版权声明:本文为博主九师兄(QQ群:spark源代码 198279782 欢迎来探讨技术)原创文章,未经博主允许不得转载。 https://blog.csdn.net/qq_21383435/article/details/83506791
文章目录
2. 安装phpLDAPadmin
2.1 安装
[root@cdh-server3 ~]# yum install phpldapadmin
[root@cdh-server3 ~]# rpm -qa | grep phpldapadmin
phpldapadmin-1.2.3-10.el7.noarch
[root@cdh-server3 ~]#
2.2 配置phpLDAPadmin
2.2.1 配置/etc/httpd/conf.d/phpldapadmin.conf允许从远程访问
第一处修改
[root@cdh-server1 ~]# vi /etc/httpd/conf.d/phpldapadmin.conf
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs
<Directory /usr/share/phpldapadmin/htdocs>
<IfModule mod_authz_core.c>
# Apache 2.4
Require local
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
修改为
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs
<Directory /usr/share/phpldapadmin/htdocs>
Order Deny,Allow
Allow from all
</Directory>
2.2.2 第二处修改Apache主配置文件httpd.conf
[root@cdh-server1 ~]# vi /etc/httpd/conf/httpd.conf
102 #<Directory />
103 # AllowOverride none
104 # Require all denied
105 #</Directory>
106
<Directory />
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
注释掉102-105添加107-110
不然会报错
Forbidden
You don't have permission to access /phpldapadmin/ on this server.
2.2.3 修改/etc/phpldapadmin/config.php配置用DN登录
[root@cdh-server1 ~]# vi /etc/phpldapadmin/config.php
$servers->setValue('login','attr','dn');
// $servers->setValue('login','attr','uid');
2.3 然后重启服务
启动
[root@cdh-server1 ~]# service httpd start
停止
[root@cdh-server1 ~]# service httpd stop
重启
[root@cdh-server1 ~]# systemctl restart httpd
查看状态
[root@cdh-server1 ~]# service httpd status
Redirecting to /bin/systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2018-10-22 19:00:33 CST; 7s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 22571 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
├─22571 /usr/sbin/httpd -DFOREGROUND
├─22572 /usr/sbin/httpd -DFOREGROUND
├─22574 /usr/sbin/httpd -DFOREGROUND
├─22575 /usr/sbin/httpd -DFOREGROUND
├─22576 /usr/sbin/httpd -DFOREGROUND
└─22577 /usr/sbin/httpd -DFOREGROUND
登录LDAP
DN填写:cn=Manager,dc=jf,dc=local
密码:ldap123
会发现出现这个问题This base cannot be created with PLA.或则无法登陆或者只能匿名登录
解决方法请看:https://blog.csdn.net/qq_21383435/article/details/83313583
2.4 登陆成功
但是界面上有些东西不能使用。
2.5 解决
2.5.1 导入基本Schema
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
导入之后,重启服务,发现还是不可以
2.5.2 配置phpldapadmin
[root@cdh-server3 ~]# vim /etc/phpldapadmin/config.php
536 -到-544添加以下几行
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array('dc=jf,dc=local')); # 需要修改
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','cn=Manager,dc=jf,dc=local');# 需要修改
$servers->setValue('login','bind_pass','ldap123');# 需要修改
$servers->setValue('server','tls',false);
然后重启
发现界面也是可以用了
