iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Docs/其他/我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否.html
iProbe ba848e218d first commit
2022-10-18 16:59:37 +08:00

2794 lines
No EOL
200 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<!-- saved from url=(0043)https://segmentfault.com/a/1190000014683418 -->
<html lang="zh-CN"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1"><meta name="renderer" content="webkit"><meta property="qc:admins" content="15317273575564615446375"><meta property="og:image" content="https://cdn.segmentfault.com/v-5c4ec07f/global/img/touch-icon.png"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><meta name="alexaVerifyID" content="LkzCRJ7rPEUwt6fVey2vhxiw1vQ"><meta name="apple-itunes-app" content="app-id=958101793, app-argument="><title>我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否</title><meta name="description" content="轻型目录访问协议英文Lightweight Directory Access Protocol缩写LDAP是一个开放的中立的工业标准的应用协议通过IP协议提供访问控制和维护分布式信息的目录信息。OpenLDAP是轻型目录访问协议Li..."><meta name="keywords" content="openldap"><link rel="search" type="application/opensearchdescription+xml" href="https://segmentfault.com/opensearch.xml" title="SegmentFault"><link rel="shortcut icon" href="https://cdn.segmentfault.com/v-5c4ec07f/global/img/favicon.ico"><link rel="apple-touch-icon" href="https://cdn.segmentfault.com/v-5c4ec07f/global/img/touch-icon.png"><meta name="msapplication-TileColor" content="#009a61"><meta name="msapplication-square150x150logo" content="https://cdn.segmentfault.com/v-5c4ec07f/global/img/touch-icon.png"><meta name="baidu_union_verify" content="bcf7fd80dca60d53d46d5b46e1b990ca"><link rel="alternate" type="application/atom+xml" title="SegmentFault 最新问题" href="https://segmentfault.com/feeds/questions"><link rel="alternate" type="application/atom+xml" title="SegmentFault 最新文章" href="https://segmentfault.com/feeds/blogs"><link rel="stylesheet" href="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/global.css"><link rel="stylesheet" href="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/blog.css"><link rel="stylesheet" href="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/responsive.css"><script src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/hm.js.下载"></script><script async="" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/analytics.js.下载"></script><script type="text/javascript" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/spcjs.php"></script><script charset="utf-8" id="ParadigmSDK" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/ParadigmSDK_v2.js.下载" data="216" defsi="594"></script><script>
ParadigmSDK.init("46e957bd9dea4acdaa15b4b64aff728f");
ParadigmSDK.trackDetailPageShow();
</script><script type="text/javascript" charset="utf-8" async="" data-requirecontext="_" data-requiremodule="https://cdn.segmentfault.com/v-5c4ec07f/3rd/highlightjs/highlight.pack.js" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/highlight.pack.js.下载"></script><style type="text/css">.MathJax_Preview {color: #888}
#MathJax_Message {position: fixed; left: 1em; bottom: 1.5em; background-color: #E6E6E6; border: 1px solid #959595; margin: 0px; padding: 2px 8px; z-index: 102; color: black; font-size: 80%; width: auto; white-space: nowrap}
#MathJax_MSIE_Frame {position: absolute; top: 0; left: 0; width: 0px; z-index: 101; border: 0px; margin: 0px; padding: 0px}
.MathJax_Error {color: #CC0000; font-style: italic}
</style><style type="text/css">#MathJax_About {position: fixed; left: 50%; width: auto; text-align: center; border: 3px outset; padding: 1em 2em; background-color: #DDDDDD; color: black; cursor: default; font-family: message-box; font-size: 120%; font-style: normal; text-indent: 0; text-transform: none; line-height: normal; letter-spacing: normal; word-spacing: normal; word-wrap: normal; white-space: nowrap; float: none; z-index: 201; border-radius: 15px; -webkit-border-radius: 15px; -moz-border-radius: 15px; -khtml-border-radius: 15px; box-shadow: 0px 10px 20px #808080; -webkit-box-shadow: 0px 10px 20px #808080; -moz-box-shadow: 0px 10px 20px #808080; -khtml-box-shadow: 0px 10px 20px #808080; filter: progid:DXImageTransform.Microsoft.dropshadow(OffX=2, OffY=2, Color='gray', Positive='true')}
#MathJax_About.MathJax_MousePost {outline: none}
.MathJax_Menu {position: absolute; background-color: white; color: black; width: auto; padding: 2px; border: 1px solid #CCCCCC; margin: 0; cursor: default; font: menu; text-align: left; text-indent: 0; text-transform: none; line-height: normal; letter-spacing: normal; word-spacing: normal; word-wrap: normal; white-space: nowrap; float: none; z-index: 201; box-shadow: 0px 10px 20px #808080; -webkit-box-shadow: 0px 10px 20px #808080; -moz-box-shadow: 0px 10px 20px #808080; -khtml-box-shadow: 0px 10px 20px #808080; filter: progid:DXImageTransform.Microsoft.dropshadow(OffX=2, OffY=2, Color='gray', Positive='true')}
.MathJax_MenuItem {padding: 2px 2em; background: transparent}
.MathJax_MenuArrow {position: absolute; right: .5em; padding-top: .25em; color: #666666; font-size: .75em}
.MathJax_MenuActive .MathJax_MenuArrow {color: white}
.MathJax_MenuArrow.RTL {left: .5em; right: auto}
.MathJax_MenuCheck {position: absolute; left: .7em}
.MathJax_MenuCheck.RTL {right: .7em; left: auto}
.MathJax_MenuRadioCheck {position: absolute; left: 1em}
.MathJax_MenuRadioCheck.RTL {right: 1em; left: auto}
.MathJax_MenuLabel {padding: 2px 2em 4px 1.33em; font-style: italic}
.MathJax_MenuRule {border-top: 1px solid #CCCCCC; margin: 4px 1px 0px}
.MathJax_MenuDisabled {color: GrayText}
.MathJax_MenuActive {background-color: Highlight; color: HighlightText}
.MathJax_MenuDisabled:focus, .MathJax_MenuLabel:focus {background-color: #E8E8E8}
.MathJax_ContextMenu:focus {outline: none}
.MathJax_ContextMenu .MathJax_MenuItem:focus {outline: none}
#MathJax_AboutClose {top: .2em; right: .2em}
.MathJax_Menu .MathJax_MenuClose {top: -10px; left: -10px}
.MathJax_MenuClose {position: absolute; cursor: pointer; display: inline-block; border: 2px solid #AAA; border-radius: 18px; -webkit-border-radius: 18px; -moz-border-radius: 18px; -khtml-border-radius: 18px; font-family: 'Courier New',Courier; font-size: 24px; color: #F0F0F0}
.MathJax_MenuClose span {display: block; background-color: #AAA; border: 1.5px solid; border-radius: 18px; -webkit-border-radius: 18px; -moz-border-radius: 18px; -khtml-border-radius: 18px; line-height: 0; padding: 8px 0 6px}
.MathJax_MenuClose:hover {color: white!important; border: 2px solid #CCC!important}
.MathJax_MenuClose:hover span {background-color: #CCC!important}
.MathJax_MenuClose:hover:focus {outline: none}
</style><style type="text/css">#MathJax_Zoom {position: absolute; background-color: #F0F0F0; overflow: auto; display: block; z-index: 301; padding: .5em; border: 1px solid black; margin: 0; font-weight: normal; font-style: normal; text-align: left; text-indent: 0; text-transform: none; line-height: normal; letter-spacing: normal; word-spacing: normal; word-wrap: normal; white-space: nowrap; float: none; -webkit-box-sizing: content-box; -moz-box-sizing: content-box; box-sizing: content-box; box-shadow: 5px 5px 15px #AAAAAA; -webkit-box-shadow: 5px 5px 15px #AAAAAA; -moz-box-shadow: 5px 5px 15px #AAAAAA; -khtml-box-shadow: 5px 5px 15px #AAAAAA; filter: progid:DXImageTransform.Microsoft.dropshadow(OffX=2, OffY=2, Color='gray', Positive='true')}
#MathJax_ZoomOverlay {position: absolute; left: 0; top: 0; z-index: 300; display: inline-block; width: 100%; height: 100%; border: 0; padding: 0; margin: 0; background-color: white; opacity: 0; filter: alpha(opacity=0)}
#MathJax_ZoomFrame {position: relative; display: inline-block; height: 0; width: 0}
#MathJax_ZoomEventTrap {position: absolute; left: 0; top: 0; z-index: 302; display: inline-block; border: 0; padding: 0; margin: 0; background-color: white; opacity: 0; filter: alpha(opacity=0)}
</style></head><!-- 推荐引擎 --><body data-mod="blog" class="blog-post "><div id="MathJax_Message" style="display: none;"></div><!--[if lt IE 9]><div class="alert alert-danger topframe" role="alert">你的浏览器实在<strong>太太太太太太旧了</strong>,放学别走,升级完浏览器再说 <a target="_blank" class="alert-link" href="http://browsehappy.com">立即升级</a></div><![endif]--><img id="icon4weChat" style="height: 0;width: 0;" data-src="https://cdn.segmentfault.com/v-5c4ec07f/global/img/touch-icon-512.png"><div id="gridMapHoverBox" style="position:absolute; border: 1px solid #009a61; z-index:99; font-size: 10px; background:#fff"></div><div class="global-nav sf-header sf-header--index"><div class="bottom-nav visible-xs visible-sm"><div class="opts"><a class="opts-group " href="https://segmentfault.com/"><i class="fa fa-home" aria-hidden="true"></i><span>首页</span></a><a class="opts-group " href="https://segmentfault.com/questions"><i class="fa fa-comments" aria-hidden="true"></i><span>问答</span></a><a class="opts-group active" href="https://segmentfault.com/blogs"><i class="fa fa-pencil-square" aria-hidden="true"></i><span>专栏</span></a><a class="opts-group " href="https://segmentfault.com/lives"><i class="fa fa-play-circle" aria-hidden="true"></i><span>讲堂</span></a><div class="opts-group"><div class="btn-group dropup"><i class="fa fa-bars dropdown hoverDropdown" data-toggle="dropdown" aria-hidden="true"><span>更多</span></i><ul class="dropdown-menu"><li><a href="https://segmentfault.com/jobs">职位</a></li><li><a href="https://segmentfault.com/events">活动</a></li><li><a href="https://segmentfault.com/tags">标签</a></li><li><a href="https://segmentfault.com/badges">徽章</a></li></ul></div></div></div></div><nav class="container nav"><div class="visible-xs visible-sm header-response"><a href="https://segmentfault.com/search" style="display:block"><i class="fa fa-search" aria-hidden="true"></i></a><div class="sf-header__logo sf-header__logo--response"><h1><a href="https://segmentfault.com/" style="height:24px; background-size: auto 24px;"></a></h1></div><a href="https://segmentfault.com/user/login" class="pull-right login-btn"><i class="fa fa-user" aria-hidden="true"></i></a></div><script>
mobileScroll(
function(direction) {
try {
if (direction === 'down') {
document.querySelector('.bottom-nav').classList.add('hidden')
} else {
document.querySelector('.bottom-nav').classList.remove('hidden')
}
} catch(err) {}
}
);
function mobileScroll( fn ) {
var beforeScrollTop = document.documentElement.scrollTop || document.body.scrollTop,
fn = fn || function() {};
window.addEventListener("scroll", function() {
var afterScrollTop = document.documentElement.scrollTop || document.body.scrollTop,
delta = afterScrollTop - beforeScrollTop;
if( delta === 0 ) return false;
fn( delta > 0 ? "down" : "up" );
beforeScrollTop = afterScrollTop;
}, false);
}
</script><div class="row hidden-xs hidden-sm"><div class="col-sm-8 col-md-9 col-lg-9"><div class="sf-header__logo"><h1><a href="https://segmentfault.com/">SegmentFault</a></h1></div><div><ul class="menu list-inline pull-left hidden-xs"><li class="menu__item"><a href="https://segmentfault.com/" class="">首页</a></li><li class="menu__item"><a href="https://segmentfault.com/questions" class="">问答</a></li><li class="menu__item"><a href="https://segmentfault.com/blogs" class="active-nav">专栏</a></li><li class="menu__item"><a class=" " href="https://segmentfault.com/lives">讲堂</a></li><li class="menu__item"><a href="https://segmentfault.com/groups" class="">圈子</a></li><li class="menu__item menu__item--more dropdown"><a href="https://segmentfault.com/a/1190000014683418##" class="dropdown-toggle dropdownBtn" data-toggle="dropdown">
