Warning: strtotime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 56

Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 198

Instalação do LDAP e LDAP PHPLdapAdmin

E-mail Imprimir PDF

Confira os links:
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=6619
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=6619&pagina=2
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=6619&pagina=3
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=6619&pagina=4
http://www.vivaolinux.com.br/artigos/verArtigo.php?codigo=6619&pagina=5
http://developer.novell.com/wiki/index.php/HOWTO:_Configure_Ubuntu_for_Active_Directory_Authentication
http://planeta.ubuntubrasil.org/post/482

Instalação do LDAP e LDAP PHPLdapAdmin

Instalando base LDAP:

# aptitude install slapd

DNS domain name: vivaolinux.com.br (é o nome que daremos para o DNS)
Name of your organization: vivaolinux (é o nome de sua organização que será especificada na base dn)
Admin password: senha (coloque uma senha que será usada na conexão com a base)
Allow LDAPv2 protocol: YES (é muito importante habilitar esse item para ser compatível com aplicações que utilizam LDAPv2)

Edite o arquivo /etc/ldap/slapd e troque todos os dc para o dc que você quiser.

Ex: dc=vivaolinux,dc=com,dc=br
Ex: dc=empresa,dc=com

É o nome raiz que teremos.

Instalando sistema de gerenciamento LDAP PHPLdapAdmin:

PHPLdapAdmin é uma interface gráfica para gerenciar a base LDAP.

Primeiramente será necessário a instalação do Apache2 com suporte à PHP versão 5 ou 4 se preferir.

# aptitude install apache2 libapache2-mod-php5 php5 php5-cgi php5- ldap

Após isso instalaremos o phpldapadmin:

# aptitude install phpldapadmin

Pronto, abra o browser e visualize sua base, exemplo:

http://ip_do_servidor/phpldapadmin

Editar arquivo slapd.conf adicionando os logs

Editar o arquivo /etc/ldap/slapd.conf, adicionar os índices e editar o que há. Temos:

index           objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub

Os índices servem para concatenar as informações que pegaremos dos schemas, seria algo mais ou menos parecido com campos de banco de dados. Understand?

Após isso pare o slapd:

# invoke-rc.d slapd stop

DICA: Nunca recrie o índice com o LDAP rodando.

Recrie o índice, pois adicionamos novos índices ao arquivo slapd.conf:

# slapindex -v
# invoke-rc.d slapd start


Acerte o log do LDAP, edite o arquivo /etc/syslog.conf e insira a seguinte linha em seu final:

local4.* /var/log/ldap.log

É necessário a reinicialização do serviço de log:

# invoke-rc.d sysklogd restart

Edite o arquivo slapd.conf novamente e modifique o log de acordo com o que você quer armazenar. Exemplo:
  • -1 - log completo (mas carrega demais);
  • 8 - somente as conexões;
  • 0 - sem log (prefiro não jogar para log, só se tiver com problemas, daí alteramos para -1 pra ver o que está acontecendo).

Além desses tem vários. :)

Editar o arquivo ldap.conf

Edite o arquivo /etc/ldap/ldap.conf. O mesmo deverá conter as seguintes linhas:

BASE dc=vivaolinux,dc=com,dc=br #não tem espaço depois da vírgula!!
SIZELIMIT 0

Dê um restart no slapd e pronto, seu LDAP está praticamente pronto.

Para efetuar a busca na base via comandos segue a dica:

Instale agora a ferramenta de gerenciamento da base via shell:

# aptitude install ldapscripts

Se dermos um "ldapsearch -x" ele nos mostra a base inteira LDAP.

Esse comando será muito utilizado!

Criação de usuários e grupos

Prefiro criar todos os usuários e grupos via PHPLdapAdmin, mas por comando seria assim:

Para começarmos de forma correta criaremos 2 unidades organizacionais (OU) para organizarmos melhor nossa base.

Crie um arquivo .ldif (formato de intercâmbio para LDAP) - Ldap Interchange Format.

