Appendix OpenLDAP ミラーモードレプリケーション
設定のポイント
serverIDを重複しないように割り当てる。
ridには相手のserverIDを指定する。
providerには相手のサーバーアドレスを指定する。
olcMirrorModeを有効化する。
(補足)
OpenLDAP2.5からolcMirrorModeがolcMultiProviderに変更されているのでOpenLDAP2.6を使っている本記事ではolcMirrorModeと設定してもolcMultiProviderに表示されている。
プロバイダ側の設定:rocky9-ldap23
オーバーレイでsyncprovを追加する
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# vi setup-syncrepl-addsyncprov.ldif
dn: cn=module{0},cn=config
objectClass: olcModulelist
cn: module
olcModulePath: /usr/lib64/openldap
olcModuleLoad: syncprov.la
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-addsyncprov.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "cn=module{0},cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}syncprov.la
[root@rocky9-ldap23 openldap]#syncprovを有効化する
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# vi setup-syncrepl-enablesyncprov.ldif
dn: olcOverlay=syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpSessionLog: 1000
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-enablesyncprov.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcOverlay=syncprov,olcDatabase={2}mdb,cn=config"
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpSessionlog: 1000
[root@rocky9-ldap23 openldap]#サーバーIDを追加する
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# vi setup-syncrepl-serverid.ldif
dn: cn=config
changetype: modify
add: olcServerID
olcServerID: 001
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-serverid.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "cn=config"
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" olcServerID
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: cn=config
olcServerID: 001
dn: cn=module{0},cn=config
dn: cn=schema,cn=config
dn: cn={0}core,cn=schema,cn=config
dn: cn={1}cosine,cn=schema,cn=config
dn: cn={2}inetorgperson,cn=schema,cn=config
dn: cn={3}nis,cn=schema,cn=config
dn: olcDatabase={-1}frontend,cn=config
dn: olcDatabase={0}config,cn=config
dn: olcDatabase={1}monitor,cn=config
dn: olcDatabase={2}mdb,cn=config
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
[root@rocky9-ldap23 openldap]#ミラーモードを有効化する
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# vi setup-syncrepl-mirrormode.ldif
dn: olcDatabase={2}mdb,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=002 <---★ コンシューマのrid
provider=ldap://192.168.56.24:389/ <---★ コンシューマのアドレス
bindmethod=simple
binddn="cn=Manager,dc=example,dc=co,dc=jp"
credentials=password
searchbase="dc=example,dc=co,dc=jp"
scope=sub
schemachecking=on
type=refreshAndPersist
retry="30 5 300 3"
interval=00:00:05:00
-
add: olcMirrorMode
olcMirrorMode: TRUE
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-mirrormode.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={2}mdb,cn=config"
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcDatabase={2}mdb,cn=config" olcSyncrepl
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={2}mdb,cn=config
olcSyncrepl: {0}rid=002 provider=ldap://192.168.56.24:389/ bindmethod=simple b
inddn="cn=Manager,dc=example,dc=co,dc=jp" credentials=password searchbase="dc
=example,dc=co,dc=jp" scope=sub schemachecking=on type=refreshAndPersist retr
y="30 5 300 3" interval=00:00:05:00
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcDatabase={2}mdb,cn=config" olcMirrorMode
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={2}mdb,cn=config
olcMultiProvider: TRUE
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
[root@rocky9-ldap23 openldap]#コンシューマ側の設定:rocky9-ldap24
オーバーレイでsyncprovを追加する
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# vi setup-syncrepl-addsyncprov.ldif
dn: cn=module{0},cn=config
objectClass: olcModulelist
cn: module
olcModulePath: /usr/lib64/openldap
olcModuleLoad: syncprov.la
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-addsyncprov.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
[root@rocky9-ldap24 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "cn=module{0},cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}syncprov.la
[root@rocky9-ldap23 openldap]#syncprovを有効化する
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# vi setup-syncrepl-enablesyncprov.ldif
