openldap詳細說明，mysql轉openldap_用mysql作openldap的后臺數據庫

Setting up OpenLDAP with MySQL backend 用mysql作后臺數據庫安裝openldap author: TBONIUS OpenLDAP is an X.500 Lightweight Directory Access Server used for centralized authentication and directory lookups. This article covers configuring this

Setting up OpenLDAP with MySQL backend

openldap詳細說明？用mysql作后臺數據庫安裝openldap

author: TBONIUS

OpenLDAP is an X.500 Lightweight Directory Access Server used for

centralized authentication and directory lookups. This article covers configuring this service to utilize SQL services in order to store its data object. Having these objects stored in a SQL database allow for third party applications access to manage these objects.

openldap是一個基于x.500協議用來集中認證和目錄搜索的級目錄訪問服務器。這篇文章包含的內容是：利用sql服務來配置這個服務器 ，用來保存對象和數據。允許第三方應用訪問、管理這些保存在SQL數據庫里的對象。

同步ldap到MySQL。Ports that are needed:

需要的ports有：

MySQL 4.x server : /usr/ports/databases/mysql41-server

MySQL 4.x client : /usr/ports/databases/mysql41-client

LibIODBC 3.x : /usr/ports/databases/libiodbc

dbeaver連接oracle數據庫，MyODBC 3.x : /usr/ports/databases/myodbc

OpenLDAP 2.x : /usr/ports/databases/openldap21-server WITH_ODBC="YES"

Configuring the MySQL server

配置mysql服務器

OpenLDAP has the option to use many different kinds of databases, in this case we will use MySQL. The first step in setting this up is to create a MySQL database for which OpenLDAP will use.

mysql高可用方案？openldap可選很多不同種類的數據庫。在這種情況下，我將使用mysql。要完成這個任務的第一步是建立一個openldap將要使用的mysql數據庫

root@host # mysqladmin create ldap

Next we will create a MySQL account that OpenLDAP will use for our newly created ldap database

下面我將建立一個openldap會用的mysql帳號,對應我們新建立的ldap數據庫。

root@host # mysql

MySQL導入數據庫。Welcome to the MySQL monitor. Commands end with ; or g.

Your MySQL connection id is 10 to server version: 4.0.18

Type 'help;' or 'h' for help. Type 'c' to clear the buffer.

mysql>;grant all privileges on ldap.* to 'ldap'@'localhost'

->;identified by 'password' with grant option;

PolarDB MySQL？Query OK, 0 rows affected (0.13 sec)

We of course want to substitute 'password' with the actual password we wish to use for this particular user account

對特定的用戶帳號，我們當然想用我們真正想用的密碼替換'password'。

Configuring LibIODBC to use the MyODBC driver

配置LibODBC使用MyODBC驅動。

Quite simply we need to edit two file here to get LibODBC to use the MyODBC driver in accessing the MySQL server.

事實上我們只需要簡單得修改這里的兩個文件就可讓LibODBC使用MyODBC驅動來訪問MySQL服務器。

Take a look at the /usr/local/etc/libiodbc/odbcinst.ini file and make the following changes

看看這個文件/usr/local/etc/libiodbc/odbcinst.ini并修改內容：

[ODBC Drivers]

MySQL = Installed

[MySQL]

Description=ODBC for MySQL

Driver=/usr/local/lib/libmyodbc3.so

Take a look at the /usr/local/etc/libiodbc/odbc.ini and make the following changes

看看這個文件/usr/local/etc/libiodbc/odbc.ini并作如下修改：

[ODBC Data Sources]

ldap = MySQL LDAP DSN

[ldap]

Driver = /usr/local/lib/libmyodbc3.so

Description = OpenLDAP Database

Host = localhost

ServerType = MySQL

Port = 3306

FetchBufferSize = 99

User = ldap

Password = password

Database = ldap

ReadOnly = no

Socket = /tmp/mysql.sock

[ODBC]

InstallDir=/usr/local/lib

Again, substitute password for the actual password we created for the ldap user of the MySQL database.

再次，為我們在mysql數據庫建立的ldap用戶的密碼。

We can test our current configuration before installing and configuring OpenLDAP. LibIODBC provides a test utility to check DSN configurations.

在安裝配置openldap以前，，我們可以測試我們當前的配置。LibIODBC提供了檢測DSN配置的測試工具。

Note from darxpryte: Upon following this tutorial I've found that iodbctest was not built automatically. This may be fixed later but if you find this to be the case you'll need to do the following:

darxpryte提示：在這篇指南的下面，我發現iodbctest沒有自動建立，以后或許會修正這個問題，不過如果你需要如此的話，按照修面的操作：

cd /usr/ports/databases/libiodbc/

make extract

cd work/libiodbc-3.52.2/samples

make install

This will install iodbctest into /usr/local/bin/

這將把iodbctest安裝到/usr/local/bin/

Once you install iodbctest, you can do the following to test your connection:

一旦你安裝了iodbctest，你就可以安裝下面的方法來測試你的連接：

root@host # iodbctest

iODBC Demonstration program

This program shows an interactive SQL processor

Driver Manager: 03.51.0001.0908

Enter ODBC connect string (? shows list): ?

DSN | Description

---------------------------------------------------------------

ldap | MySQL LDAP DSN

Enter ODBC connect string (? shows list):DSN=ldap

Driver: 03.51.06

SQL>;show tables;

Tables_in_ldap

---------------------

authors_docs

documents

institutes

ldap_attr_mappings

ldap_entries

ldap_entry_objclasses

ldap_oc_mappings

ldap_referrals

persons

phones

result set 1 returned 10 rows.

This shows us that the DSN is configured correctly for LibIODBC to use the MyODBC driver in order to connect to our ldap database we set up on our MySQL Server

這表示，DSN已經為LibIODBC配置好使用MyODBC驅動，好用來連接到我們在mysql服務器上安裝的ldap數據庫。

If you have problems displaying the DSN names defined in the odbc.ini file via the test program, try exporting the following shell environmental variable:

如果你通過測試程序時有問題(顯示定義在odbc.ini里面的DSN名字)，嘗試輸入下面的shell環境變量：

For csh or tcsh:

對于csh或者tcsh:

setenv ODBCINI /usr/local/etc/libiodbc/odbc.ini

For sh or bash:

對于sh或者bash:

export ODBCINI=/usr/local/etc/libiodbc/odbc.ini

Configuring OpenLDAP to use MySQL

配置openldap使用mysql

During the build of OpenLDAP, we need to pass the WITH_ODBC="YES" option so that the server build the appropriate SQL configurations

在編譯openldap的時候，我們需要跳過　WITH_ODBC="YES"選項，這樣，服務器編譯專用的sql配置。

After the make install process, we will copy over the slapd.conf file that is configured to use a SQL backend. This file is buried under the OpenLDAP ports directory in the following path:

在安裝過程完畢后，我們將復制使用SQL作后臺的slapd.conf文件，這個文件在openldap的ports目錄的下面的路徑中生成：

work/openldap-2.1.30/servers/slapd/back-sql/rdbms_depend/mysql

Change to this directory, from the ports directory of OpenLDAP, and copy the configuration file over

>; cp slapd.conf /usr/local/etc/openldap

Then we can import the back SQL file from this directory into our running MySQL server database

root@host # mysql < backsql_create.sql ldap

root@host # mysql < testdb_create.sql ldap

Optionally we can import the testdb_data and testdb_metadata files into the database so that we can have example data with which to work