发现<i class="fa fa-caret-down" style="font-size: 14px;margin-left: 5px;" aria-hidden="true"></i></a><div class="dropdown-block hidden"><ul class="dropdown-content-menu"><li><a href="https://segmentfault.com/events">活动</a></li><li><a href="https://segmentfault.com/tags">标签</a></li><li><a href="https://segmentfault.com/jobs">找工作</a></li><li><a href="https://segmentfault.com/users">排行榜</a></li><li><a href="https://segmentfault.com/badges">徽章</a></li><li><a href="https://segmentfault.com/notes">笔记</a></li><li><a href="https://docs.segmentfault.com/" target="_blank">开发手册<i style="line-height: 20px;font-size: 12px;color: #F5A623;" class="ml10 fa fa-external-link-square"></i></a></li><li><a href="https://business.segmentfault.com/ads?utm_source=sf-header" target="_blank">广告投放<i style="line-height: 20px;font-size: 12px;color: #F5A623;" class="ml10 fa fa-external-link-square"></i></a></li></ul></div></li><li class="menu__item visible-sm-inline-block"><a href="https://segmentfault.com/search"><span class="glyphicon glyphicon-search" style="vertical-align: middle;"></span></a></li></ul><form action="https://segmentfault.com/search" class="header-search hidden-sm hidden-xs pull-right"><button class="btn btn-link"><span class="sr-only">搜索</span><span class="glyphicon glyphicon-search"></span></button><input id="searchBox" name="q" type="text" placeholder="搜索问题或关键字" class="form-control" value=""></form></div></div><div class="col-sm-4 col-md-3 col-lg-3 text-right"><ul class="opts list-inline hidden-xs"><li class="opts__item"><a href="https://segmentfault.com/user/login" class="SFRegister btn-signin" style="margin-bottom:2px;">立即登录</a><a href="https://segmentfault.com/user/register" class="SFLogin ml10 btn-signup" onclick="_gaq.push([&#39;_trackEvent&#39;, &#39;Button&#39;, &#39;Click&#39;, &#39;Login&#39;]);">免费注册</a></li></ul></div></div></nav></div>
<input id="articleId" value="1190000014683418" class="hidden">
<div class="wrap" data-blogid="1200000005131520">
<div class="text-center block hidden-xs">
<script type="text/javascript">
OA_show(2);
</script>
</div>
<div class="container mt15" style="position:relative">
<div class="row">
<div class="col-xs-12 col-md-9 main ">
<ol class="breadcrumb mb15">
<li><a href="https://segmentfault.com/blogs">专栏</a></li>
<li><a href="https://segmentfault.com/blog/fengerzh">日新亭</a></li>
<li class="active">文章详情</li>
</ol>
<div class="post-topheader custom- pt0">
<div class="mb20">
<div class="block-for-right-border">
<div class="row">
<div class="col-md-12 col-sm-12 col-xs-12">
<div class="post-topheader__info" data-username="张京" data-userslug="fengerzh" data-useravatar="https://avatar-static.segmentfault.com/439/654/439654051-58781bd01ba83_big64">
<div class="article__author clearfix">
<div class="article__authorleft">
<a href="https://segmentfault.com/u/fengerzh">
<img class="avatar-40" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/439654051-58781bd01ba83_big64" alt="张京">
</a>
</div>
<div class="article__authorright">
<div class="article__authormeta">
<a href="https://segmentfault.com/u/fengerzh" class="mr5"><strong>张京</strong></a>
<img src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/rp.svg" class="mr5"><span style="color:#BF7158" class="mr10">8.2k</span>
发布于
<a href="https://segmentfault.com/blog/fengerzh">日新亭</a>
<span class="hidden-xs">
<button type="button" class="btn btn-xs btn-success follow-article ml10" data-do="follow" data-type="blog" data-id="1200000005131520">关注专栏
</button>
</span>
</div>
<span style="display: block">
2018-05-02 发布
</span>
</div>
</div>
<h1 class="h1 post-topheader__info--title" id="articleTitle" data-id="1190000014683418">
<a href="https://segmentfault.com/a/1190000014683418"> 我花了一个五一终于搞懂了OpenLDAP</a>
</h1>
<div class="content__tech hidden-xs">
<a href="https://segmentfault.com/a/1190000014683418" class="blog-type-common blog-type-1-before" target="_blank" data-content="
原创
"></a>
<ul class="taglist--inline inline-block article__title--tag mr10">
<li class="tagPopup mb5">
<a class="tag" href="https://segmentfault.com/t/openldap/blogs" data-toggle="popover" data-img="" data-placement="top" data-original-title="openldap" data-id="1040000002607113">
openldap
</a>
</li>
</ul>
<span>
29.6k 次阅读
&nbsp;·&nbsp;
读完需要 24 分钟
</span>
</div>
</div>
</div>
</div>
</div>
</div>
</div><!-- end .post-topheader -->
<div class="visible-lg">
<div class="side-widget">
<div class="stream__item-zan btn btn-default mt0 mb15 ml0 mr0 pt0 pb0 pl0 pr0 " id="side-widget-votes-btn">
<span class="stream__item-zan-icon"></span>
<span class="stream__item-zan-number" id="side-widget-votes-num">69</span>
</div>
<i class="fa fa-bookmark item " id="side-widget-bookmarks-btn"></i>
<i class="fa fa-weibo item"></i>
<i class="fa fa-weixin item" data-toggle="popover" data-placement="right" data-original-title="" title=""></i>
<i class="fa fa-twitter item"></i>
<i class="fa fa-facebook item"></i>
<i class="fa fa-arrow-up item hidden"></i>
</div>
</div>
<div class="article fmt article__content" data-id="1190000014683418" data-license="cc">
<blockquote>
<strong>轻型目录访问协议</strong>(英文:<code>Lightweight Directory Access Protocol</code>,缩写:<code>LDAP</code>是一个开放的中立的工业标准的应用协议通过IP协议提供访问控制和维护分布式信息的目录信息。<p><code>OpenLDAP</code>是轻型目录访问协议(<code>Lightweight Directory Access Protocol</code><code>LDAP</code>)的自由和开源的实现,在其<code>OpenLDAP</code>许可证下发行,并已经被包含在众多流行的<code>Linux</code>发行版中。</p>
<p>可以这样讲:市面上只要你能够想像得到的所有工具软件,全部都支持<code>LDAP</code>协议。比如说你公司要安装一个项目管理工具,那么这个工具几乎必然支持<code>LDAP</code>协议,你公司要安装一个<code>bug</code>管理工具,这工具必然也支持<code>LDAP</code>协议,你公司要安装一套软件版本管理工具,这工具也必然支持<code>LDAP</code>协议。<code>LDAP</code>协议的好处就是你公司的所有员工在所有这些工具里共享同一套用户名和密码,来人的时候新增一个用户就能自动访问所有系统,走人的时候一键删除就取消了他对所有系统的访问权限,这就是<code>LDAP</code></p>
</blockquote>
<p>有些领域并不像前端世界那么潮那么性感,但是缺了这个环节又总觉得很别扭。如果深入到运维的世界,你会发现大部分工具还活在上个世纪,产品设计完全反人类,比如<code>cn</code>, <code>dc</code>, <code>dn</code>, <code>ou</code>这样的命名方式,如果不钻研个一天两天,鬼知道它在说什么,比如说<code>dns</code><code>dns</code>是什么鬼?域名吗?不是,它只是某个懒惰的工程师起了<code>dn</code>这么一个缩写,再加一个复数,就成了<code>dns</code>,和域名服务器没有任何关系;<code>cn</code>是什么?中国的缩写?你想多了,这和中国没有任何关系。经过一系列这样疯狂的洗脑之后,你才能逐渐明白<code>LDAP</code>到底想干什么。抛弃你所有的认知,把自己当成一个什么都不懂的幼儿园孩子,然后我们从头学起<code>LDAP</code></p>
<p>如果你搜索<code>OpenLDAP</code>的安装指南,很不幸地告诉你,网上不管中文的英文的,<code>90%</code>都是错的,它们都还活在上个世纪,它们会告诉你要去修改一个叫做<code>slapd.conf</code>的文件,基本上看到这里,你就不用往下看了,这个文件早就被抛弃,新版的<code>OpenLDAP</code>里根本就没有这个文件!取而代之的是<code>slapd.d</code>的文件夹,然后另一部分教程会告诉你,让你修改这个文件夹下的某一个<code>ldif</code>文件,看到这里,你也不用往下看了,你又看到了伪教程,因为这个文件夹下的所有文件的第一行都明确地写着:『<code>这是一个自动生成的文件,不要修改它!</code>』你修改了它之后,它的<code>md5</code>校验值会匹配不上,造成更多的问题。你应该用<code>ldapmodify</code>来修改这个文件,而关于<code>ldapmodify</code>的教程,可以说几乎就没有!我一开始不知道面临这样荒谬的处境,很多运维人员是怎么活下来的,不过等我自己配通了以后,真的是累到连写教程的精力都没有了,好吧,我已经配通了,你们各人自求多福吧。</p>
<h1 id="articleHeader0">架构</h1>
<p>实际上,我的操作步骤很多都是反的,架构这部分是最后才意识到的,但实际上从最一开始就应该先想到。实际上整个<code>OpenLDAP</code>的架构大致包含<code>3</code>个部分,而网上没有教材提到这块。</p>
<h2 id="articleHeader1">OpenLDAP</h2>
<p>首先,是<code>OpenLDAP</code>的服务器本身,这个东西其实只相当于是一个<code>mysql</code>数据库,它是没有酷炫的图形界面的,如果你愿意每次都手敲一大堆代码,也可以用它,但这种反人类的设计真的不是给人用的。</p>
<h2 id="articleHeader2">phpLDAPadmin</h2>
<p>所以,你需要安装一个叫作<code>phpLDAPadmin</code>的工具,好歹这是一个图形界面,虽然奇丑无比,并且配置起来也并不容易。</p>
<h2 id="articleHeader3">PWM</h2>
<p>光装管理工具还不够,你总要给用户提供一个修改密码的地方。</p>
<h2 id="articleHeader4">客户端</h2>
<p>最后,你还需要配置各种工具。</p>
<h2 id="articleHeader5">架构图</h2>
<p>我画了一个简单的架构图如下:</p>
<p><span class="img-wrap"><img data-src="/img/bV9YDb?w=1278&amp;h=869" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/bV9YDb" alt="图片描述" title="图片描述" style="cursor: pointer; display: inline;"></span></p>
<h1 id="articleHeader6">安装</h1>
<h2 id="articleHeader7">安装OpenLDAP</h2>
<p>安装<code>OpenLDAP</code>非常简单,直接安装这<code>3</code>个东西就够了,甚至运气好的话,也许你的操作系统已经自带安装好了:</p>
<div class="widget-codetool" style="display: none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="yum install openldap openldap-clients openldap-servers" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs sql"><code style="word-break: break-word; white-space: initial;">yum <span class="hljs-keyword">install</span> openldap openldap-clients openldap-servers</code></pre>
<p>安装完了之后可以直接启动<code>OpenLDAP</code>服务,不需要做任何配置,我一开始还有顾虑,后来发现完全不用多想直接启动即可:</p>
<div class="widget-codetool" style="display: none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="service slapd start" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs sql"><code style="word-break: break-word; white-space: initial;">service slapd <span class="hljs-keyword">start</span></code></pre>
<h2 id="articleHeader8">配置OpenLDAP</h2>
<p>这一块在最一开始是最麻烦的部分,网上所有教程讲的都不对。因为现在是<code>2018</code>年了,而很多教程还停留在<code>2008</code>年甚至<code>1998</code>年。配置<code>OpenLDAP</code>最正确的姿势是通过<code>ldapmodify</code>命令执行<strong>一系列自己写好的</strong>ldif文件<strong>不要修改任何OpenLDAP装好的配置文件</strong></p>
<p>举个例子来说,你要想修改<code>RootDN</code>,那么你就自己写这么一个<code>ldif</code>文件,假设给它起名叫<code>a.ldif</code>,然后执行它就可以了:</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=admin,dc=qiban,dc=com
-
replace: olcSuffix
olcSuffix: dc=qiban,dc=com" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code><span class="hljs-string">dn:</span> olcDatabase={<span class="hljs-number">2</span>}bdb,cn=config
<span class="hljs-string">changetype:</span> modify
<span class="hljs-string">replace:</span> olcRootDN
<span class="hljs-string">olcRootDN:</span> cn=admin,dc=qiban,dc=com
-
<span class="hljs-string">replace:</span> olcSuffix
<span class="hljs-string">olcSuffix:</span> dc=qiban,dc=com</code></pre>
<p>怎么执行呢?</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f a.ldif" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code style="word-break: break-word; white-space: initial;">ldapmodify -Q -Y EXTERNAL -H <span class="hljs-string">ldapi:</span><span class="hljs-comment">/// -f a.ldif</span></code></pre>
<p>这么长的命令是什么意思?<code>-Q</code>表示安静执行,<code>-Y</code>和后面的<code>EXTERNAL</code>表示,好吧,我也不知道什么意思,总之需要这样配合,然后<code>-H</code>表示地址,<code>-f</code>表示文件名。几乎所有的<code>ldapmodify</code>命令都这么执行就好了。</p>
<p>再来讲解一下上面的<code>ldif</code>文件的内容,你不要问为什么叫<code>ldif</code>这么一个破后缀,总之你记住它就是这个后缀就好了。<code>dn</code>表示你要修改什么东西,在这里我们用的是<code>{2}bdb</code>,你的系统不一定是<code>{2}bdb</code>,不管是几,总之你去查一下目录里的内容就好了:</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="ls /etc/openldap/slapd.d/cn=config/" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code style="word-break: break-word; white-space: initial;">ls <span class="hljs-regexp">/etc/</span>openldap<span class="hljs-regexp">/slapd.d/</span>cn=config/</code></pre>
<p>得到的结果大概如下,不一样也不要害怕:</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="cn=module{0}.ldif cn=schema/ cn=schema.ldif olcDatabase={0}config.ldif olcDatabase={-1}frontend.ldif olcDatabase={1}monitor.ldif olcDatabase={2}bdb/ olcDatabase={2}bdb.ldif" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs typescript"><code style="word-break: break-word; white-space: initial;">cn=<span class="hljs-keyword">module</span>{<span class="hljs-number">0</span>}.ldif cn=schema/ cn=schema.ldif olcDatabase={<span class="hljs-number">0</span>}config.ldif olcDatabase={<span class="hljs-number">-1</span>}frontend.ldif olcDatabase={<span class="hljs-number">1</span>}monitor.ldif olcDatabase={<span class="hljs-number">2</span>}bdb/ olcDatabase={<span class="hljs-number">2</span>}bdb.ldif</code></pre>
