#----------------------------------------------------------------------------- #Tulisan kecil ini berisi dokumentasi dari proses yang pernah dilakukan #oleh Penulis ketika Menginstal LDAP versi openldap-2.1.12 yang menggunakan #Database Backend Barkeley DB versi db-4.1.25. #Written by Henry Saptono # Email :henry@nurulfikri.com #------------------------------------------------------------------------------ 1. APLIKASI YANG DIBUTUHKAN: ---------------------------- - Database Backend ,Barkeley DB versi db-4.1.25.tar.gz - LDAP Aplikasi , OpenLDAP versi openldap-2.1.12.tar.gz 2. INSTALASI: ------------- A. Instalasi db-4.1.25.tar.gz: A.1. Ekstrak terlebih dahulu source db-4.1.25.tar.gz sebaiknya di direktori "/usr/local/src" #cd /usr/local/src #tar -xzvf db-4.1.25.tar.gz #cd db-4.1.25 A.2. Kompilasi Dan Instalasi Untuk UNIX system Lakukan sbb: #cd build_unix #../dist/configure catatan: Pada saat mengeksekusi command "../dist/configure" maka nantinya Berkeley DB akan diinstall pada default prefix yaitu di "/usr/local/BerkeleyDB.4.1" Kompilasi dan install proses: #make #make install B. Instalasi openldap-2.1.12.tar.gz B.1. Ekstrak terlebih dahulu openldap-2.1.12.tar.gz sebaiknya di direktori "/usr/local/src" #cd /usr/local/src #tar -xzvf openldap-2.1.12.tar.gz #cd openldap-2.1.12 B.2. Sebaiknya bacalah terlebih dahulu file README dan INSTALASI B.3. Kompilasi Dan Instalasi Karena pada saat melakukan instalasi Database Backend Barkeley DB di direktori "/usr/local/BerkeleyDB.4.1" maka harus di daftarkan terlebih dahulu path library BerkeleyDB.4.1 ke file "/etc/ld.so.conf" sbb: Contoh isi File "/etc/ld.so.conf" : /usr/kerberos/lib /usr/X11R6/lib /usr/lib/qt-2.3.1/lib /usr/lib/sane /usr/lib/qt-1.45/lib /usr/lib/mysql /usr/local/BerkeleyDB.4.1/lib Lalu jalankan perintah berikut: #ldconfig hal ini bertujauan agar pada saat kompilasi atau instalasi maka library Barkeley DB (db-4.so) dapat ditemukan. Selanjutnya barulah lakukan Konfigurasi dan kompilasi,serta instalasi: #./configure Jika perintah diatas tidak berhasil maka lakukan sbb: #CC=gcc CPPFLAGS=-I/usr/local/BerkeleyDB.4.1/include LDFLAGS=-L/usr/local/BerkeleyDB.4.1/lib ./configure catatan: CC , CPPFLAGS, dan LDFLAGS adalah environment variable yang diperlukan agar prose kompilasi dan instalasi berhasil. Lalu Lakukanlah proses kompilasi dan instalasi #make depend #make #make test (jika tidak dilakukan tidak mengapa) #make install 3. MEMBANGUN DATABASE LDAP: --------------------------- A. Melakukan konfigurasi LDAP server: A.1. Mendefinisikan databse baru, Edit file /usr/local/etc/openldap/slapd.conf contoh: #Contoh isi File slapd.conf #---------------------------------------------------------------------- include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema pidfile /usr/local/var/slapd.pid argsfile /usr/local/var/slapd.args ####################################################################### # ldbm database definitions ####################################################################### database bdb suffix "o=Henry Telco,c=ID" rootdn "cn=Manager,o=Henry Telco,c=ID" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd/tools. Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq #For compatibility protocol version 3 with addresbook client such as:netscape,outlook with protocol versi 2 allow bind_v2 access to * by dn="cn=Manager,o=Henry Telco,c=ID" write by * read #-------------------------------------END OF FILE-----------------------------------# A.2. Mengaktifkan Standalone LDAP Server #/usr/local/libexec/slapd jika ingin perintah diatas dieksekusi pada saat booting maka tambahkanlah perintah ts ke file /etc/rc.local sbb: #echo "/usr/local/libexec/slapd" >> /etc/rc.local B. Mengadministrasi