Friday, 31 May 2013

How to configure openldap in RHel5

                     
                                          How to configure openldap Server on RHEL5

 First install packages for openldap

root@bhandari#] yum install openldap-servers

Now set the ldap admin password

root@bhandari#] slappasswd
New password:
Re-enter new password:
{SSHA}WifrivWxRE4Mx2uupJ+e9kz2Pc2uFHQJ

Now switch to the mention location

root@bhandari#] cd /etc/openldap/

Open the configuration file and edit it

root@bhandari#] vim slapd.conf

database        bdb
suffix          "dc=example,dc=com"
rootdn          "cn=Manager,dc=example,dc=com"
rootpw          {SSHA}WifrivWxRE4Mx2uupJ+e9kz2Pc2uFHQJ

Now maintain database cache by using following command

root@bhandari#] cp DB_CONFIG.example /var/lib/ldap/DB_CONFIG

root@bhandari#] chown -Rf ldap:ldap /var/lib/ldap/

Now test our configuration by running this command

root@bhandari#] slaptest

Now start ldap service

root@bhandari#] /etc/init.d/ldap start;chkconfig ldap on

Create the users for ldap by using script.

root@bhandari#] vim user.sh
#!/bin/bash
for i in {1..10};do
useradd -d /home/domain/ldapuser$i ldapuser$i
echo "redhat"|passwd --stdin ldapuser$i > /dev/null
done

root@bhandari#] cat /etc/passwd | grep ldapuser > /root/passwd

root@bhandari#] cat /etc/group | grep ldapuser > /root/group

root@bhandari#] cd /usr/share/openldap/migration

root@bhandari#] vim migrate_common.ph
# Default base
$DEFAULT_BASE = "dc=example,dc=com";

root@bhandari#] ./migrate_passwd.pl /root/passwd > /root/passwd.ldif

root@bhandari#] ./migrate_group.pl /root/group > /root/group.ldif

Now create the base ldif file

root@bhandari#] vim base.ldif

dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain

dn: ou=People,dc=example,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

dn: ou=Group,dc=example,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit

dn: ou=don,dc=example,dc=com
ou: don
objectClass: top
objectClass: organizationalUnit

First add base ldif in openldap database

root@bhandari#] ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /root/base.ldif

Now add users and groups

root@bhandari#] ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /root/passwd.ldif

root@bhandari#] ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /root/group.ldif

we use nfs for sharing home directory to client machine.

root@bhandari#] yum install nfs

root@bhandari#] vim /etc/exports

/home/domain *(rw,sync)

root@bhandari#] /etc/init.d/nfs start;chkconfig nfs on

you can check ldap server users by run command

[root@bhandari#] ldapsearch -x -b "dc=example,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.com
dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain

# People, example.com
dn: ou=People,dc=example,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

# Group, example.com
dn: ou=Group,dc=example,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit

# don, example.com
dn: ou=don,dc=example,dc=com
ou: don
objectClass: top
objectClass: organizationalUnit

# ldapuser1, People, example.com
dn: uid=ldapuser1,ou=People,dc=example,dc=com
uid: ldapuser1
cn: ldapuser1
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJDc4Ri5INFN0JFQyOEhTdUg4UjJLVFJzYTN5S0RVaTA=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 500
gidNumber: 500
homeDirectory: /home/domain/ldapuser1

# ldapuser2, People, example.com
dn: uid=ldapuser2,ou=People,dc=example,dc=com
uid: ldapuser2
cn: ldapuser2
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJGpHZERnWTdjJGx1Uk1Fa0svWGlkN2JqeWREdE0uMzE=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 501
gidNumber: 501
homeDirectory: /home/domain/ldapuser2

# ldapuser3, People, example.com
dn: uid=ldapuser3,ou=People,dc=example,dc=com
uid: ldapuser3
cn: ldapuser3
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJDFiZGJxVk9YJEVZQkc3UldpTlAxS3B2cEhmNERxMy8=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 502
gidNumber: 502
homeDirectory: /home/domain/ldapuser3

# ldapuser4, People, example.com
dn: uid=ldapuser4,ou=People,dc=example,dc=com
uid: ldapuser4
cn: ldapuser4
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJEJLalIxS2dJJER0T3ZtNEU5czZyOTNIVnhRSUNpMzE=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 503
gidNumber: 503
homeDirectory: /home/domain/ldapuser4

# ldapuser5, People, example.com
dn: uid=ldapuser5,ou=People,dc=example,dc=com
uid: ldapuser5
cn: ldapuser5
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJEVCRlM5M3owJHVoS2xDQXNmUGh5cUI0Ni95ckVvNzA=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 504
gidNumber: 504
homeDirectory: /home/domain/ldapuser5

# ldapuser6, People, example.com
dn: uid=ldapuser6,ou=People,dc=example,dc=com
uid: ldapuser6
cn: ldapuser6
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJHZ1RWNQZTYyJFpQRTQvZjI3ZnRncjJ4dzZFZ2JTYi8=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 505
gidNumber: 505
homeDirectory: /home/domain/ldapuser6

