OpenLDAP 使用 Berkeley DB (一個層次型數據庫,注意:與RDBMS不同) 存儲數據
7.1 配置OpenLDAP
[root@Linux root]vi /etc/openldap/slapd.conf
include /etc/openldap/schema/pureFTPd.schema
suffix "dc=gdfz,dc=com"
rootdn "cn=Manager,dc=gdfz,dc=com"
rootpw {crypt}sa0hRW/W3DLvQ
[root@linux root]service ldap restart
7.2 rootdn的結構
rootdn:dc=gdfz,dc=com
-----cn=one, dc=gdfz,dc=com
--- objectClass: posixAccount
---cn: joe
---uid: joe
---uidNumber: 500
---gidNumber: 500
---homeDirectory: /home/joe
---userPassWord: {crypt}saO3qRXM8wjUE
---- cn=xxx-1, dc=gdfz,dc=com
--- …………………………
--- …………………………
---- cn=xxx-n, dc=gdfz,dc=com
---- ou=two, dc=gdfz,dc=com
---- cn=one,ou=two, dc=gdfz,dc=com
--- objectClass: posixAccount
---cn: joe
---uid: joe
---uidNumber: 500
---gidNumber: 500
---homeDirectory: /home/joe
---userPassword: {crypt}saO3qRXM8wjUE
---- cn=two,ou=two, dc=gdfz,dc=com
--- …………………………
--- …………………………
---- cn=there,ou=two, dc=gdfz,dc=com
---- ou=other, dc=gdfz,dc=com
---- cn=one,ou=other, dc=gdfz,dc=com
---- cn=two,ou=other, dc=gdfz,dc=com
7.3 創建dn
[root@linux root]# cat base-dn.ldif
dn: dc=gdfz,dc=com
objectClass: person
cn: gdfz
sn: gdfz
ldapadd -x -D "cn=manager,dc=gdfz,dc=com" -w [你的rootpw密碼] -f base-dn.ldif
[root@linux etc]# cat pureftpd.ldif
dn: cn=joe,dc=gdfz,dc=com
objectClass: posixAccount
cn: joe
uid: joe
uidNumber: 500
gidNumber: 500
homeDirectory: /home/joe
userPassword: {crypt}saO3qRXM8wjUE
[root@linux root]#ldapadd -x -D "cn=manager,dc=gdfz,dc=com" -w [你的rootpw密碼] -f pureftpd.ldif
[root@linux root]# cat pureftpd.ldif
dn: uid=chen,dc=gdfz,dc=com
objectClass: posixAccount
cn: chen
uid:chen
uidnumber:501
gidNumber:501
homeDirectory: /home/chen
userPassword: {crypt}$1$chen$y13/Ao8O3O/9jhSSCPFZg0
objectClass: PureFTPdUser
FTPStatus: enabled
FTPQuotaFiles: 50
FTPQuotaMBytes: 10
FTPDownloadBandwidth: 50
FTPUploadBandwidth: 50
FTPDownloadRatio: 5
FTPUploadRatio: 1
[root@linux root]# ldapadd -x -D "cn=manager,dc=gdfz,dc=com" -w [你的rootpw密碼] -f pureftpd.ldif
7.4 pureftpd-ldap.conf
LDAPServer localhost
# Optional : server port. Default : 389
LDAPPort 389
# Mandatory : the base DN to search accounts from. No default.
LDAPBaseDN dc=gdfz,dc=com
# Optional : who we should bind the server as.
# Default : binds anonymously
LDAPBindDN cn=Manager,dc=gdfz,dc=com
# Password if we don't bind anonymously
# This configuration file should be only readable by root
LDAPBindPW chen
7.5 測試pureftpd
啟動pureftpd
[root@linux root]# /usr/local/pureftpd/bin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf
測試pureftpd
[root@linux root]ncftp ftp://chen:passwd@localhost:21
>