Difference between revisions of "OpenLDAP Client"

From Dogtag
Jump to: navigation, search
m (See Also)
m (See Also)
(One intermediate revision by the same user not shown)
Line 52: Line 52:
 
* [https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system-level_authentication_guide/openldap RHEL - OpenLDAP]
 
* [https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system-level_authentication_guide/openldap RHEL - OpenLDAP]
 
* [https://fedoraproject.org/wiki/OpenLDAP-and-MozNSS-Compatibility-Layer OpenLDAP and MozNSS Compatibility Layer]
 
* [https://fedoraproject.org/wiki/OpenLDAP-and-MozNSS-Compatibility-Layer OpenLDAP and MozNSS Compatibility Layer]
 +
* [https://github.com/openshift/openldap OpenLDAP for OpenShift]
 +
* [https://medium.com/ibm-garage/how-to-host-and-deploy-an-openldap-sever-in-openshift-affab06a4365 How to host and deploy an OpenLDAP sever in OpenShift]

Revision as of 02:40, 2 August 2020

Installation

$ dnf install openldap-clients

CA Certificate Directory

Store CA certificates in a directory, then execute the following command:

$ openssl rehash <dir>

Environment Variables

  • LDAP_BASEDN: default base DN for ldapsearch
  • LDAPTLS_CACERT: <CA certificate file>
  • LDAPTLS_CERT: <client certificate file>
  • LDAPTLS_KEY: <client key file>
  • LDAPTLS_CACERTDIR: <NSS database>

ldap.conf Parameters

  • TLS_CERT: <nickname>
  • TLS_KEY: [<token>:]<password>
  • TLS_CACERTDIR: <NSS database>

Authentication

Basic Authentication

$ <command> -x -D "cn=Directory Manager" -w Secret.123 ...

LDAPI

$ <command> -H <URL> -Y EXTERNAL

Searching LDAP Entries

$ ldapsearch -x -D "cn=Directory Manager" -w Secret.123 -b "dc=example,dc=com" -s base "(objectClass=*)"

See Also