<p>这里面有一大堆奇奇怪怪的数字,不要担心,其中有一个带什么<code>db.ldif</code>的就是你最终需要修改的数据库文件,我这里是<code>bdb.ldif</code>,你的可能是<code>mdb.ldif</code>,还有人是<code>hdb.ldif</code>,不管什么<code>db</code>,总之你要改的是一个叫<code>db</code>的文件就对了,你可以<code>cat</code>打开看一看,但是不要用<code>vi</code>去修改它。</p>
<p><code>changetype</code>就是<code>modify</code>,表示我们要修改这个文件。第<code>3</code>行是<code>replace</code>,表示我们要替换里面的某个值,你可以把这个操作理解为<code>mysql</code>数据库的<code>update</code>操作,如果你把第<code>3</code>行改成<code>add</code>,那就是<code>mysql</code><code>insert</code>操作了。不过这里我们操作的只是配置文件本身,还牵涉不到添加用户或者更改用户,如果你以为事情就这么简单,那就是你太天真了。</p>
<p><code>RootDN</code>在这里就表示你整个<code>OpenLDAP</code>系统的管理员用户名是什么,不要奇怪,后面这一砣都是用户名<code>cn=admin,dc=qiban,dc=com</code>,长的有点像<code>email</code>地址,实际意思也差不多,但总之就不是<code>email</code>就行了。不要问为什么,总之<code>cn</code>就是<code>email</code>前面的那个名字,后面带<code>dc</code>的都是域名。</p>
<p>真实情况是你还需要给这个用户设置一个密码,具体怎么设自行<code>Google</code>但还是那句话不要修改系统文件要用ldapmodify来执行。</p>
<h2 id="articleHeader9">添加memberOf模块</h2>
<p>这个工作应该一开始就做好,要不然后面要做的话,还得把建好的组全删掉再重建。这个模块的作用是当你建一个组的时候,把一些用户添加到这个组里去,它会自动给这些用户添加一个<code>memberOf</code>属性,有很多应用需要检查这个属性。</p>
<p>添加的时候比较麻烦,需要建<code>3</code><code>ldif</code>文件,然后<code>1</code>个执行<code>ldapmodify</code><code>2</code>个执行<code>ldapadd</code>,错一点都不行:</p>
<h3 id="articleHeader10">memberof_config.ldif</h3>
<p>再一次重申:文件名叫做什么根本无所谓,只要后缀名为<code>ldif</code>即可。</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /usr/lib64/openldap
dn: olcOverlay={0}memberof,olcDatabase={2}bdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code><span class="hljs-string">dn:</span> cn=module,cn=config
<span class="hljs-string">cn:</span> module
<span class="hljs-string">objectClass:</span> olcModuleList
<span class="hljs-string">olcModuleLoad:</span> memberof
<span class="hljs-string">olcModulePath:</span> <span class="hljs-regexp">/usr/</span>lib64/openldap
<span class="hljs-symbol">
dn:</span> olcOverlay={<span class="hljs-number">0</span>}memberof,olcDatabase={<span class="hljs-number">2</span>}bdb,cn=config
<span class="hljs-string">objectClass:</span> olcConfig
<span class="hljs-string">objectClass:</span> olcMemberOf
<span class="hljs-string">objectClass:</span> olcOverlayConfig
<span class="hljs-string">objectClass:</span> top
<span class="hljs-string">olcOverlay:</span> memberof
<span class="hljs-string">olcMemberOfDangling:</span> ignore
<span class="hljs-string">olcMemberOfRefInt:</span> TRUE
<span class="hljs-string">olcMemberOfGroupOC:</span> groupOfNames
<span class="hljs-string">olcMemberOfMemberAD:</span> member
<span class="hljs-string">olcMemberOfMemberOfAD:</span> memberOf</code></pre>
<p>小心第<code>5</code>行和第<code>7</code>行,先找到你的模块目录是不是在<code>/usr/lib64</code>下面,然后看清楚你的数据库类型和数字,不要瞎复制。</p>
<p>对于这个文件,我们需要执行<code>ldapadd</code></p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="ldapadd -Q -Y EXTERNAL -H ldapi:/// -f memberof_config.ldif" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code style="word-break: break-word; white-space: initial;">ldapadd -Q -Y EXTERNAL -H <span class="hljs-string">ldapi:</span><span class="hljs-comment">/// -f memberof_config.ldif</span></code></pre>
<p>执行完之后,检查你的<code>/etc/openldap/slapd.d/cn=config/</code>,看是不是多了一个模块,这个模块的数字编号直接影响下一步操作。</p>
<h3 id="articleHeader11">refint1.ldif</h3>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="dn: cn=module{0},cn=config
add: olcmoduleload
olcmoduleload: refint" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code><span class="hljs-string">dn:</span> cn=module{<span class="hljs-number">0</span>},cn=config
<span class="hljs-string">add:</span> olcmoduleload
<span class="hljs-string">olcmoduleload:</span> refint</code></pre>
<p>这个文件里我的<code>memberOf</code>是第一个模块,所以编号是<code>0</code>,你的不一定,要看清楚到底第几号模块是<code>memberof</code>,然后就改成几就可以了,对于这个文件,我们要执行<code>ldapmodify</code>操作:</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f refint1.ldif" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code style="word-break: break-word; white-space: initial;">ldapmodify -Q -Y EXTERNAL -H <span class="hljs-string">ldapi:</span><span class="hljs-comment">/// -f refint1.ldif</span></code></pre>
<p>你如果能看懂它的意思的话,它的大意是说要修改我们刚刚添加的那个模块文件的内容。</p>
<h3 id="articleHeader12">refint2.ldif</h3>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="dn: olcOverlay={1}refint,olcDatabase={2}bdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code><span class="hljs-string">dn:</span> olcOverlay={<span class="hljs-number">1</span>}refint,olcDatabase={<span class="hljs-number">2</span>}bdb,cn=config
<span class="hljs-string">objectClass:</span> olcConfig
<span class="hljs-string">objectClass:</span> olcOverlayConfig
<span class="hljs-string">objectClass:</span> olcRefintConfig
<span class="hljs-string">objectClass:</span> top
<span class="hljs-string">olcOverlay:</span> {<span class="hljs-number">1</span>}refint
<span class="hljs-string">olcRefintAttribute:</span> memberof member manager owner</code></pre>
<p>对这个文件执行<code>ldapadd</code>操作:</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="ldapadd -Q -Y EXTERNAL -H ldapi:/// -f refint2.ldif" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs groovy"><code style="word-break: break-word; white-space: initial;">ldapadd -Q -Y EXTERNAL -H <span class="hljs-string">ldapi:</span><span class="hljs-comment">/// -f refint2.ldif</span></code></pre>
<p>还是要注意检查<code>db</code>类型,否则你一定不能成功。</p>
<h2 id="articleHeader13">安装phpLDAPadmin</h2>
<p>好吧,干完了上面这些啰里巴嗦的事情,你可以先给自己泡杯咖啡,接下来还有很多工作要做,不过难度已经没有刚才那么大了。</p>
<p>我们开始安装<code>phpLDAPadmin</code></p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text="yum install phpldapadmin" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs sql"><code style="word-break: break-word; white-space: initial;">yum <span class="hljs-keyword">install</span> phpldapadmin</code></pre>
<p><code>CentOS</code><code>yum</code>安装总是这么令人赏心悦目。</p>
<h2 id="articleHeader14">配置phpLDAPadmin</h2>
<p>接下来让我们在<code>nginx</code>里配置好它,以便让我们的管理员能够看到它。</p>
<div class="widget-codetool" style="display:none;">
<div class="widget-codetool--inner">
<span class="selectCode code-tool" data-toggle="tooltip" data-placement="top" title="" data-original-title="全选"></span>
<span type="button" class="copyCode code-tool" data-toggle="tooltip" data-placement="top" data-clipboard-text=" location /htdocs {
alias /usr/share/phpldapadmin/htdocs;
index index.php;
location ~ \.php$ {
alias /usr/share/phpldapadmin;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}" title="" data-original-title="复制"></span>
</div>
</div><pre class="hljs nginx"><code> <span class="hljs-attribute">location</span> /htdocs {
<span class="hljs-attribute">alias</span> /usr/share/phpldapadmin/htdocs;
<span class="hljs-attribute">index</span> index.php;
<span class="hljs-attribute">location</span> <span class="hljs-regexp">~ \.php$</span> {
<span class="hljs-attribute">alias</span> /usr/share/phpldapadmin;
<span class="hljs-attribute">fastcgi_pass</span> <span class="hljs-number">127.0.0.1:9000</span>;
<span class="hljs-attribute">fastcgi_index</span> index.php;
<span class="hljs-attribute">fastcgi_param</span> SCRIPT_FILENAME <span class="hljs-variable">$document_root</span><span class="hljs-variable">$fastcgi_script_name</span>;
<span class="hljs-attribute">include</span> fastcgi_params;
}
}</code></pre>
<p>缺省文件安装在<code>/usr/share/phpldapadmin/htdocs</code>下,我们必得要在这里配置一个<code>alias</code>才能访问到它,但在<code>php-fpm</code>时又要配置另外一个<code>alias</code>,这也是比较坑人的一个地方。</p>
<p>接下来你需要修改<code>/etc/phpldapadmin/config.php</code>这个文件,里面有大段大段的注释,看到人头晕,注意这么<code>2</code>点就够了,其它的都不要改:</p>
<ul>
<li><code>$servers-&gt;setValue('login','anon_bind',false);</code>改成<code>false</code>,因为我们不想让人匿名访问;</li>
<li><code>$servers-&gt;setValue('login','allowed_dns',array('cn=admin,dc=qiban,dc=com'));</code>,我们只允许管理员访问,其他任何人不得访问。</li>
</ul>
<h2 id="articleHeader15">使用phpLDAPadmin</h2>
<p>你现在可以通过<code>URL</code>地址访问<code>phpLDAPadmin</code>了,登录的时候输入你那一坨用户名:<code>cn=admin,dc=qiban,dc=com</code>,然后输入密码,如果你前面一切都设置对了,那么这里就可以登录进去了。</p>
<p><span class="img-wrap"><img data-src="/img/bV9YDo?w=1251&amp;h=821" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/squares.svg" alt="clipboard.png" title="clipboard.png" style="cursor: pointer;"></span></p>
<p>界面里透出一股浓浓的上世纪九十年代风格,不过好歹我们终于可以脱离纯手写代码管理的窘境了。</p>
<p>这时候你首先要建立两个<code>organizationalUnit</code>,一个叫作<code>groups</code>,一个叫作<code>users</code>。不要问为什么。</p>
<p>然后在<code>users</code>下面建几个<code>inetOrgPerson</code>,这些就是你的用户了。注意,在创建新条目时,一定要选择<code>默认</code>,不要选择什么<code>Posix</code>或者<code>Generic User Account</code>,那只会帮你建出一堆没用的<code>Linux</code>账号出来,我们只想要<code>web</code>用户,不想建什么<code>Linux</code>用户。<strong>注意:密码这个地方一定要选<code>md5</code>,否则你后面和其它系统连接会出问题。</strong></p>
<p>然后在<code>groups</code>下面建几个组吧,比如<code>admins</code>, <code>users</code>等等,注意选择<code>objectClass</code><code>groupOfNames</code>就行了。然后把你刚刚建好的几个用户分门别类的给他们加到组里去。</p>
<p>在这一步上,如果你前面配置<code>memberOf</code>模块配置正确的话,你会在<code>user</code><code>显示内部属性</code>里看到它的<code>memberOf</code>属性,如果看不到,说明你没有配对。</p>
<h2 id="articleHeader16">配置第三方应用</h2>
<p>到此为止,似乎真没有什么好说的了,<code>Phabricator</code>, <code>Confluence</code>, <code>Zabbix</code>, <code>Grafana</code>, <code>禅道</code>等等,几乎你能想到的任何一个第三方应用都会有说明书教你怎么配置<code>dc</code>, <code>cn</code>, <code>ou</code>这些东西,经过了上面这一番折腾,你怎么着也应该对<code>LDAP</code>的一些术语有所了解了,如果还是不行,说明你玩它的时间还是不够长,再多玩两天,也就明白了。</p>
<p>配置好之后的好处就是你再也不用东一块西一块地建用户了,而可以在一个统一的地方集中管理你的用户和群组授权。</p>
<h1 id="articleHeader17">结语</h1>
<p>总之,配置<code>OpenLDAP</code>不是一个轻松的活,但是考虑到有那么多第三方应用都支持这个鬼东西,花点代价把它配通还是值得的。希望你一切顺利。</p>
</div>
<div class="clearfix mt10">
<ul class="article-operation list-inline pull-left mt15"><li><a target="_blank" href="https://creativecommons.org/licenses/by-nc-nd/4.0/"><img class="mb5" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/creativecommons-cc.svg" height="20"></a></li><li class="dropdown js__content-ops hidden-xs" data-module="article" data-id="1190000014683418" data-typetext="文章"><a href="javascript:void(0);" class="dropdown-toggle text-muted" data-toggle="dropdown"><i class="fa fa-ellipsis-h" aria-hidden="true"></i></a><ul class="dropdown-menu dropdown-menu-left"><li><a href="https://segmentfault.com/a/1190000014683418#911" data-toggle="modal" data-target="#911" data-action="report">举报</a></li></ul></li></ul>
<div class="pull-right mt-10 hidden-xs">
<div class="widget-share__full" data-text="我花了一个五一终于搞懂了OpenLDAP" data-url="https://segmentfault.com/a/1190000014683418" data-shorturl="http://sfau.lt/b59LZu"><div class="widget-share-network sharer-0" style="display: block;"><ul class="sn-inline"><li data-network="weibo"><a href="javascript:void(0);" class="entypo-weibo icon-sn-weibo share-1" data-toggle="tooltip" data-placement="top" title="" data-original-title="分享至新浪微博">新浪微博</a></li><li data-network="wechart"><a href="javascript:void(0);" class="entypo-wechart icon-sn-weixin share-2" data-toggle="tooltip" data-placement="top" title="" data-original-title="分享至微信">微信</a></li><li data-network="twitter"><a href="javascript:void(0);" class="entypo-twitter icon-sn-twitter share-3" data-toggle="tooltip" data-placement="top" title="" data-original-title="分享至 Twitter">Twitter</a></li><li data-network="facebook"><a href="javascript:void(0);" class="entypo-facebook icon-sn-facebook share-4" data-toggle="tooltip" data-placement="top" title="" data-original-title="分享至 Facebook">Facebook</a></li></ul></div><a type="button" class="btn btn-sm shareMore btn-sn-more" data-toggle="popover" data-placement="top" data-url="https://segmentfault.com/a/1190000014683418" data-shorturl="http://sfau.lt/b59LZu"><span class="icon-sn-dotted" data-original-title="" title=""></span><strong class="visible-xs-inline">•••</strong></a></div>
