x.
- -D are the credentials to bind with
- -W means prompt for password
- Getting into ldapmodify:= (see Sun's docs on ldapmodify)
ldapmodify -x -D "cn=admin,dc=bobsced,dc=loc" -W
- Getting list of groups on machine:
ldapsearch -x -b "ou=group,dc=cs,dc=earlham,dc=edu" -D "cn=admin,dc=cs,dc=earlham,dc=edu" -W > groups_cs.txtldapsearch -x -b "ou=group,dc=cluster,dc=loc" -D "cn=Manager,dc=cluster,dc=loc" -W > groups_cluster.txt
LDAP Base
dn: ou=people,dc=bobsced,dc=loc ou: people objectClass: top objectClass: organizationalUnit dn: ou=group,dc=bobsced,dc=loc ou: group objectClass: top objectClass: organizationalUnit dn: cn=admins,ou=group,dc=bobsced,dc=loc objectClass: posixGroup cn: admins gidNumber: 1000 memberUid: ... dn: cn=users,ou=group,dc=bobsced,dc=loc objectClass: posixGroup cn: users gidNumber: 115 memberUid: ...
A user looks like this:
dn: uid=kwanous,ou=people,dc=bobsced,dc=loc uid: kwanous cn: kwanous objectClass: account objectClass: posixAccount objectClass: shadowAccount shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1273 gidNumber: 115 homeDirectory: /cluster/home/kwanous gecos: kwanous,,
