Revision [3600]
This is an old revision of MikeShultz made by MikeShultz on 2015-06-06 15:21:18.
Mike Shultz
Random Notes
Test LDAP Setup
These instructions are to setup the OpenNIC object schemas in slapd. This will only work on systems that use the cn=config type of configuration(not slapd.conf). It has been tested on Debian 8.
1) Install OpenLDAP(slapd)
Follow documentation for your specific distribution to install slapd.
Copy the provided courier.schema and dnsdomain2.schema to /etc/ldap/schema/. Start slapd afterwards. New object schemas should now be available but the config has to be regenerated.
Debian
If you are not prompted for initial configuration, you can reconfigure the package with the following command.
dpkg-reconfigure slapd
NOTE: Initial configuration must be set with a baseDN of dc=opennic,dc=glue.
2) Test Connection and Base Schema
If everything has been setup correctly, the following should work. You will be prompted for the administrator password.
ldapsearch -h localhost -D "cn=admin,dc=opennic,dc=glue" -W -b "dc=opennic,dc=glue" -s "base" "(objectclass=*)"
3) Create dnsschema.conf
Create /tmp/dnsschema.conf with the schemas you would like to use. As an example:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/dnsdomain2.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/dnsdomain2.schema
4) Create Temp Config Directory
Create a directory to create the new LDAP configuration.
mkdir /tmp/dnsschema.d
5) Generate Temporary Config
Populate the test directory with a base config.
slaptest -f /tmp/dnsschema.conf -F /tmp/dnsschema.d/
6) Verify Config
Check and make sure the /tmp/dnsschema.d/ directory has cn=config, which should suggest that the config has been created successfully.
7) Make Necessary Changes to LDIFs
Edit the new dnsdomain2.ldif(should be at /tmp/dnsschema.d/cn\=config/cn\=schema/cn\=\{*\}dnsdomain2.ldif) in the temporary config. Change the first few lines so it looks something like the following:
dn: cn=dnsdomain2,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: dnsdomain2
objectClass: olcSchemaConfig
cn: dnsdomain2
Edit courier.ldif in a similar fashion to look something like this.
dn: cn=courier,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: courier
objectClass: olcSchemaConfig
cn: courier
For both files, remove everything below the last olcObjectClasses entry as it is superfluous and possibly conflicting.
8) Merge New Schema
Now, we need to merge the new object schemas into the config.
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/dnsschema.d/cn\=config/cn\=schema/cn\=\{3\}courier.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/dnsschema.d/cn\=config/cn\=schema/cn\=\{5\}dnsdomain2.ldif
If all goes well, you should see output along the lines of:
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=dnsdomain2,cn=schema,cn=config"
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=dnsdomain2,cn=schema,cn=config"
9) Add Test Data
ldapadd -D "cn=admin,dc=opennic,dc=glue" -W -x -f opennic_glue.ldif ldapadd -D "cn=admin,dc=opennic,dc=glue" -W -x -f test_zone.ldif ldapadd -D "cn=admin,dc=opennic,dc=glue" -W -x -f users.ldif
A complete test environment should now be setup and ready to go.