</div>
</div>
<div class="mt10 text-center mb30"><button type="button" id="mainLike" data-id="1190000014683418" class="btn btn-success btn-lg mr15 "><span id="mainLikeText"></span>&nbsp;&nbsp;<span class="seprator">|</span>&nbsp;&nbsp;
<span id="mainLikeNum">69 </span></button><button type="button" id="mainBookmark" data-type="article" data-id="1190000014683418" class="btn btn-default btn-lg "><span id="mainBookmarkText">收藏</span>&nbsp;&nbsp;<span class="seprator">|</span>&nbsp;&nbsp;<span id="mainBookmarkNum">61</span></button><br><button type="button" data-id="1190000014683418" class="btn btn-danger btn-lg mt15 article__reward-btn">
赞赏支持
</button></div><div class="mt30 mb30 text-center article__reward-info"><span class="mr10">如果觉得我的文章对你有用,请随意赞赏</span><ul class="article__reward-list"><li class="article__reward-item" data-toggle="tooltip" data-placement="top" title="" data-original-title="T、"><a target="_blank" href="https://segmentfault.com/u/t_5838f74d0f334"><img src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-40.png"></a></li><li class="article__reward-item" data-toggle="tooltip" data-placement="top" title="" data-original-title="joyqi"><a target="_blank" href="https://segmentfault.com/u/joyqi"><img src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/2618981758-1030000000091293_medium40"></a></li></ul><span class="ml10">已赞赏</span></div>
<script type="text/javascript">
OA_show(3);
</script>
<h4 class="pt20 mb15 mt0 border-top">你可能感兴趣的</h4>
<div class="mb15 block">
<script type="text/javascript">
OA_show(4);
</script>
</div>
<div id="paradigm-article-related"><div class="recommend-post mb30"><ul class="widget-links"><li><a href="http://segmentfault.com/a/1190000010134348" title="LDAP开发学习" target="_blank">LDAP开发学习</a><span class="text-muted">Corwien</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/sso">sso</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/ldap">ldap</a></li><li><a href="http://segmentfault.com/a/1190000012787087" title="centos6搭建ldap服务" target="_blank">centos6搭建ldap服务</a><span class="text-muted">shenpeng</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/ldap">ldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a></li><li><a href="http://segmentfault.com/a/1190000002607140" title="LDAP服务器的概念和原理简单介绍" target="_blank">LDAP服务器的概念和原理简单介绍</a><span class="text-muted">seanlook</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a></li><li><a href="http://segmentfault.com/a/1190000002607146" title="LDIF修改ldap记录或配置示例" target="_blank">LDIF修改ldap记录或配置示例</a><span class="text-muted">seanlook</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a></li><li><a href="http://segmentfault.com/a/1190000009446483" title="openldap账号管理及web管理" target="_blank">openldap账号管理及web管理</a><span class="text-muted">Lancger</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a></li><li><a href="http://segmentfault.com/a/1190000010512920" title="单点登录实现原理及小结" target="_blank">单点登录实现原理及小结</a><span class="text-muted">Corwien</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/ldap">ldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/sso">sso</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/php">php</a></li><li><a href="http://segmentfault.com/a/1190000002607130" title="OpenLDAP(2.4.3x)服务器搭建及配置说明" target="_blank">OpenLDAP(2.4.3x)服务器搭建及配置说明</a><span class="text-muted">seanlook</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a></li><li><a href="http://segmentfault.com/a/1190000008197464" title="phpLDAPadmin 安装" target="_blank">phpLDAPadmin 安装</a><span class="text-muted">Steve_Wang_</span><a class="tag" taget="_blank" href="https://segmentfault.com/t/openldap">openldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/ldap">ldap</a><a class="tag" taget="_blank" href="https://segmentfault.com/t/ubuntu">ubuntu</a></li></ul></div></div>
<div class="comments--news comments--default comments--article
" data-id="1190000014683418" data-user-id="" data-author-id="1030000002513190 " data-is-admin="null" id="goToReplyArea">
<div class="mb10 clearfix">
<strong class="comments-stat pull-left mr10">34 条评论</strong>
<div class="btn-group btn-group-xs pull-right comments-sort btn-group-menu" role="menu">
<a href="javascript:;" class="btn btn-default active" data-sort="default">默认排序</a>
<a href="javascript:;" class="btn btn-default" data-sort="desc">时间排序</a>
</div>
</div>
<div class="comments-container">
<div class="comments-list">
<div class="comments-item" data-id="1050000016640643">
<div class="pull-left">
<a href="https://segmentfault.com/u/loading_5bbdddf299623" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016640643" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/loading_5bbdddf299623">Loading</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年10月10日</span>
</div>
<div class="fmt mb10"><p>我觉得openldap能活这么久也是挺难得的</p></div>
<form action="https://segmentfault.com/api/comment/1050000016640643/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">我觉得openldap能活这么久也是挺难得的</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value">+1</span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000014743663">
<div class="pull-left">
<a href="https://segmentfault.com/u/daydaygo" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/2655744346-5a44953b3c520_big64" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000014743663" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/daydaygo">daydaygo</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年05月06日</span>
</div>
<div class="fmt mb10"><p>看完没明白 openLDAP 干嘛的 -_-</p></div>
<form action="https://segmentfault.com/api/comment/1050000014743663/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">看完没明白 openLDAP 干嘛的 -_-</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000014760304">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>一般把企业员工资料保存在LDAP里包括姓名、部门、联系方式、Email地址、登录账号、密码、密钥等等。然后各种系统利用LDAP里的资料作为系统用户。</p></div>
<form action="https://segmentfault.com/api/comment/1050000014760304/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">一般把企业员工资料保存在LDAP里包括姓名、部门、联系方式、Email地址、登录账号、密码、密钥等等。然后各种系统利用LDAP里的资料作为系统用户。</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000014760304" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/syutingsong">
<strong>SyuTingSong</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年05月07日</span>
</span>
</div>
</div>
</div>
<div class="reply-item" data-id="1050000014780657">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p><a href="https://segmentfault.com/u/syutingsong">@SyuTingSong</a> 做过一个涉及windows域的项目才接触到这个, 当时懵逼了好几天. 现在还有哪个OA系统用LDAP处理员工信息?</p></div>
<form action="https://segmentfault.com/api/comment/1050000014780657/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">@SyuTingSong[syutingsong] 做过一个涉及windows域的项目才接触到这个, 当时懵逼了好几天. 现在还有哪个OA系统用LDAP处理员工信息?</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000014780657" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/maxim">
<strong>ssy</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年05月08日</span>
</span>
</div>
</div>
</div>
<div class="reply-item" data-id="1050000014782810">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value
islike0-10
">
2
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p><a href="https://segmentfault.com/u/maxim">@ssy</a> 老外的一堆一堆。其实Windows Server和Mac OS X Server都有GUI的LDAP设置只有Linux上配置比较麻烦。文档也比较老。</p></div>
<form action="https://segmentfault.com/api/comment/1050000014782810/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">@ssy[maxim] 老外的一堆一堆。其实Windows Server和Mac OS X Server都有GUI的LDAP设置只有Linux上配置比较麻烦。文档也比较老。</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000014782810" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/syutingsong">
<strong>SyuTingSong</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年05月08日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000014755013">
<div class="pull-left">
<a href="https://segmentfault.com/u/carefor" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/2020227742-5a211533c1a03_big64" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000014755013" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/carefor">carefor</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年05月07日</span>
</div>
<div class="fmt mb10"><p>建议用ApacheLdapStudio开源免费功能强大</p></div>
<form action="https://segmentfault.com/api/comment/1050000014755013/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">建议用ApacheLdapStudio开源免费功能强大</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000014783136">
<div class="pull-left">
<a href="https://segmentfault.com/u/rambone" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000014783136" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/rambone">Rambone</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年05月08日</span>
</div>
<div class="fmt mb10"><p>虽然LDAP协议可能古老 实现又比较原始 但是兄弟 看完你写的 我还是没懂dc ou cn 另外它提供的uri schema结构解析 更重要的ldif文件的解析 都还是懵进懵出啊 Confluence gitlab Grafana的接入例子也应该多举一下啊</p></div>
<form action="https://segmentfault.com/api/comment/1050000014783136/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">虽然LDAP协议可能古老 实现又比较原始 但是兄弟 看完你写的 我还是没懂dc ou cn 另外它提供的uri schema结构解析 更重要的ldif文件的解析 都还是懵进懵出啊 Confluence gitlab Grafana的接入例子也应该多举一下啊</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000014785355">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p><a href="https://segmentfault.com/u/rambone">@Rambone</a> 写这篇文章的时候刚刚从坑里爬起来,情绪比较大,回头再补充一下。</p></div>
<form action="https://segmentfault.com/api/comment/1050000014785355/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">@Rambone[rambone] 写这篇文章的时候刚刚从坑里爬起来,情绪比较大,回头再补充一下。</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000014785355" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/fengerzh">
<strong>张京</strong>
</a>
<span class="comments-isAuthor ">
作者
</span>
<span class="text-muted-plus"> · 2018年05月09日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000014791517">
<div class="pull-left">
<a href="https://segmentfault.com/u/leo_liao" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000014791517" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/leo_liao">leo_liao</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年05月09日</span>
</div>
<div class="fmt mb10"><p>app可以调用ldap认证吗</p></div>
<form action="https://segmentfault.com/api/comment/1050000014791517/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">app可以调用ldap认证吗</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000014791598">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>你可以把ldap理解为一个mysql数据库app或者js如何调用mysql中间加一层就行了。有很多这方面的类库包括java, php, node.js都有例如<a href="https://github.com/jeremycx/node-LDAP" rel="nofollow noreferrer">https://github.com/jeremycx/n...</a></p></div>
<form action="https://segmentfault.com/api/comment/1050000014791598/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">你可以把ldap理解为一个mysql数据库app或者js如何调用mysql中间加一层就行了。有很多这方面的类库包括java, php, node.js都有例如https://github.com/jeremycx/node-LDAP</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000014791598" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/fengerzh">
<strong>张京</strong>
</a>
<span class="comments-isAuthor ">
作者
</span>
<span class="text-muted-plus"> · 2018年05月09日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000015491416">
