{{tag>[LDAP]}}

====== OpenLDAP (SLAPD) ======

===== Installation =====

++++ RHEL |
<konsole>
sudo dnf install openldap openldap-servers openldap-clients
sudo systemctl enable --now slapd
</konsole>
++++

++++ Rocky 8 |
<konsole>
sudo dnf install openldap openldap-clients
sudo dnf --enablerepo=powertools -y insall openldap-servers
sudo systemctl enable --now slapd
</konsole>
++++

===== USAGE =====
<code bash>
# 비밀번호 확인
ldapwhoami -vvv -h <hostname> -p <port> -D <admin_binddn> -x -w <admin_password>
</code>

===== SYNTAX =====
<file ldif add_acl.ldif>
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to dn.base="cn=subschema" by users read
olcAccess: {1}to dn.base="" by * read
</file>
<file ldif insert_acl.ldif>
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword
  by dn="cn=ldapreader,dc=genfic,dc=org" read
  by self read
  by anonymous auth
  by * none
</file>
<file ldif delete_acl.ldif>
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
delete: olcAccess
olcAccess: {1}
</file>

===== INDEX MENU =====
{{indexmenu>~#1}}