Yum Install Ldapsearch

Posted By admin  On 14.05.21

24.4.10.1 Configuring an LDAP Client to use SSSD
24.4.10.2 Configuring an LDAP Client to Use Automount Maps

To enable LDAP authentication for an LDAP client by using the Authentication Configuration GUI:

Firstly open the terminal on remote machine & install the following packages to install OpneLDAP client on the machine, $ yum install -y openldap-clients nss-pam-ldapd Once the packages have been installed, run the following command to configure the LDAP authentication. The ldapsearch command-line utility can locate and retrieve directory entries. This utility opens a connection to the specified server using the specified distinguished name and password and locates entries based on a specified search filter. The search scope can include a single entry, an entry's. Here you will find RHEL 7 instructions to configure a LDAP directory service for user connection. Here you will find RHEL 7 instructions to configure a LDAP directory service for user connection. # yum install -y openldap openldap-clients openldap-servers migrationtools.

  1. Install the openldap-clients package:

  2. Run the Authentication Configuration GUI:

  3. Select LDAP as the user account database and enter values for:

    LDAP Search Base DN

    The LDAP Search Base DN for the database. For example: dc=mydom,dc=com.

    LDAP Server

    The URL of the LDAP server including the port number. For example, ldap://ldap.mydom.com:389 or ldaps://ldap.mydom.com:636.

    LDAP authentication requires that you use either LDAP over SSL (ldaps) or Transport Layer Security (TLS) to secure the connection to the LDAP server.

  4. If you use TLS, click Download CA Certificate and enter the URL from which to download the CA certificate that provides the basis for authentication within the domain.

  5. Select either LDAP password or Kerberos password for authentication.

  6. If you select Kerberos authentication, enter values for:

    Realm

    The name of the Kerberos realm.

    KDCs

    A comma-separated list of Key Distribution Center (KDC) servers that can issue Kerberos ticket granting tickets and service tickets.

    Admin Servers

    A comma-separated list of Kerberos administration servers.

    Alternatively, you can use DNS to configure these settings:

    • Select the Use DNS to resolve hosts to realms check box to look up the name of the realm defined as a TXT record in DNS, for example:

    • Select the Use DNS to locate KDCs for realms check box to look up the KDCs and administration servers defined as SVR records in DNS, for example:

  7. Click Apply to save your changes.

Figure 24.3 shows the Authentication Configuration GUI with LDAP selected for the user account database and for authentication.

Figure 24.3 Authentication Configuration Using LDAP


You can also enable LDAP by using the authconfig command.

To use LDAP as the authentication source, specify the --enableldapauth option together with the full LDAP server URL including the port number and the LDAP Search Base DN, as shown in the following example:.

If you want to use TLS, additionally specify the --enableldaptls option and the download URL of the CA certificate, for example:

Yum install ldapsearch centos

Yum Install Apache

The --enableldap option configures /etc/nsswitch.conf to enable the system to use LDAP and SSSD for information services. The --enableldapauth option enables LDAP authentication by modifying the PAM configuration files in /etc/pam.d to use the pam_ldap.so module.

For more information, see the authconfig(8), pam_ldap(5), and nsswitch.conf(5) manual pages.

For information about using Kerberos authentication with LDAP, see Section 24.6.3, “Enabling Kerberos Authentication”.

You must also configure SSSD to be able to access information in LDAP. See Section 24.4.10.1, “Configuring an LDAP Client to use SSSD”.

If your client uses automount maps stored in LDAP, you must configure autofs to work with LDAP. See Section 24.4.10.2, “Configuring an LDAP Client to Use Automount Maps”.

Copyright © 2014, 2019, Oracle and/or its affiliates. All rights reserved. Legal Notices

Viewed 296 times

I want to test persistent search on 389-ds. But when I install it using:

I don't get any utils like ldapsearch, ldapadd.I've got ldapsearch from OpenLDAP installation in /usr/bin/ldapsearchbut it doesn't support -C option hence I can't test the persistent search.

From what I understand 389-ds is the same as Red Hat Directory Server and the documentation for the later says:

Now, my question is, should I get a proper ldapsearch with 389-ds installation? Or am I doing something wrong? Maybe 389-ds 1.2.2 is too old?

And the most important:How can I get ldapsearch that allows me to use persistent search?

Versions I use:

389-ds 1.2.2-1.el6

System: CentOS 6

damiandamian
1361 gold badge4 silver badges18 bronze badges
Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.

Rpm

Browse other questions tagged ldappersistent or ask your own question.