<div class="pull-left">
<a href="https://segmentfault.com/u/littlelawson" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000015491416" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/littlelawson">LittleLawson</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年07月05日</span>
</div>
<div class="fmt mb10"><p>这篇文章字里行间都是火气。我也被openLDAP搞伤了什么玩意儿。<br>附注博主的这个系统版本不是centos 7如果是centos 7的同志请绕道。【我在centos 6.5上能够运行出来但是centos 7就是不行mlgb】</p></div>
<form action="https://segmentfault.com/api/comment/1050000015491416/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">这篇文章字里行间都是火气。我也被openLDAP搞伤了什么玩意儿。
附注博主的这个系统版本不是centos 7如果是centos 7的同志请绕道。【我在centos 6.5上能够运行出来但是centos 7就是不行mlgb】</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000018005429">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>最后搞定了吗</p></div>
<form action="https://segmentfault.com/api/comment/1050000018005429/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">最后搞定了吗</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000018005429" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/blueli">
<strong>blueli</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 1月24日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000015833813">
<div class="pull-left">
<a href="https://segmentfault.com/u/vickey" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/3459211656-5b5d8e82633db_big64" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000015833813" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/vickey">vickey</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年07月31日</span>
</div>
<div class="fmt mb10">
<p>博主你好我按照你的步骤做了然后我google设置密码按照这篇<a href="https://www.digitalocean.com/community/tutorials/how-to-change-account-passwords-on-an-openldap-server" rel="nofollow noreferrer" target="_blank">文章</a>改,但报错了。可以帮忙指导下吗?谢谢</p>
<pre><code>[root@effe24310246 cn=config]# ls
cn=module{0}.ldif cn=schema.ldif olcDatabase={0}config.ldif olcDatabase={1}monitor.ldif olcDatabase={2}bdb.ldif refint1.ldif
cn=schema memberof_config.ldif olcDatabase={-1}frontend.ldif olcDatabase={2}bdb password.ldif refint2.ldif
[root@effe24310246 cn=config]# ldapmodify -H ldapi:// -Y EXTERNAL -f password.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={2}bdb,cn=config"
ldap_modify: No such object (32)
matched DN: cn=config</code></pre>
<p>password.ldif</p>
<pre><code>dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}xxxxx
-
replace: olcRootDN
olcRootDN: cn=admin,dc=test,dc=com
-
replace: olcSuffix
olcSuffix: dc=test,dc=com</code></pre>
</div>
<form action="https://segmentfault.com/api/comment/1050000015833813/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">博主你好我按照你的步骤做了然后我google设置密码按照这篇[文章](https://www.digitalocean.com/community/tutorials/how-to-change-account-passwords-on-an-openldap-server)改,但报错了。可以帮忙指导下吗?谢谢
```
[root@effe24310246 cn=config]# ls
cn=module{0}.ldif cn=schema.ldif olcDatabase={0}config.ldif olcDatabase={1}monitor.ldif olcDatabase={2}bdb.ldif refint1.ldif
cn=schema memberof_config.ldif olcDatabase={-1}frontend.ldif olcDatabase={2}bdb password.ldif refint2.ldif
[root@effe24310246 cn=config]# ldapmodify -H ldapi:// -Y EXTERNAL -f password.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={2}bdb,cn=config"
ldap_modify: No such object (32)
matched DN: cn=config
```
password.ldif
```
dn: olcDatabase={2}bdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}xxxxx
-
replace: olcRootDN
olcRootDN: cn=admin,dc=test,dc=com
-
replace: olcSuffix
olcSuffix: dc=test,dc=com
```</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000017902170">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>我也是,没搞定,😢</p></div>
<form action="https://segmentfault.com/api/comment/1050000017902170/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">我也是,没搞定,😢</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000017902170" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/zhangwenjian">
<strong>张文剑</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 1月15日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000015911555">
<div class="pull-left">
<a href="https://segmentfault.com/u/xianyudelion" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000015911555" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/xianyudelion">咸鱼delion</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年08月07日</span>
</div>
<div class="fmt mb10"><p>博主一开始就帮我吐槽了一下刚开始接触这玩意的人的真实想法,多么痛的领悟!!!!!</p></div>
<form action="https://segmentfault.com/api/comment/1050000015911555/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">博主一开始就帮我吐槽了一下刚开始接触这玩意的人的真实想法,多么痛的领悟!!!!!</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000015918056">
<div class="pull-left">
<a href="https://segmentfault.com/u/xianyudelion" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000015918056" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/xianyudelion">咸鱼delion</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年08月07日</span>
</div>
<div class="fmt mb10"><p>博主你好我在配置menberof的时候报错manager没有定义请问是什么原因</p></div>
<form action="https://segmentfault.com/api/comment/1050000015918056/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">博主你好我在配置menberof的时候报错manager没有定义请问是什么原因</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000016789634">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>我遇到同样问题。。。</p></div>
<form action="https://segmentfault.com/api/comment/1050000016789634/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">我遇到同样问题。。。
</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000016789634" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/jiang_5bd0255ec0ddd">
<strong>Jiang</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年10月24日</span>
</span>
</div>
</div>
</div>
<div class="reply-item" data-id="1050000016939547">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p><a href="https://segmentfault.com/u/fengerzh">@张京</a> 同样的问题。。麻烦博主知道什么原因吗?</p></div>
<form action="https://segmentfault.com/api/comment/1050000016939547/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">@张京[fengerzh] 同样的问题。。麻烦博主知道什么原因吗?</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000016939547" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/liguottkl">
<strong>liguottkl</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年11月07日</span>
</span>
</div>
</div>
</div>
<div class="reply-item" data-id="1050000017181417">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>我之前遇到了,应该是没有执行<br>ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif<br>ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif<br>ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif</p></div>
<form action="https://segmentfault.com/api/comment/1050000017181417/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">我之前遇到了,应该是没有执行
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000017181417" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/xiaocangshukanshijie">
<strong>小仓鼠看世界</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年11月28日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
<span class="reply-more"><span class="text-muted-plus-plus mr5 ml5">|</span>
<a class="reply-more-btn" href="javascript:;">显示更多</a></span>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016020610">
<div class="pull-left">
<a href="https://segmentfault.com/u/dayou_5b73c926208e4" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016020610" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/dayou_5b73c926208e4">大优</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年08月15日</span>
</div>
<div class="fmt mb10"><p>2018年,启动命令就不要用service slapd start了默认得用systemctl start slapd吧。</p></div>
<form action="https://segmentfault.com/api/comment/1050000016020610/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">2018年,启动命令就不要用service slapd start了默认得用systemctl start slapd吧。</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000016615635">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>用docker吧不用纠结这些le</p></div>
<form action="https://segmentfault.com/api/comment/1050000016615635/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;"> 用docker吧不用纠结这些le </textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000016615635" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/panpanlala">
<strong>panpanlala</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年10月08日</span>
</span>
</div>
</div>
</div>
<div class="reply-item" data-id="1050000016615662">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>docker可以打包所有应用吗我怎么感觉有了docker不需要运维了。</p></div>
<form action="https://segmentfault.com/api/comment/1050000016615662/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">docker可以打包所有应用吗我怎么感觉有了docker不需要运维了。</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000016615662" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/dayou_5b73c926208e4">
<strong>大优</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年10月08日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016483116">
<div class="pull-left">
<a href="https://segmentfault.com/u/12345678_5ba48bce7cd86" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016483116" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/12345678_5ba48bce7cd86">12345678</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年09月21日</span>
</div>
<div class="fmt mb10"><p>有很多东西是可以变通的,<br>在centos7上搭建有slapd.conf这个文件的版本复制出这个文件<br>卸载这个版本,安装最新版本,用这个文件修改配置(需要略做修改),<br>用 slaptest -f slapd.conf -F slapd.d/ 生成最新版本用的配置文件,然后就不用管配置了。<br>最后使用ApacheLdapStudio 做为管理端,进行管理。</p></div>
<form action="https://segmentfault.com/api/comment/1050000016483116/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">有很多东西是可以变通的,
在centos7上搭建有slapd.conf这个文件的版本复制出这个文件
卸载这个版本,安装最新版本,用这个文件修改配置(需要略做修改),
用 slaptest -f slapd.conf -F slapd.d/ 生成最新版本用的配置文件,然后就不用管配置了。
最后使用ApacheLdapStudio 做为管理端,进行管理。</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000016730763">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>ApacheLdapStudio作为管理端有什么文档推荐的吗自己查询了一下感觉都不是很实用</p></div>
<form action="https://segmentfault.com/api/comment/1050000016730763/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">ApacheLdapStudio作为管理端有什么文档推荐的吗自己查询了一下感觉都不是很实用</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000016730763" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/team_jer">
<strong>team_jer</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 2018年10月18日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016620333">
<div class="pull-left">
<a href="https://segmentfault.com/u/panpanlala" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016620333" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/panpanlala">panpanlala</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年10月09日</span>
</div>
<div class="fmt mb10"><p>github openldap使用docker 启动openldap默认会将groupOfUniqueNames添加memberOf支持用户账号使用inetPerson就不用如上那么麻烦的配置了当然前提还是要对openldap有一定的理解边实践边参考文档~</p></div>
<form action="https://segmentfault.com/api/comment/1050000016620333/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">github openldap使用docker 启动openldap默认会将groupOfUniqueNames添加memberOf支持用户账号使用inetPerson就不用如上那么麻烦的配置了当然前提还是要对openldap有一定的理解边实践边参考文档~</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016817847">
<div class="pull-left">
<a href="https://segmentfault.com/u/yj7778826" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016817847" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/yj7778826">yj7778826</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年10月26日</span>