# ldapuser7, People, example.com
dn: uid=ldapuser7,ou=People,dc=example,dc=com
uid: ldapuser7
cn: ldapuser7
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJHFSL0xIZUp0JDBmc3o4cnFhZFlQZHZ3WG5VTHAyeC8=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 506
gidNumber: 506
homeDirectory: /home/domain/ldapuser7

# ldapuser8, People, example.com
dn: uid=ldapuser8,ou=People,dc=example,dc=com
uid: ldapuser8
cn: ldapuser8
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJFJQREJKc1lZJGJtYWtwR2FBTklnMHBSZE9ZSlNHVC8=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 507
gidNumber: 507
homeDirectory: /home/domain/ldapuser8

# ldapuser9, People, example.com
dn: uid=ldapuser9,ou=People,dc=example,dc=com
uid: ldapuser9
cn: ldapuser9
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJGNCcW5ENnVpJGEyRmYwLmdnbmVacFIvQ1c3dEV6Vy8=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 508
gidNumber: 508
homeDirectory: /home/domain/ldapuser9

# ldapuser10, People, example.com
dn: uid=ldapuser10,ou=People,dc=example,dc=com
uid: ldapuser10
cn: ldapuser10
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJE9BbDJRSTZ6JEhIVWpiTXZQb09XQko1cmNVVkdWUzA=
shadowLastChange: 15856
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 509
gidNumber: 509
homeDirectory: /home/domain/ldapuser10

# ldapuser1, Group, example.com
dn: cn=ldapuser1,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser1
userPassword:: e2NyeXB0fXg=
gidNumber: 500

# ldapuser2, Group, example.com
dn: cn=ldapuser2,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser2
userPassword:: e2NyeXB0fXg=
gidNumber: 501

# ldapuser3, Group, example.com
dn: cn=ldapuser3,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser3
userPassword:: e2NyeXB0fXg=
gidNumber: 502

# ldapuser4, Group, example.com
dn: cn=ldapuser4,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser4
userPassword:: e2NyeXB0fXg=
gidNumber: 503

# ldapuser5, Group, example.com
dn: cn=ldapuser5,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser5
userPassword:: e2NyeXB0fXg=
gidNumber: 504

# ldapuser6, Group, example.com
dn: cn=ldapuser6,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser6
userPassword:: e2NyeXB0fXg=
gidNumber: 505

# ldapuser7, Group, example.com
dn: cn=ldapuser7,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser7
userPassword:: e2NyeXB0fXg=
gidNumber: 506

# ldapuser8, Group, example.com
dn: cn=ldapuser8,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser8
userPassword:: e2NyeXB0fXg=
gidNumber: 507

# ldapuser9, Group, example.com
dn: cn=ldapuser9,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser9
userPassword:: e2NyeXB0fXg=
gidNumber: 508

# ldapuser10, Group, example.com
dn: cn=ldapuser10,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser10
userPassword:: e2NyeXB0fXg=
gidNumber: 509

# search result
search: 2
result: 0 Success

# numResponses: 25
# numEntries: 24

Thanks & Regards
Manish Bhandari
Posted by at No comments:

Wednesday, 29 May 2013

How to configure Yum server in Rhel5, Rhel6,


                                             How to configure Yum server in Rhel6

What is Yum Server?

 YUM stands for Yellow dog Updater Modified, is a easy way to install, update  rpm packages on linux operating system and also there dependencies automatically.

Why is need?

In RHEL4 installing packages is a tedious process, some times its headache to install all the dependencies. So Red-hat come with a solution to overcome this dependencies problem in most situations, the solution for this is nothing but YUM implementation. This will resolve this dependency issue and other known issues.

In Rhel we can create two type of yum servers.


  • Local yum server
  • Sharing yum server  

Now I am going to configure local yum server.

1. First you create the directory where you copy the DVD.

root@localhost#] mkdir /yum

mount the DVD

root@localhost#] mount /media/DVD /yum
root@localhost#] cd /media/DVD
root@localhost#] cp -rv * /yum

now create the repo file for yum server

root@localhost#] vim /etc/yum.repos.d/server.repo
[yum]
name=yum
baseurl=file:///yum
enabled=1
gpgcheck=0

After you can check it by using this command

root@localhost#] yum list all

 Now I am going to create sharing yum server in linux

We can use yum server in network as yum client through FTP and HTTP.

First you install vsftpd package for FTP

root@localhost#] rpm -ivh vsftpd

after that you mount the DVD as you want like mnt

root@localhots#] mount /media/DVD /mnt

and copy it into ftp default location.

root@localhost#] cd /mnt

root@localhost#] cp -rv * /var/ftp/pub

Now create the repo file in server

root@localhost#] vim /etc/yum.repos.d/server.repo
[server]
name=yum
baseurl=file:///var/ftp/pub
gpgcheck=0

Now if client want to use yum sverer then he can used through FTP or HTTP

On client side

root@localhost#] vim /etc/yum.repos.d/client.repo
[server]
name=yum
baseurl=ftp://192.168.2.1/pub/
gpgcheck=0

Now you can check it through command

root@localhost#] yum list all

We can do same from httpd
Posted by at No comments:
Subscribe to: Posts (Atom)