当前位置：网站首页>Drqueueonrails integrated LDAP authentication

Drqueueonrails integrated LDAP authentication

2022-06-12 11:14:00 【Brother Xing plays with the clouds】

Doing it colony Encountered in rendering management software LDAP problem ,DrQueueOnRails yes DrQueue Of ruby web Interface , Only LDAP A verification method , You have the following installation steps .

Catalog

1 install LDAP
2 modify LDAP The configuration file
3 modify slapd.conf
4 ldap_bind: Invalid credentials (49) Wrong problem solving

install LDAP

yum install openldap-servers openldap-clients

Modify hostname ：

hostname master.local.com
sysctl -w kernel.hostname=master.local.com
echo '192.168.8.123 master.local.com master' >> /etc/hosts
sed -i 's/HOSTNAME=.*$/HOSTNAME=master.local.com/g' /etc/sysconfig/network

modify LDAP The configuration file

vim /etc/openldap/ldap.conf
BASE dc=local.com
URI ldap://192.168.8.123

cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown -R ldap:ldap /var/lib/ldap

modify slapd.conf

vim /etc/openldap/slapd.conf
 Find and modify the following ： 
suffix             "dc=local.com"
rootdn          "cn=master,dc=local.com"
rootpw          geek          #ldapadd  Time to use the password , Use two in the middle  TAB  key

Test the configuration file for correctness ：

slaptest -u -f /etc/openldap/slapd.conf 
config file testing succeeded

Create a user to be authenticated ：

useradd geek
echo '123456' | passwd --stdin geek

Install the migration tool ：

yum -y install migrationtools

Some scripts for migrating user related information will be placed in /usr/share/migrationtools Next Modify the migration script ：

vim /usr/share/migrationtools/migrate_common.ph
# Default DNS domain
$DEFAULT_MAIL_DOMAIN = "local.com";

# Default base 
$DEFAULT_BASE = "dc=local.com";

Create basic data file ：

cd /usr/share/migrationtools/
./migrate_base.pl  >  base.ldif

edit base.ldif file , Delete other entries , Keep the following information ：

dn: dc=local.com
dc: local.com
objectClass: top
objectClass: domain

dn: ou=People,dc=local.com
ou: People
objectClass: top
objectClass: organizationalUnit

dn: ou=Group,dc=local.com
ou: Group
objectClass: top
objectClass: organizationalUnit

Create user database file ：

./migrate_passwd.pl /etc/passwd  ./user.ldif

edit user.ldif file , Only keep geek User related entries ：

dn: uid=geek,ou=People,dc=local.com
uid: geek
cn: geek
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}$6$tFEuTisK$PA0x.Ib1nOmiafK4wedqTnT06nQGJxVnzzpHQYu1O8SPXy5o32KkXKzzkn3w1LM0vpauFgjDQ4FudpnoS2t6O.
shadowLastChange: 15907
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 500
gidNumber: 500
homeDirectory: /home/geek

Create a user group database file ：

./migrate_group.pl /etc/group  groups.ldif

edit groups.ldif file , Only keep geek Group entries ：

dn: cn=geek,ou=Group,dc=local.com
objectClass: posixGroup
objectClass: top
cn: geek
userPassword: {crypt}x
gidNumber: 500

Start the service ：

/etc/init.d/slapd restart
chkconfig slapd on

Add... In turn base.ldif、user.ldif、groups.ldif To LDAP in ：

ldapadd  -D "cn=master,dc=local.com" -W  -x  -f  base.ldif
Enter LDAP Password:                                                                   #  Enter in  /etc/openldap/slapd.conf  in  rootpw  Item value .
ldap_bind: Invalid credentials (49)

ldap_bind: Invalid credentials (49) Wrong problem solving

If the above error occurs , Check whether the password corresponds to . Or regenerate slapd.d Configuration data under ：

rm -fr /etc/openldap/slapd.d/*
slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
chown -R ldap:ldap /etc/openldap/slapd.d/
/etc/init.d/slapd restart

So there's no problem .

edit DrQueueOnRails Directory config Under the env file ：

vim .../DrQueueOnRails/config/environment.rb
# LDAP variables
ENV['LDAP_TREEBASE'] ||= "dc=local.com"
ENV['LDAP_HOST'] ||= "master.local.com"
ENV['LDAP_PORT'] ||= "389"
ENV['LDAP_FILTER'] ||= "uid"
ENV['LDAP_ATTRS'] ||= "cn"

# user status, quota (disk space in GB), job priorities 
ENV['USER_STATUS'] ||= "demo,student,advanced,admin,ldapuser1"               # Add a new user here 
ENV['USER_QUOTA'] ||= "0.5,5,15,35,55,55"                                      #  User's disk quota 
ENV['USER_PRIO'] ||= "100,500,750,1000,2000,2000"                    #  The priority of the user when executing a task 
ENV['USER_ADMIN_PW'] ||= "password"

After the change, try again db once . Add... To the database ldap User record ：

mysql -uroot -p
use DrQueueOnRails;
insert into profiles(name,email,avatar,ldap_account,status,accepted) values('Geek Account','[email protected]','NULL','geek','geek','0');

restart apache, You can use it ldap The user logged in .

原网站

版权声明
本文为[Brother Xing plays with the clouds]所创，转载请带上原文链接，感谢
https://yzsam.com/2022/163/202206121034210054.html