</div>
<div class="fmt mb10"><p>顶上去让更多人看到妈的我也被一堆旧教程坑了半天推荐大家去看ubuntu的官方文档挺全的就是需要啃英文</p></div>
<form action="https://segmentfault.com/api/comment/1050000016817847/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">顶上去让更多人看到妈的我也被一堆旧教程坑了半天推荐大家去看ubuntu的官方文档挺全的就是需要啃英文</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016857873">
<div class="pull-left">
<a href="https://segmentfault.com/u/xingxingzhihuo_5bd8fc12450cd" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016857873" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/xingxingzhihuo_5bd8fc12450cd">星星之火</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年10月31日</span>
</div>
<div class="fmt mb10"><p>是作者的总结,仅此而已。</p></div>
<form action="https://segmentfault.com/api/comment/1050000016857873/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">是作者的总结,仅此而已。</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016907360">
<div class="pull-left">
<a href="https://segmentfault.com/u/huxiaoyi" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/2567634619-5a617b11497ce_big64" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016907360" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/huxiaoyi">胡孝义</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年11月05日</span>
</div>
<div class="fmt mb10"><p>轻松幽默的语言风格,赞一个👍</p></div>
<form action="https://segmentfault.com/api/comment/1050000016907360/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">轻松幽默的语言风格,赞一个👍</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000016978354">
<div class="pull-left">
<a href="https://segmentfault.com/u/lbqq" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000016978354" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/lbqq">LBQQ</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 2018年11月12日</span>
</div>
<div class="fmt mb10"><p>“openladp” 和 “Django+ladp” 这两个有什么区别,到现在也不是很清楚。博主大大可以简单回答下吗= =拜托</p></div>
<form action="https://segmentfault.com/api/comment/1050000016978354/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">“openladp” 和 “Django+ladp” 这两个有什么区别,到现在也不是很清楚。博主大大可以简单回答下吗= =拜托</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000017812902">
<div class="pull-left">
<a href="https://segmentfault.com/u/yuan_5c3474fd3737e" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000017812902" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/yuan_5c3474fd3737e">予安</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 1月8日</span>
</div>
<div class="fmt mb10"><p>老哥啊,我必须要来回复你一下,我按照老哥你的步骤报了很多错误,最后解决了,感谢!老哥的步骤是我在网上看到最正确的了!</p></div>
<form action="https://segmentfault.com/api/comment/1050000017812902/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">老哥啊,我必须要来回复你一下,我按照老哥你的步骤报了很多错误,最后解决了,感谢!老哥的步骤是我在网上看到最正确的了!</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list ">
<div class="reply-item" data-id="1050000017832332">
<span class="pull-left comment-ops " style="position:absolute;">
<span class="mr20 comments-zan ">
<span class="comments-zan-value comment-showhide
islike0-10
">
0
</span>
<i class="fa fa-thumbs-up comment-showhide ml5" aria-hidden="true"></i>
</span>
</span>
<div class="reply-content-block">
<div class="reply-content"><p>在执行时报错ldapadd -Q -Y EXTERNAL -H ldapi:/// -f refint2.ldif数据库改了。你遇到了么</p></div>
<form action="https://segmentfault.com/api/comment/1050000017832332/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">在执行时报错ldapadd -Q -Y EXTERNAL -H ldapi:/// -f refint2.ldif数据库改了。你遇到了么</textarea>
</div>
</form>
<div class="comment-func inline-block">
<span class="pull-right commentTools ml15">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-module="comment" data-id="1050000017832332" data-action="report" data-typetext="评论" data-placement="top" title="举报">
<span class="glyphicon glyphicon-flag" aria-hidden="true"></span>
</a>
</span>
<span class="comment-meta inline-block">
<span></span>
<a target="_blank" href="https://segmentfault.com/u/mikey">
<strong>Mikey</strong>
</a>
<span class="comments-isAuthor hide">
</span>
<span class="text-muted-plus"> · 1月9日</span>
</span>
</div>
</div>
</div>
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000017929096">
<div class="pull-left">
<a href="https://segmentfault.com/u/evan_5c40387bec3e4" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000017929096" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/evan_5c40387bec3e4">evan</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 1月17日</span>
</div>
<div class="fmt mb10"><p>我也是18年五一的时候3天假期就在折腾这玩意。 <br>因被要下架所有的winserver机器花了3天把从AD迁移到OpenLDAP, 对接了内部10多个系统。</p></div>
<form action="https://segmentfault.com/api/comment/1050000017929096/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">我也是18年五一的时候3天假期就在折腾这玩意。
因被要下架所有的winserver机器花了3天把从AD迁移到OpenLDAP, 对接了内部10多个系统。</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
<div class="comments-item" data-id="1050000018031359">
<div class="pull-left">
<a href="https://segmentfault.com/u/t_5838f74d0f334" target="_blank"><img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-64.png" alt=""></a>
</div>
<div class="comments-content">
<div class="comment-trigger">
<div class="pull-right comment-option">
<a href="https://segmentfault.com/a/1190000014683418#911" class="ml10" data-toggle="modal" data-target="#911" data-action="report" data-action-text="举报" data-module="comment" data-id="1050000018031359" data-typetext="评论" data-placement="top" title="举报"><span class="glyphicon glyphicon-flag" aria-hidden="true"></span></a>
</div>
<strong><a target="_blank" href="https://segmentfault.com/u/t_5838f74d0f334">T、</a></strong>
<span class="comments-isAuthor hide"></span>
<span class="comments-date"> · 1月26日</span>
</div>
<div class="fmt mb10"><p>大佬 我的centos7上按照你的文档搞得但是配置了nginx访问不了phpldapadmin呀<br>The page you are looking for is not found.</p></div>
<form action="https://segmentfault.com/api/comment/1050000018031359/edit">
<div class="form-group">
<textarea class="editTextarea mono form-control mb10 hidden" rows="1" name="text" style="height: 28px; overflow: hidden; word-wrap: break-word;">大佬 我的centos7上按照你的文档搞得但是配置了nginx访问不了phpldapadmin呀
The page you are looking for is not found.</textarea>
</div>
</form>
<p class="comment-ops not-reply">
<span class="comments-zan ">
<i class="fa fa-thumbs-up mr4" aria-hidden="true"></i>
<span class="comments-zan-text"></span>
<span class="comments-zan-value"></span>
</span>
<span class="ml15 comments-reply-btn">回复</span>
<span class="pull-right editBtns hidden">
<button class="btn btn-link btn-xs cancel" type="button">取消</button>
<button class="btn btn-primary btn-xs edit ml10" type="button">保存</button>
</span>
</p>
<div class="reply-list reply-list--empty">
<div class="reply-item reply-item--ops" data-obj="obj">
<a class="reply-inner-btn" href="javascript:;">添加回复</a>
</div>
</div>
</div>
</div>
</div>
<div class="comments-loading hide">载入中...</div>
<div class="comments-more hide"><a href="javascript:;">显示更多评论</a></div>
<div class="comments-box" id="goToReplyEditor">
<div class="pull-left">
<img class="avatar-32 " src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/user-128.png" alt="">
</div>
<div class="comments-box-content">
<form action="https://segmentfault.com/api/article/1190000014683418/comments/add">
<div class="form-group mb0">
<textarea name="text" rows="3" class="form-control" placeholder="文明社会,理性评论"></textarea>
<div class="mt15 text-right">
<button type="button" class="hide"></button>
<button class=" btn btn-primary" type="button">发布评论</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div><!-- /.main -->
<div class="col-md-3 side hidden-sm hidden-xs mt30" style="height: 13145px;">
<div class="mb25 hidden-md hidden-sm hidden-xs">
<img src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/20190221.png" alt="Planets" usemap="#gridsMap" width="255" height="136">
<map name="gridsMap" id="gridsMap"></map>
<div style="text-align: center;"><a style="text-align:center; color:#9E9E9E; font-size:12px" href="https://segmentfault.com/sponsor">想在上方展示你的广告?</a></div>
<script async="" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/20190221.js.下载"></script>
</div>
<style>
.job-recommend-area a:not(:last-of-type) {margin-bottom:10px; display: block}
.job-recommend-area a:hover {text-decoration: none;}
</style>
<div class="hidden-md">
<div class="job-recommend">
<h3 class="job-title">推广链接</h3>
<div class="job-recommend-area">
<script type="text/javascript">
OA_show(7);
OA_show(9);
OA_show(10);
OA_show(15);
OA_show(16);
</script>
</div>
</div>
<style>
.job-recommend {margin-bottom: 30px;}
.job-title {
font-size: 14px;
color: #017E66;
font-weight: 500;
background: #BFE6D7;
margin: 0;
padding-top: 6px;
padding-bottom: 6px;
text-align: center;
}
.job-recommend-area {
padding: 13px;
border: 3px solid #EBF7F3;
border-top: none;
}
</style>
</div>
<div class="hidden-md ad-should-be-fixed stuckMenu" style="position: relative; top: 0px; display: block;">
<div class="mb25 block">
<script type="text/javascript">
OA_show(1);
</script>
</div>
</div>
<div class="post-nav hidden-xs side-outline hidden-sm" style="display: block; position: sticky; top: 238px; margin-top: 0px;">
<div class="panel panel-default widget-outline">
<div class="panel-heading">目录</div>
<div class="panel-body">
<div class="nav-body" style="overflow: scroll; top: 0px; height: 457px;">
<div class="highlight-title" style="display: none; top: 0px; height: 27px;"></div>
<ul class="articleIndex"><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader0">架构</a></li><li style="list-style:none;"><ul><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader1">OpenLDAP</a></li><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader2">phpLDAPadmin</a></li><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader3">PWM</a></li><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader4">客户端</a></li><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader5">架构图</a></li></ul></li><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader6">安装</a></li><li style="list-style:none;"><ul><li class=""><a href="https://segmentfault.com/a/1190000014683418#articleHeader7">安装OpenLDAP</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader8">配置OpenLDAP</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader9">添加memberOf模块</a></li><li style="list-style:none;"><ul><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader10">memberof_config.ldif</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader11">refint1.ldif</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader12">refint2.ldif</a></li></ul></li></ul></li><li style="list-style:none;"><ul><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader13">安装phpLDAPadmin</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader14">配置phpLDAPadmin</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader15">使用phpLDAPadmin</a></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader16">配置第三方应用</a></li></ul></li><li><a href="https://segmentfault.com/a/1190000014683418#articleHeader17">结语</a></li></ul>
</div>
</div>
</div>
</div>
</div><!-- /.side -->
</div>
</div>
</div>
<div id="shareToWeiboModal" class="modal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">
<span aria-hidden="true">×</span><span class="sr-only">Close</span>
</button>
<h4 class="modal-title">分享</h4>
</div>
<div class="modal-body">
<p class="sfModal-content">
分享到微博?