dn: olcOverlay=syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: syncprov
olcSpSessionLog: 1000
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-enablesyncprov.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcOverlay=syncprov,olcDatabase={2}mdb,cn=config"
[root@rocky9-ldap24 openldap]#[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpSessionlog: 1000
[root@rocky9-ldap24 openldap]#サーバIDを設定する
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# vi setup-syncrepl-serverid.ldif
dn: cn=config
changetype: modify
add: olcServerID
olcServerID: 002
[root@rocky9-ldap24 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-serverid.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "cn=config"
[root@rocky9-ldap24 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" olcServerID
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: cn=config
olcServerID: 002
dn: cn=module{0},cn=config
dn: cn=schema,cn=config
dn: cn={0}core,cn=schema,cn=config
dn: cn={1}cosine,cn=schema,cn=config
dn: cn={2}inetorgperson,cn=schema,cn=config
dn: cn={3}nis,cn=schema,cn=config
dn: olcDatabase={-1}frontend,cn=config
dn: olcDatabase={0}config,cn=config
dn: olcDatabase={1}monitor,cn=config
dn: olcDatabase={2}mdb,cn=config
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
[root@rocky9-ldap24 openldap]#ミラーモードを有効化する
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# vi setup-syncrepl-mirrormode.ldif
dn: olcDatabase={2}mdb,cn=config
changetype: modify
add: olcSyncRepl
olcSyncRepl: rid=001 <---★ プロバイダのrid
provider=ldap://192.168.56.24:389/ <---★ プロバイダのアドレス
bindmethod=simple
binddn="cn=Manager,dc=example,dc=co,dc=jp"
credentials=password
searchbase="dc=example,dc=co,dc=jp"
scope=sub
schemachecking=on
type=refreshAndPersist
retry="30 5 300 3"
interval=00:00:05:00
-
add: olcMirrorMode
olcMirrorMode: TRUE
[root@rocky9-ldap24 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f setup-syncrepl-mirrormode.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
ldapadd: wrong attributeType at line 5, entry "olcDatabase={2}mdb,cn=config"
[root@rocky9-ldap23 openldap]#[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcDatabase={2}mdb,cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={2}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {2}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=co,dc=jp
olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=Manager,dc=hwdo
main,dc=lan" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=Manager,dc=example,dc=co,dc=jp" write by * read
olcRootDN: cn=Manager,dc=example,dc=co,dc=jp
olcRootPW: {SSHA}QBGJJEMP1rLuEqNTeoNH5oRINY+Nysph
olcDbIndex: objectClass eq,pres
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
olcSyncrepl: {0}rid=001 provider=ldap://192.168.56.23:389/ bindmethod=simple b
inddn="cn=Manager,dc=example,dc=co,dc=jp" credentials=password searchbase="dc
=example,dc=co,dc=jp" scope=sub schemachecking=on type=refreshAndPersist retr
y="30 5 300 3" interval=00:00:05:00
olcMultiProvider: TRUE
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpSessionlog: 1000
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "olcDatabase={2}mdb,cn=config" olcMirrorMode
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={2}mdb,cn=config
olcMultiProvider: TRUE
dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
[root@rocky9-ldap24 openldap]#動作確認
ネットワークの観点で確認
type=refreshAndPersistとしているので双方で常時TCPコネクションを張っている。
★ プロバイダ側のネットワーク状況 ★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ss -ant
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 2048 0.0.0.0:636 0.0.0.0:*
LISTEN 0 2048 0.0.0.0:389 0.0.0.0:*
ESTAB 0 0 192.168.56.23:389 192.168.56.24:33846
ESTAB 0 0 192.168.56.23:59786 192.168.56.24:389
[root@rocky9-ldap23 openlap]#★ コンシューマ側のネットワーク状況 ★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ss -ant
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 2048 0.0.0.0:636 0.0.0.0:*
LISTEN 0 2048 0.0.0.0:389 0.0.0.0:*
ESTAB 0 0 192.168.56.24:33846 192.168.56.23:389
ESTAB 0 0 192.168.56.24:389 192.168.56.23:59786
[root@rocky9-ldap24 openldap]#ユーザー追加