# touch insereou.ldif

Edite o insereou.ldif com:

dn: ou=Pessoas,dc=vivaolinux,dc=com,dc=br
ou: Pessoas
objectClass: organizationalUnit
objectClass: top

dn: ou=Grupos,dc=vivaolinux,dc=com,dc=br
ou: Grupos
objectClass: organizationalUnit
objectClass: top

Adicionando usuários e grupos na base. Crie um arquivo chamado adicionauser.ldif e edite:

dn: cn=nomedousuario,ou=Pessoas,dc=vivaolinux,dc=com,dc=br
givenName: nomedousuario
sn: sobrenome
cn: nomedousuario sobrenome
uid: nomedousuario
uidNumber: 1003
gidNumber: 1007 (gid do grupo)
homeDirectory: /home/nomedousuario
loginShell: /bin/false
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
mail: Este endereço de e-mail está protegido contra spambots. Você deve habilitar o JavaScript para visualizá-lo.

dn: cn=CPD,ou=Grupos,dc=beraca,dc=com,dc=br
cn: CPD
gidNumber: 1000
objectClass: posixGroup
objectClass: top

Após isso vamos adicioná-los na base:

# ldapsearch -x -LLL -D cn=admin,dc=vivaolinux,dc=com,dc=br -W

Para teste:

# ldapsearch -x :::::

Se visualizar os novos elementos significa que está ok!

Configurações para autenticar na base LDAP

Instalando o libnss-ldap (muitas vezes isso é instalado no momento da instalação do ldapscripts):

# aptitude install libpam-ldap

Respostas:

host address: IP da máquina
destinguished name ou dn: dc=vivaolinux,dc=com,dc=br
ldap version: 3
login database: no
readable/writable: no
OK

Instalando o libpam-ldap (muitas vezes isso é instalado no momento da instalação do ldapscripts):

# aptitude install libpam-ldap

Make local root database admin: yes
Database requires logging in: no
root login account: cn=admin,dc=vivaolinux,dc=com,dc=br
root passwd: senha do admin
local crypt to use when changing passwords: crypt

Editar o arquivo /etc/nsswitch.conf:

passwd:         compat ldap
group: compat ldap
shadow: compat ldap

O restante permanece a mesma coisa.

Agora iremos fazer com que o sistema busque os usuários na base LDAP.

Editar arquivo /etc/pam.d/common-account:

account sufficient pam_ldap.so
account required pam_unix.so
session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022

Editar o arquivo /etc/pam.d/common-auth:

auth    sufficient      pam_ldap.so
auth required pam_unix.so nullok_secure try_first_pass

Editar o arquivo /etc/common-password:

password sufficient pam_unix.so nullok obscure min=4 max=8 md5
password required pam_ldap.so try_first_pass

Editar o arquivo /etc/common-session:

session         sufficient      pam_ldap.so
session required pam_unix.so

Pronto! Sua base está autenticando no LDAP.

Sugestões e críticas serão bem vindas.

Fonte: Raphael Freitas
 

Warning: strftime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 250
Banner

Identificação

Visitantes


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 56

Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 57

Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 58

Warning: mktime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 59

Warning: mktime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 60

Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/modules/mod_vvisit_counter/helper.php on line 63
mod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_counter
mod_vvisit_counterHoje33
mod_vvisit_counterOntem20
mod_vvisit_counterEsta semana271
mod_vvisit_counterEste mês1942
mod_vvisit_counterTodos502057

Últimas Notícias


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 198

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_latestnews/helper.php on line 109

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_latestnews/helper.php on line 109

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_latestnews/helper.php on line 109

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_latestnews/helper.php on line 109

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_latestnews/helper.php on line 109

Mais Vistos


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 198

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /home/edifast0/public_html/corp/modules/mod_mostread/helper.php on line 79

Itens Relacionados


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 198

Newsflash


Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/edifast0/public_html/corp/libraries/joomla/utilities/date.php on line 198
SERVER NOT FOUND or TIME OUT