</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default dont-likeweibo" data-dismiss="modal">取消</button>
<a href="https://segmentfault.com/a/1190000014683418" id="shareLink" class="btn btn-primary done-btn" target="_blank" onclick="$(&#39;#shareToWeiboModal&#39;).modal(&#39;hide&#39;)">分享</a>
</div>
</div>
</div>
</div>
<div class="modal widget-911" id="911" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button class="close" data-dismiss="modal" type="button">
<span aria-hidden="true">×</span>
<span class="sr-only">Close</span>
</button>
<h4 class="modal-title"><span data-model="action"></span><span data-model="type"></span></h4>
</div>
<div class="modal-body">
<form id="reportForm">
<!-- 后台返回信息 -->
<p class="alert alert-warning" data-model="returnMsg"></p>
<div data-role="base">
<p>
<strong class="required">我要<span data-model="action"></span><span data-model="type"></span>,理由是:</strong>
</p>
<ul class="list-unstyled" data-model="list"></ul>
</div>
</form>
</div>
<div class="modal-footer">
<button class="btn btn-default pull-left" type="button" data-role="back" style="display:none">返回重选</button>
<button class="btn btn-default" data-dismiss="modal" type="button">取消</button>
<button class="btn btn-primary" data-role="submit" type="button">提交</button>
</div>
</div><!-- /.modal-content -->
</div><!-- /.modal-dialog -->
</div><!-- /.modal -->
<div class="modal widget-seo" id="seo" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button class="close" data-dismiss="modal" type="button">
<span aria-hidden="true">×</span>
<span class="sr-only">Close</span>
</button>
<h4 class="modal-title"><span data-model="action"></span><span data-model="type"></span></h4>
</div>
<div class="modal-body">
<form id="seoForm">
<!-- 后台返回信息 -->
<p class="alert alert-warning" data-model="returnMsg" style="display: none;"></p>
<div data-role="base">
<div class="form-group">
<label>SEO标题</label><textarea style="min-height: 35px; width: 100%; max-height: 132px; overflow: hidden; overflow-wrap: break-word; height: 32px;" name="title" class="form-control" rows="1" placeholder="请输入SEO标题"></textarea>
</div>
<div class="form-group">
<label>SEO描述</label><textarea style="min-height: 35px; max-height: 132px; overflow: hidden; overflow-wrap: break-word; height: 32px;" name="desc" class="form-control" rows="1" placeholder="请输入SEO描述"></textarea>
</div>
<div class="form-group">
<label>SEO keywords</label><textarea style="min-height: 35px; max-height: 132px; overflow: hidden; overflow-wrap: break-word; height: 32px;" name="keywords" class="form-control" rows="1" placeholder="请输入SEO keywords"></textarea>
</div>
</div>
</form>
</div>
<div class="modal-footer">
<button class="btn btn-default" data-dismiss="modal" type="button">取消</button>
<button class="btn btn-primary" data-role="submit" type="button">提交</button>
</div>
</div><!-- /.modal-content -->
</div><!-- /.modal-dialog -->
</div><!-- /.modal -->
<div id="loginBanner" class="hidden-sm hidden-xs loginBanner">
<div class="container">
<div class="row">
<div class="col-lg-6 col-md-7">
<h1 class="title">在 SegmentFault学习技能、解决问题</h1>
<p class="desc">每个月,我们帮助 1000 万的开发者解决各种各样的技术问题。并助力他们在技术能力、职业生涯、影响力上获得提升。</p>
</div>
<div class="col-lg-3 col-lg-offset-3 col-md-4 col-md-offset-1">
<form class="register-form clearfix" action="https://segmentfault.com/api/user/phone/register">
<a href="https://segmentfault.com/user/register" class="SFLogin btn btn-lg btn-primary mr15">免费注册</a>
<a href="https://segmentfault.com/user/login" class="SFRegister btn btn-lg btn-primary">立即登录</a>
</form>
</div>
</div>
</div>
</div>
<footer id="footer">
<div class="container">
<div class="row hidden-xs">
<dl class="col-sm-2 site-link">
<dt>产品</dt>
<dd><a href="https://segmentfault.com/questions/hottest?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E7%83%AD%E9%97%A8%E9%97%AE%E7%AD%94">热门问答</a></dd>
<dd><a href="https://segmentfault.com/blogs/hottest?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E7%83%AD%E9%97%A8%E4%B8%93%E6%A0%8F">热门专栏</a></dd>
<dd><a href="https://segmentfault.com/lives?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E7%83%AD%E9%97%A8%E8%AE%B2%E5%A0%82">热门讲堂</a></dd>
<dd><a href="https://segmentfault.com/events?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E6%9C%80%E6%96%B0%E6%B4%BB%E5%8A%A8">最新活动</a></dd>
<dd><a href="https://segmentfault.com/groups?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E5%9C%88%E5%AD%90">圈子</a></dd>
<dd><a href="https://segmentfault.com/jobs?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=%E6%89%BE%E5%B7%A5%E4%BD%9C">找工作</a></dd>
<dd><a href="https://segmentfault.com/app?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=product&amp;utm_content=footer-links-hottest-questions&amp;utm_term=app">移动客户端</a></dd>
</dl>
<dl class="col-sm-2 site-link">
<dt>资源</dt>
<dd><a href="https://segmentfault.com/weekly?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-weekly&amp;utm_term=%E6%AF%8F%E5%91%A8%E7%B2%BE%E9%80%89">每周精选</a></dd>
<dd><a href="https://segmentfault.com/users?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-users&amp;utm_term=%E7%94%A8%E6%88%B7%E6%8E%92%E8%A1%8C%E6%A6%9C">用户排行榜</a></dd>
<dd><a href="https://segmentfault.com/badges?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-badges&amp;utm_term=%E5%BE%BD%E7%AB%A0">徽章</a></dd>
<dd><a href="https://segmentfault.com/faq?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-faq&amp;utm_term=%E5%B8%AE%E5%8A%A9%E4%B8%AD%E5%BF%83">帮助中心</a></dd>
<dd><a href="https://segmentfault.com/repu?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-repu&amp;utm_term=%E5%A3%B0%E6%9C%9B%E4%B8%8E%E6%9D%83%E9%99%90">声望与权限</a></dd>
<dd><a href="https://segmentfault.com/community?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-community&amp;utm_term=%E7%A4%BE%E5%8C%BA%E6%9C%8D%E5%8A%A1%E4%B8%AD%E5%BF%83">社区服务中心</a></dd>
<dd><a href="https://docs.segmentfault.com/?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=resource&amp;utm_content=footer-links-docs&amp;utm_term=%E5%BC%80%E5%8F%91%E6%89%8B%E5%86%8C">开发手册</a></dd>
</dl>
<dl class="col-sm-2 site-link">
<dt>商务</dt>
<dd><a href="https://business.segmentfault.com/services?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-services-rencai&amp;utm_term=%E4%BA%BA%E6%89%8D%E6%9C%8D%E5%8A%A1" target="_blank">人才服务</a></dd>
<dd><a href="https://business.segmentfault.com/services?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-services-qiyeneixun&amp;utm_term=%E4%BC%81%E4%B8%9A%E6%9C%8D%E5%8A%A1" target="_blank">企业培训</a></dd>
<dd><a href="https://business.segmentfault.com/services?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-services-huodongcehua&amp;utm_term=%E6%B4%BB%E5%8A%A8%E7%AD%96%E5%88%92" target="_blank">活动策划</a></dd>
<dd><a href="https://business.segmentfault.com/ads?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-ads&amp;utm_term=%E5%B9%BF%E5%91%8A%E6%8A%95%E6%94%BE" target="_blank">广告投放</a></dd>
<dd><a href="https://business.segmentfault.com/bc?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-bc&amp;utm_term=%E5%8C%BA%E5%9D%97%E9%93%BE%E8%A7%A3%E5%86%B3%E6%96%B9%E6%A1%88" target="_blank">区块链解决方案</a></dd>
<dd><a href="https://business.segmentfault.com/contact?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=business&amp;utm_content=footer-links-contact&amp;utm_term=%E5%90%88%E4%BD%9C%E8%81%94%E7%B3%BB" target="_blank">合作联系</a></dd>
</dl>
<dl class="col-sm-2 site-link">
<dt>关于</dt>
<dd><a href="https://about.segmentfault.com/?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=about&amp;utm_content=about-index&amp;utm_term=%E5%85%B3%E4%BA%8E%E6%88%91%E4%BB%AC">关于我们</a></dd>
<dd><a href="https://about.segmentfault.com/careers.html?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=about&amp;utm_content=about-careers&amp;utm_term=%E5%8A%A0%E5%85%A5%E6%88%91%E4%BB%AC">加入我们</a></dd>
<dd><a href="https://about.segmentfault.com/contact.html?utm_source=sf-footer&amp;utm_medium=footer-nav&amp;utm_campaign=about&amp;utm_content=about-contact&amp;utm_term=%E8%81%94%E7%B3%BB%E6%88%91%E4%BB%AC">联系我们</a></dd>
</dl>
<dl class="col-sm-2 site-link">
<dt>关注</dt>
<dd><a href="https://segmentfault.com/blog/segmentfault" target="_blank">产品技术日志</a></dd>
<dd><a href="https://segmentfault.com/blog/community_admin" target="_blank">社区运营日志</a></dd>
<dd><a href="https://segmentfault.com/blog/segmentfault_news" target="_blank">市场运营日志</a></dd>
<dd><a href="https://segmentfault.com/blog/segmentfault_team" target="_blank">团队日志</a></dd>
<dd><a href="https://segmentfault.com/blog/interview" target="_blank">社区访谈</a></dd>
<dd>
<ul class="sn-inline">
<li>
<a class="entypo-wechart icon-sn-weixin weixin-popover-qrcode" data-toggle="popover" data-placement="top" data-content="" data-original-title="" title="">微信</a>
</li>
<li>
<a href="http://weibo.com/segmentfault" target="_blank" class="entypo-weibo icon-sn-weibo">新浪微博</a>
</li>
<li>
<a href="https://github.com/SegmentFault" target="_blank" class="entypo-facebook icon-sn-github">Github</a>
</li>
<li>
<a href="https://twitter.com/segment_fault" target="_blank" class="entypo-twitter icon-sn-twitter">Twitter</a>
</li>
</ul>
</dd>
</dl>
<dl class="col-sm-2 site-link" id="license">
<dt>条款</dt>
<dd><a href="https://segmentfault.com/tos">服务条款</a></dd>
<dd><a href="https://creativecommons.org/licenses/by-nc-nd/4.0/" target="_blank">内容许可</a></dd>
<dd>
<a href="https://segmentfault.com/app" class="clearfix mt10 block"><img src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/appQrcode.png" class="app-qrcode"></a>
<div class="app-download-desc">
<p>扫一扫下载 App</p>
</div>
</dd>
</dl>
</div>
<div class="copyright">
Copyright © 2011-2019 SegmentFault. 当前呈现版本 17.06.16<br>
<a href="http://www.miibeian.gov.cn/" rel="nofollow">浙ICP备 15005796号-2</a> &nbsp;
<a target="_blank" href="http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=33010602002000" rel="nofollow">浙公网安备 33010602002000号</a>
<span class="ml5">杭州堆栈科技有限公司版权所有</span>
<p class="mt30">CDN 存储服务由 <a target="_blank" href="https://www.upyun.com/?utm_source=segmentfault&amp;utm_medium=link&amp;utm_campaign=upyun&amp;md=segmentfault">又拍云</a> 赞助提供 </p>
</div>
<p class="text-center">
<a class="js__view--selector hidden-sm hidden-md hidden-lg" data-action="mobile" href="javascript:;">移动版</a>
<a class="js__view--selector hidden-sm hidden-md hidden-lg" data-action="desktop" href="javascript:;">桌面版</a>
</p>
</div>
</footer>
<div id="fixedTools" class="hidden-xs hidden-sm">
<a id="backtop" class="border-bottom hidden" href="https://segmentfault.com/a/1190000014683418#">回顶部</a>
</div>
<script id="loginModal" type="text/template">
<div class="row bg-white login-modal">
<div class="col-md-12 login-wrap">
<form action="/api/user/login" method="POST" role="form" class="mt15">
<div class="form-group hidden">
<input type="text" class="form-control" name="remember" value="1"
autocomplete="off">
</div>
<div class="form-group">
<label for="username" class="control-label">手机号 Email</label>
<input type="text" class="form-control" name="username" tabindex="1" required placeholder="11 位手机号 或 Email"
autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">密码</label><span class="pull-right"><a
href="/user/forgot" tabindex="4">忘记密码</a></span>
<input type="password" class="form-control" name="password" tabindex="2" required placeholder="请输入密码">
</div>
<div class="form-group">
<a
href="/user/phoneLogin"
class="phoneLogin"
>手机验证码登录</a>
</div>
<div class="form-group clearfix">
<button type="submit" class="btn-block btn btn-primary pull-right pl20 pr20" tabindex="3"
onclick='ga("send", "event", "email login button", "clicked", "login modal");'>登录
</button>
</div>
</form>
<div class="text-muted text-center more-login-area">
<span class="more-login-words">更多登录方式</span>
</div>
<div class="widget-login mb15 text-center">
<a href="/user/oauth/google" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "google"});'><span
class="icon-sn-google"></span></a>
<a href="/user/oauth/github" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "github"});");'><span
class="icon-sn-github"></span></a>
<a href="/user/oauth/weibo" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "weibo"});'><span
class="icon-sn-weibo"></span></a>
<a href="/user/oauth/qq" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-qq"></span></a>
<a href="/user/oauth/weixin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-weixin"></span></a>
<a href="/user/oauth/linkedin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "linkedin"});'><span
class="icon-sn-linkedin"></span></a>
<span id="loginShowMore" style="cursor: pointer" class="mb5"><span class="icon-sn-dotted"></span></span>
