Manualshelf

Datasheet

ManualsBrandsNovell ManualsSoftware00662644465449-OEM
511512513514515516517518519520
“main” (Installation and Administration) 2004/6/25 13:29 page 486 #512
i
i
i
i
i
i
i
i
The following rootdn determines who owns administrator rights to this
server. The user declared here does not need to have an LDAP entry or
exist as regular user. The administrator password is set with rootpw. In-
stead of using secret here, it is possible to enter the hash of the admin-
istrator password created by slappasswd. The directory directive in-
dicates the directory (in the file system) where the database directories are
stored on the server. The last directive, index objectClass eq, results
in the maintenance of an index of all object classes. Attributes for which
users search most often can be added here according to experience. Custom
Access rules defined here for the database are used instead of the global
Access rules.
Starting and Stopping the Servers
Once the LDAP server is fully configured and all desired entries have been
made according to the pattern described in Section 21.8.4, start the LDAP
server as root by entering rcldap start. To stop the server manually,
enter the command rcldap stop. Request the status of the running LDAP
server with rcldap status.
The YaST runlevel editor, described in Section 11.5 on page 272, can be used
to have the server started and stopped automatically on boot and halt of
the system. It is also possible to create the corresponding links to the start
and stop scripts with the insserv command from a command prompt as
described in Section 11.4.1 on page 271.
21.8.4 Data Handling in the LDAP Directory
OpenLDAP offers a series of tools for the administration of data in the
LDAP directory. The four most important tools for adding to, deleting
from, searching through, and modifying the data stock are briefly ex-
plained below.
Inserting Data into an LDAP Directory
Once the configuration of your LDAP server in /etc/openldap/lsapd.
conf is correct and ready to go (it features appropriate entries for suffix,
directory, rootdn, rootpw, and index), proceed to entering records.
OpenLDAP offers the ldapadd command for this task. If possible, add
the objects to the database in bundles for practical reasons. LDAP is able
to process the LDIF format (LDAP data interchange format) for this. An
LDIF file is a simple text file that can contain an arbitrary number of pairs
486 21.8. LDAP — A Directory Service