プロバイダ側でuser01を、コンシューマ側でuser02を追加してみる。
★ ユーザー追加前 プロバイダ側★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user01
Enter LDAP Password:
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user02
Enter LDAP Password:
[root@rocky9-ldap23 openldap]#
★ ユーザー追加前 コンシューマ側★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user01
Enter LDAP Password:
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user02
Enter LDAP Password:
[root@rocky9-ldap24 openldap]#★ プロバイダ側で追加するユーザー user01 ★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# cat setup-adduser-user01.ldif
dn: uid=user01,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user00
sn: example
userPassword: {SSHA}rE0zyJNP9W87MKHgicLCeYqW+ZFTeYhr
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/user01
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
dn: cn=user01,ou=Groups,dc=example,dc=co,dc=jp
objectClass: posixGroup
cn: user00
gidNumber: 1001
memberUid: user01
[root@rocky9-ldap23 openldap]#
★ コンシューマ側で追加するユーザー user01 ★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# cat setup-adduser-user02.ldif
dn: uid=user02,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user02
sn: example
userPassword: {SSHA}o9dmx6J22dLXZOlILffSrbu2YOFRMpt3
loginShell: /bin/bash
uidNumber: 1002
gidNumber: 1002
homeDirectory: /home/user02
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
dn: cn=user02,ou=Groups,dc=example,dc=co,dc=jp
objectClass: posixGroup
cn: user00
gidNumber: 1002
memberUid: user02
[root@rocky9-ldap24 openldap]#★ プロバイダ側でユーザー追加 ★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapadd -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -f setup-adduser-user01.ldif
Enter LDAP Password:
adding new entry "uid=user01,ou=Users,dc=example,dc=co,dc=jp"
adding new entry "cn=user01,ou=Groups,dc=example,dc=co,dc=jp"
[root@rocky9-ldap23 openldap]#
★ プロバイダ側で確認 ★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user01
Enter LDAP Password:
dn: uid=user01,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user00
sn: example
userPassword:: e1NTSEF9ckUwenlKTlA5Vzg3TUtIZ2ljTENlWXFXK1pGVGVZaHI=
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/user01
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
uid: user01
[root@rocky9-ldap23 openldap]#
★ コンシューマ側で確認 = ミラーモードで同期されている ★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user01
Enter LDAP Password:
dn: uid=user01,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user00
sn: example
userPassword:: e1NTSEF9ckUwenlKTlA5Vzg3TUtIZ2ljTENlWXFXK1pGVGVZaHI=
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/user01
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
uid: user01
[root@rocky9-ldap24 openldap]#★ コンシューマ側でユーザー追加 ★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapadd -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -f setup-adduser-user02.ldif
Enter LDAP Password:
adding new entry "uid=user02,ou=Users,dc=example,dc=co,dc=jp"
adding new entry "cn=user02,ou=Groups,dc=example,dc=co,dc=jp"
[root@rocky9-ldap24 openldap]#
★ プロバイダ側で確認 = ミラーモードで同期されている ★
[root@rocky9-ldap23 openldap]#
[root@rocky9-ldap23 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user02
Enter LDAP Password:
dn: uid=user02,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user02
sn: example
userPassword:: e1NTSEF9bzlkbXg2SjIyZExYWk9sSUxmZlNyYnUyWU9GUk1wdDM=
loginShell: /bin/bash
uidNumber: 1002
gidNumber: 1002
homeDirectory: /home/user02
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
uid: user02
[root@rocky9-ldap23 openldap]#
★ コンシューマ側で確認 ★
[root@rocky9-ldap24 openldap]#
[root@rocky9-ldap24 openldap]# ldapsearch -LLL -x -W -D "cn=Manager,dc=example,dc=co,dc=jp" -b "dc=example,dc=co,dc=jp" uid=user02
Enter LDAP Password:
dn: uid=user02,ou=Users,dc=example,dc=co,dc=jp
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: user02
sn: example
userPassword:: e1NTSEF9bzlkbXg2SjIyZExYWk9sSUxmZlNyYnUyWU9GUk1wdDM=
loginShell: /bin/bash
uidNumber: 1002
gidNumber: 1002
homeDirectory: /home/user02
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
uid: user02
[root@rocky9-ldap24 openldap]#参考文献
この記事が気に入ったらサポートをしてみませんか?