<a href="/user/oauth/twitter" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "twitter"});'><span
class="icon-sn-twitter"></span></a>
<a href="/user/oauth/facebook" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "facebook"});'><span
class="icon-sn-facebook"></span></a>
<a href="/user/oauth/douban" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "douban"});'><span
class="icon-sn-douban"></span></a>
</div>
<div class="form-group clearfix">
<a class="btn-block btn btn-default pull-right pl20 pr20
SFLogin
"
onclick='ga("send", "event", "email login button", "clicked", "login modal");'>
注册新账号
</a>
</div>
<p class="text-muted text-center mb15">登录即表示你同意网站的<a href="/tos" target="_blank">服务条款</a></p> </div>
</div>
</script>
<script id="registerModal" type="text/template">
<div class="row bg-white login-modal">
<div class="col-md-12 login-wrap">
<form action="/api/user/register" method="POST" role="form" class="mt15">
<div class="form-group">
<label for="name" class="control-label">你的名字</label>
<input type="text" class="form-control" name="name" required placeholder="真实姓名或常用昵称">
</div>
<div class="form-group">
<label for="mail" class="control-label">手机号 Email</label>
<input type="text" class="form-control" id="login-name" name="mail" required placeholder="11 位手机号 或 Email">
</div>
<input type="text" class="hidden" name="register_type" value="mail">
<div class="form-group">
<div class="captchaInput mb10">
<input type="text" class="form-control" name="cap" placeholder="右侧的验证码" style="width:50%; display: inline; margin-right: 15px;">
<span class="mt10">
<a id="loginReloadCaptcha" href="javascript:void(0)">
<img src="/user/captcha?w=135&h=34" class="cap" width="135" height="34"/></a>
</span>
</div>
</div>
<div class="form-group">
<div class="phone-register-only hidden">
<div class="input-group">
<input name="code" type="text" class="form-control js-user-login__phone-code-value" placeholder="短信验证码">
<span class="input-group-btn">
<button class="btn btn-default js-user-login__phone-vaild-btn" style="width:96px;" type="button">
获取验证码</button>
</span>
</div>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label">密码</label>
<input type="password" class="form-control" name="password" required placeholder="不少于 6 位的密码">
</div>
<div class="form-group clearfix">
<button type="submit" class="btn-block btn btn-primary pl20 pr20 pull-right"
onclick='ga("send", "event", "email register button", "clicked", "login modal");'>注册
</button>
</div>
<div class="text-muted text-center more-login-area">
<span class="more-login-words">更多登录方式</span>
</div>
<div class="widget-login mb15 text-center">
<a href="/user/oauth/google" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "google"});'><span
class="icon-sn-google"></span></a>
<a href="/user/oauth/github" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "github"});");'><span
class="icon-sn-github"></span></a>
<a href="/user/oauth/weibo" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "weibo"});'><span
class="icon-sn-weibo"></span></a>
<a href="/user/oauth/qq" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-qq"></span></a>
<a href="/user/oauth/weixin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-weixin"></span></a>
<a href="/user/oauth/linkedin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "linkedin"});'><span
class="icon-sn-linkedin"></span></a>
<span id="loginShowMore" style="cursor: pointer" class="mb5"><span class="icon-sn-dotted"></span></span>
<a href="/user/oauth/twitter" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "twitter"});'><span
class="icon-sn-twitter"></span></a>
<a href="/user/oauth/facebook" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "facebook"});'><span
class="icon-sn-facebook"></span></a>
<a href="/user/oauth/douban" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "douban"});'><span
class="icon-sn-douban"></span></a>
</div>
<div class="form-group clearfix">
<a class="btn-block btn btn-default pull-right pl20 pr20
SFRegister
"
onclick='ga("send", "event", "email login button", "clicked", "login modal");'>
已有账号登录
</a>
</div>
<p class="text-muted text-center mb15">登录即表示你同意网站的<a href="/tos" target="_blank">服务条款</a></p> </form>
</div>
</div>
</script>
<script id="phoneLoginModal" type="text/template">
<div class="row bg-white login-modal phonelogin-modal">
<div class="col-md-12 login-wrap">
<form action="/api/user/phonelogin" method="POST" role="form" class="mt15">
<div class="form-group">
<label for="phone" class="control-label required">手机号</label>
<input type="text" class="form-control phonelogin--phone" name="phone" tabindex="1" required placeholder="11 位手机号"
autocomplete="off">
<span class="help-block"></span>
</div>
<div class="form-group">
<label for="authCode" class="control-label required">验证码</label>
<div class="input-group">
<input type="text" class="form-control bindphone--code" name="authCode" placeholder="短信验证码">
<span class="input-group-btn">
<button class="btn btn-default user-bind__phone-vaild-btn" type="button">获取验证码</button>
</span>
</div>
<div class="col-sm-3"></div>
</div>
<div class="form-group">
<a
href="/user/login"
class="SFRegister"
>密码登录手机号或 Email</a>
</div>
<div class="form-group clearfix">
<button type="submit" class="btn-block btn btn-primary pull-right pl20 pr20" tabindex="3"
onclick='ga("send", "event", "email login button", "clicked", "login modal");'>登录
</button>
</div>
</form>
<div class="text-muted text-center more-login-area">
<span class="more-login-words">更多登录方式</span>
</div>
<div class="widget-login mb15 text-center">
<a href="/user/oauth/google" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "google"});'><span
class="icon-sn-google"></span></a>
<a href="/user/oauth/github" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "github"});");'><span
class="icon-sn-github"></span></a>
<a href="/user/oauth/weibo" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "weibo"});'><span
class="icon-sn-weibo"></span></a>
<a href="/user/oauth/qq" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-qq"></span></a>
<a href="/user/oauth/weixin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "qq"});'><span
class="icon-sn-weixin"></span></a>
<a href="/user/oauth/linkedin" class=""
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "linkedin"});'><span
class="icon-sn-linkedin"></span></a>
<span id="loginShowMore" style="cursor: pointer" class="mb5"><span class="icon-sn-dotted"></span></span>
<a href="/user/oauth/twitter" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "twitter"});'><span
class="icon-sn-twitter"></span></a>
<a href="/user/oauth/facebook" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "facebook"});'><span
class="icon-sn-facebook"></span></a>
<a href="/user/oauth/douban" class=" hidden"
onclick='ga("send", "event", "3rd login button", "clicked", "login modal", {media: "douban"});'><span
class="icon-sn-douban"></span></a>
</div>
<div class="form-group clearfix">
<a class="btn-block btn btn-default pull-right pl20 pr20
SFLogin
"
onclick='ga("send", "event", "email login button", "clicked", "login modal");'>
注册新账号
</a>
</div>
<p class="text-muted text-center mb15">登录即表示你同意网站的<a href="/tos" target="_blank">服务条款</a></p> </div>
</div>
</script>
<script id="bindPhoneModal" type="text/template">
<div class="bg-white bindphone-model">
<div class="alert alert-warning" role="alert">
为了保证账号安全请先绑定手机
</div>
<div>
<form class="form-horizontal form__bindphone-apply" style="background-color:#fff;padding:0;">
<div class="form-group ">
<label for="phoneNumber" class="col-sm-3 control-label required" >手机号码</label>
<div class="col-sm-6">
<input type="text" class="form-control bindphone--phone" id="phoneNumber" name="phone" placeholder="仅只支持大陆手机号">
</div>
<div class="col-sm-3"></div>
</div>
<div class="form-group">
<label for="authCode" class="col-sm-3 control-label required">验证码</label>
<div class="col-sm-6">
<div class="input-group">
<input type="text" class="form-control bindphone--code" name="code" placeholder="短信验证码">
<span class="input-group-btn">
<button class="btn btn-default user-bind__phone-vaild-btn" type="button">获取验证码</button>
</span>
</div>
</div>
<div class="col-sm-3"></div>
</div>
</form>
</div>
</div>
</script>
<script>
window.serverTime = 1550739621000;
</script>
<script>
(function (w) {
w.SF = {
staticUrl: "https://cdn.segmentfault.com/v-5c4ec07f"
};
w.SF.token = (function () {
var _p7urwQm = '61'//'anz'
+//'2Iy'
'b'+/* 'kf8'//'kf8' */''+//'qHr'
'67c'+//'T6a'
'fb'+//'kJ'
'9'+//'mo'
'mo'+'20'//'ItN'
+'009'//'3'
+//'ro6'
'5'+''///*'UN'*/'UN'
+//'YEY'
'9'+//'Q'
'1b'+'cd4'//'JJE'
+//'7'
'7e'+'77d'//'C'
+'e'//'N'
+//'y8'
'7'+''///*'Fnf'*/'Fnf'
+'9'//'mB'
+//'0g'
'931', _i1PQfNa = [[9,11]];
for (var i = 0; i < _i1PQfNa.length; i ++) {
_p7urwQm = _p7urwQm.substring(0, _i1PQfNa[i][0]) + _p7urwQm.substring(_i1PQfNa[i][1]);
}
return _p7urwQm;
})();;
})(window);
var lock = {
type: "",
text: '',
table: {"ban_post":[1,"\u4f60\u5df2\u7ecf\u88ab\u7981\u8a00, \u65e0\u6cd5\u8fdb\u884c\u6b64\u64cd\u4f5c, \u5982\u6709\u7591\u4e49\u8bf7\u63d0\u4ea4\u7533\u8bc9, \u6216\u8005\u53d1\u90ae\u4ef6\u5230pr@segmentfault.com"]}
};
var ddosMode = false;
(function (currentUrl) {
if (typeof URL != 'undefined') {
var baseUrl = new URL('https://segmentfault.com');
if (baseUrl.protocol != currentUrl.protocol
|| baseUrl.host != currentUrl.host) {
window.location.href = baseUrl.protocol + '//' + baseUrl.host
+ currentUrl.pathname + currentUrl.search + currentUrl.hash;
}
}
})(window.location);
</script>
<script crossorigin="" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/assets.js.下载"></script>
<script crossorigin="" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/post.min.js.下载"></script>
<script>
if (!!navigator.userAgent.match(/MicroMessenger/i)) {
require.config({
paths: { weixin_jsapi: '//res.wx.qq.com/open/js/jweixin-1.2.0' }
});
require(['weixin_jsapi'], function (wx) {
var share = {"title":"\u6211\u82b1\u4e86\u4e00\u4e2a\u4e94\u4e00\u7ec8\u4e8e\u641e\u61c2\u4e86OpenLDAP","desc":"\u8f7b\u578b\u76ee\u5f55\u8bbf\u95ee\u534f\u8bae\uff08\u82f1\u6587\uff1aLightweight Directory Access Protocol\uff0c\u7f29\u5199\uff1aLDAP\uff09\u662f\u4e00\u4e2a\u5f00\u653e\u7684\uff0c\u4e2d\u7acb\u7684\uff0c\u5de5\u4e1a\u6807\u51c6\u7684\u5e94\u7528\u534f\u8bae\uff0c\u901a\u8fc7IP\u534f\u8bae\u63d0\u4f9b\u8bbf\u95ee\u63a7\u5236\u548c\u7ef4\u62a4\u5206\u5e03\u5f0f\u4fe1\u606f\u7684\u76ee\u5f55\u4fe1\u606f\u3002OpenLDAP\u662f\u8f7b\u578b\u76ee\u5f55\u8bbf\u95ee\u534f\u8bae\uff08Li...","link":"https:\/\/segmentfault.com\/a\/1190000014683418","imgUrl":"https:\/\/segmentfault.com\/img\/bV9YDb?w=1278&amp;h=869"};
share.title += ' - SegmentFault 思否';
$.getJSON('/api/util/weixin/jsapi', function (o) {
methods = o.data.jsApiList.slice();
wx.config(o.data);
wx.error(console.error);
wx.ready(function () {
methods.forEach(function (method) {
wx[method](share);
});
});
});
});
}
</script>
<script src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/ads.min.js.下载" type="text/javascript"></script>
<script>
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-918487-8']);
_gaq.push(['_trackPageview']);
(function (i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r;
i[r] = i[r] || function () {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date();
a = s.createElement(o),
m = s.getElementsByTagName(o)[0];
a.async = 1;
a.src = g;
m.parentNode.insertBefore(a, m)
})(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-918487-8', 'auto', {
'userID'
: 0,
'createdTime'
: 0,
'now'
: 1550739621,
'allowLinker'
: true });
ga('require', 'linker');
ga('linker:autoLink', ['docs.segmentfault.com'] );
ga('set', 'dimension1', 'guest');
ga('send', 'pageview');
if(document.getElementById('UGTKzPZbRoOS')){
UGTKzPZbRoOS='No';
} else {
UGTKzPZbRoOS='Yes';
}
if(typeof ga !=='undefined'){
ga('send','event','Blocking Ads',UGTKzPZbRoOS,{'nonInteraction':1});
} else if(typeof _gaq !=='undefined'){
_gaq.push(['_trackEvent','Blocking Ads',UGTKzPZbRoOS,undefined,undefined,true]);
}
</script>
<script>
var _hmt = _hmt || [];
(function () {
var hm = document.createElement("script");
hm.src = "//hm.baidu.com/hm.js?e23800c454aa573c0ccb16b52665ac26";
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(hm, s);
})();
</script>
<iframe id="p_analyse_iframe" src="./我花了一个五一终于搞懂了OpenLDAP - 日新亭 - SegmentFault 思否_files/saved_resource.html" style="display: none;"></iframe><div id="atwho-container"><div id="atwho-ground-3ac4d4241550739620796"><div class="atwho-view" id="at-view-64"><ul class="atwho-view-ul"></ul></div></div></div></body></html>
Reference in a new issue View git blame Copy permalink