LDAP Server: B.1. Mendefinisikan Root Hirarki database LDAP sbb: Buatlah File ldif sebaiknya(kenyamanan penulis saja) di direktori /usr/local/etc/openldap/ldif. #mkdir /usr/local/etc/openldap/ldif #touch /usr/local/etc/openldap/ldif/root.ldif Lalu editlah file /usr/local/etc/openldap/ldif/root.ldif sehingga berisi sbb: dn: o=Henry Telco,c=ID o : Henry Telco objectClass: top objectclass: organization Selanjutnya Tambahkan entry ini kedalam ladp server sbb: # ldapadd -x -D "cn=Manager, o=Henry Telco,c=ID" -f /usr/local/etc/openldap/ldif/root.ldif -w secret B.2. Menambah entry kedalam LDAP server B.2.1. Mendefinisikan sub organisasi: #touch /usr/local/etc/openldap/ldif/sub.ldif Lalu editlah file /usr/local/etc/openldap/ldif/sub.ldif sehingga berisi sbb: dn: ou=it,o=Henry Telco,c=ID ou: it objectClass: top objectClass: organizationalUnit description: Sub Organisasi Henry Telco Ltd Selanjutnya Tambahkan entry ini kedalam ladp server sbb: # ldapadd -x -D "cn=Manager, o=Henry Telco,c=ID" -f /usr/local/etc/openldap/ldif/sub.ldif -w secret B.2.2. Menambahkan Entry user: #touch /usr/local/etc/openldap/ldif/person.ldif Lalu editlah file /usr/local/etc/openldap/ldif/person.ldif sehingga berisi sbb: dn: cn=henry,ou=it,o=Henry Telco,c=ID cn: Henry Saptono objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson mail: henry@openware.or.id sn: Henry Saptono dn: cn=utari,ou=it,o=Henry Telco,c=ID cn: Pipiet Utari objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson mail: utari@openware.or.id sn: Pipiet Utari Selanjutnya Tambahkan entry ini kedalam ladp server sbb: # ldapadd -x -D "cn=Manager, o=Henry Telco,c=ID" -f /usr/local/etc/openldap/ldif/person.ldif -w secret B.2.3. Menampilkan/mencari Entry LDAP server: #ldapsearch -x -b "o=Henry Telco,c=ID" Outputnya: ---------- # extended LDIF # # LDAPv3 # base with scope sub # filter: (objectclass=*) # requesting: ALL # # Henry Telco, ID dn: o=Henry Telco,c=ID o:: SGVucnkgVGVsY28g objectClass: top objectClass: organization # it, Henry Telco, ID dn: ou=it,o=Henry Telco,c=ID ou: it objectClass: top objectClass: organizationalUnit description: Sub Organisasi Henry Telco Ltd # henry, it, Henry Telco, ID dn: cn=henry,ou=it,o=Henry Telco,c=ID cn: Henry Saptono objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson mail: henry@openware.or.id sn: Henry Saptono # utari, it, Henry Telco, ID dn: cn=utari,ou=it,o=Henry Telco,c=ID cn: Pipiet Utari objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson mail: utari@openware.or.id sn: Pipiet Utari # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 4 4. Menggunakan Netscape 4.7x email client Dengan ldap server: -------------------------------------------------------------- Open the Address Book: "Communicator" + "Address Book" Enter Directory Info: "File" + "New Directory..." Description: Ldap Demo LDAP Server: 192.168.1.191 or ldap.henry-telco.com Using the IP address reduces the number of errors because of the reduced network latency. Server Root: o=Henry Telco,c=ID Port Number: 389 Press "OK" (Not secure and no login) Close the Address Book: "File" + "Close" Open e-mail client: "Communicator" + "Messenger" Open Composer ("File" + "New" + "Message"): Select "New Msg" icon. Open the Address Selection Box: Select the icon "Address" Populate Address List with e-mail addresses from LDAP server: Select from the "Directory" pull down menu "Ldap Demo" Show names containing: Henry (Don't press enter. Just wait or enter "Tab") Select address to send e-mail to. Of course this is a demo and the e-mail addresses are bogus but I think you get the point. Tips: To select all those with email addresses out of a database where not all entries have them, search on "@".