1、服务器端配置include /etc/openldap/schema/corba.schemainclude /etc/openldap/schema/core.schemainclude /etc/openldap/schema/cosine.schemainclude /etc/openldap/schema/duaconf.schemainclude /etc/openldap/schema/dyngroup.schemainclude /etc/openldap/schema/inetorgperson.schemainclude /etc/openldap/schema/java.schemainclude /etc/openldap/schema/misc.schemainclude /etc/openldap/schema/nis.schemainclude /etc/openldap/schema/openldap.schemainclude /etc/openldap/schema/ppolicy.schemainclude /etc/openldap/schema/collective.schemaallow bind_v2pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.argsdatabase bdb suffix "dc=example,dc=com" checkpoint 1024 15 rootdn"cn=Manager,dc=example,dc=com"rootpw redhatdirectory /var/lib/ldapindex objectClass eq,presindex ou,cn,mail,surname,givenname eq,pres,subindex uidNumber,gidNumber,loginShell eq,presindex uid,memberUid eq,pres,subdatabase monitoraccess to * by dn.exact="cn=Manager,dc=example,dc=com" read by * none
2、重启动ldap服务器在%LDAP_HOME%目录下,新建文件门钙蹲茌jmytest.ldif,示例内容如下:dn: dc=ib罪焐芡拂m.com,c=USobjectclass: domaindc: ibm.comdn: ou=Developer,dc=ibm.com,c=USobjectclass: organizationalUnitou: Developerdn: uid=Jimmy,ou=Developer,dc=ibm.com,c=USobjectclass: inetOrgPersonmail:**@cn.ibm.comsn:Zhangcn:Jimmy Zhang命令行模式下,停止LDAP服务,进入到%LDAP_HOME%目录下,执行命令:slapadd -v -l ./jmytest.ldif,会在控制台看到日志信息:如出现:100.00% eta none elapsed,表示导入成功
3、创建ldap用户目录:
4、编辑一个自动创建ldap用户的脚本: