Difference between revisions of "OpenLDAP Client"

From Dogtag
Jump to: navigation, search
m (See Also)
m (See Also)
Line 53: Line 53:
 
* [https://fedoraproject.org/wiki/OpenLDAP-and-MozNSS-Compatibility-Layer OpenLDAP and MozNSS Compatibility Layer]
 
* [https://fedoraproject.org/wiki/OpenLDAP-and-MozNSS-Compatibility-Layer OpenLDAP and MozNSS Compatibility Layer]
 
* [https://github.com/openshift/openldap OpenLDAP for OpenShift]
 
* [https://github.com/openshift/openldap OpenLDAP for OpenShift]
 +
* [https://medium.com/ibm-garage/how-to-host-and-deploy-an-openldap-sever-in-openshift-affab06a4365 How to host and deploy an OpenLDAP sever in OpenShift]

Revision as of 02:40, 2 August 2020

Installation

$ dnf install openldap-clients

CA Certificate Directory

Store CA certificates in a directory, then execute the following command:

$ openssl rehash <dir>

Environment Variables

  • LDAP_BASEDN: default base DN for ldapsearch
  • LDAPTLS_CACERT: <CA certificate file>
  • LDAPTLS_CERT: <client certificate file>
  • LDAPTLS_KEY: <client key file>
  • LDAPTLS_CACERTDIR: <NSS database>

ldap.conf Parameters

  • TLS_CERT: <nickname>
  • TLS_KEY: [<token>:]<password>
  • TLS_CACERTDIR: <NSS database>

Authentication

Basic Authentication

$ <command> -x -D "cn=Directory Manager" -w Secret.123 ...

LDAPI

$ <command> -H <URL> -Y EXTERNAL

Searching LDAP Entries

$ ldapsearch -x -D "cn=Directory Manager" -w Secret.123 -b "dc=example,dc=com" -s base "(objectClass=*)"

See Also