{"id":195,"date":"2006-02-03T12:42:26","date_gmt":"2006-02-03T04:42:26","guid":{"rendered":"https:\/\/blog.ychsiao.org\/2006\/02\/03\/195"},"modified":"2018-03-21T20:13:20","modified_gmt":"2018-03-21T12:13:20","slug":"openldap%e8%b7%9ffreebsd%e7%ba%8c","status":"publish","type":"post","link":"https:\/\/blog.ychsiao.org\/?p=195","title":{"rendered":"OpenLDAP\u8ddfFreeBSD&#8230;(\u7e8c)"},"content":{"rendered":"<p>\u6628\u5929<a href=\"https:\/\/blog.ychsiao.org\/2006\/02\/02\/193\">\u795e\u79d8\u7684\u554f\u984c<\/a>\u767c\u751f\u5b8c\u5f8c\uff0c\u4e0d\u6b7b\u5fc3\u518d\u88dd\u4e00\u53f0<a href=\"http:\/\/www.freebsd.org\">FreeBSD<\/a> 6\u8d77\u4f86\uff0c\u53ea\u4e0d\u904e\u9019\u6b21\u662fi386\u7248\uff0c\u4e4b\u524d\u662f\u704camd64\u3002<br \/>\n\u4f9d\u7167\u6b63\u5e38\u7a0b\u7e8c\u628a<a href=\"http:\/\/www.openldap.org\">OpenLDAP<\/a>\/<a href=\"http:\/\/www.padl.com\/OSS\/pam_ldap.html\">pam_ldap<\/a>\/<a href=\"http:\/\/www.padl.com\/OSS\/nss_ldap.html\">nss_ldap<\/a>\u5f04\u8d77\u4f86\u5f8c\uff0cuser\u4e5f\u53ef\u4ee5\u767b\u9032\u7cfb\u7d71\uff0c\u4f46\u662f\u7528id xxx\u6216\u662ffinger xxx\u90fd\u7121\u6cd5<del datetime=\"2006-02-03T04:44:59+00:00\">\u5c0d\u61c9\u5230\u6b63\u78ba\u7684uid\/gid<\/del>\u627e\u5230user\uff0c\u800cls -al\u7684\u6642\u5019\u662f\u53ea\u770b\u5f97\u5230uid\/gid\uff0c\u4f46\u662f\u7528root\u53bb\u770b\u53c8\u53ef\u4ee5\u5c0d\u6620\u7684\u5230-_-\u3002<\/p>\n<p><!--more--><br \/>\n\u770b\u8d77\u4f86\u554f\u984c\u53c8\u56de\u5230NIS..\u597d\u5427\uff0c\u81f3\u5c11\u9019\u6b21\u6c92\u6709core dump\u3002\u518d\u91cd\u65b0\u6aa2\u67e5nss_ldap\u8ddfpam_ldap\u7684\u8a2d\u5b9a\u6a94\uff0c\u56e0\u70ba\u9019\u5169\u500b\u6a94\u662f\u540c\u4e00\u500b\u5167\u5bb9\uff0c\u6240\u4ee5\u6211\u662f\u7528symbolic link\u628aldap.conf\u8207nss_ldap.conf\u5efa\u7acb\u8d77\u4f86\u3002\u62c6\u6210\u7368\u7acb\u8a2d\u5b9a\u6a94\uff0c\u4e00\u6a23\u627e\u4e0d\u5230uid\/gid\u3002\u63a5\u8457\u518dreview ldap.conf(nss_ldap.conf)\u7684\u5167\u5bb9\uff0c\u5176\u4e2d\u9019\u4e00\u6bb5\u662f:<\/p>\n<blockquote><p># The distinguished name to bind to the server with.<br \/>\n# Optional: default is to bind anonymously.<br \/>\n#binddn cn=Manager,dc=ychsiao,dc=org<\/p>\n<p># The credentials to bind with.<br \/>\n# Optional: default is no credential.<br \/>\n#bindpw password<\/p>\n<p># The distinguished name to bind to the server with<br \/>\n# if the effective user ID is root. Password is<br \/>\n# stored in \/etc\/ldap.secret (mode 600)<br \/>\nrootbinddn cn=Manager,dc=ychsiao,dc=org<\/p><\/blockquote>\n<p>\u70ba\u4ec0\u9ebc\u6703\u770b\u5230\u9019\u4e00\u6bb5\uff0c\u56e0\u70ba\u5728ldap log\u4e2d\uff0c\u4e0b\u4e86ls -al \u6216\u662fid xxx\u6642\u5019\uff0cNIS\u6703\u53bbOpenLDAP\u627e\u8cc7\u6599\u3002<\/p>\n<blockquote><p>Feb 3 07:42:14 orz slapd[374]: conn=157 fd=19 ACCEPT from IP=127.0.0.1:64324 (IP=0.0.0.0:389)<br \/>\nFeb 3 07:42:14 orz slapd[374]: conn=157 op=0 BIND dn=&#8221;&#8221; method=128<br \/>\nFeb 3 07:42:14 orz slapd[374]: conn=157 op=0 RESULT tag=97 err=0 text=<br \/>\nFeb 3 07:42:14 orz slapd[374]: conn=157 op=1 SRCH base=&#8221;dc=ychsiao,dc=org&#8221; scope=2 deref=0 filter=&#8221;(&amp;(objectClass=posixAccount)(uidNumber=10000))&#8221;<\/p><\/blockquote>\n<p>\u600e\u9ebc\u770b\u90fd\u4e0d\u5c0d\uff0c\u6211\u660e\u660e\u6709\u7528rootbinddn\u8981\u5efa\u7acb\u9023\u7dda\uff0c\u7d50\u679clog\u88e1\u9762\u7684BIND dn\u662f\u7a7a\u767d-_-\uff0c\u90a3\u4fee\u6539\u4e00\u4e0b\u8a2d\u5b9a\u6210<\/p>\n<blockquote><p>binddn cn=Manager,dc=ychsiao,dc=org<br \/>\nbindpw password<br \/>\n#rootbinddn cn=Manager,dc=ychsiao,dc=org<\/p><\/blockquote>\n<p>log\u5c31\u6703\u8b8a\u6210<\/p>\n<blockquote><p>Feb 3 07:44:24 orz slapd[374]: conn=166 op=0 BIND dn=&#8221;cn=Manager,dc=ychsiao,dc=org&#8221; method=128<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=0 BIND dn=&#8221;cn=Manager,dc=ychsiao,dc=org&#8221; mech=SIMPLE ssf=0<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=0 RESULT tag=97 err=0 text=<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=1 SRCH base=&#8221;dc=ychsiao,dc=org&#8221; scope=2 deref=0 filter=&#8221;(&amp;(objectClass=posixAccount)(uidNumber=10000))&#8221;<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=2 SRCH base=&#8221;dc=ychsiao,dc=org&#8221; scope=2 deref=0 filter=&#8221;(&amp;(objectClass=posixGroup)(gidNumber=500))&#8221;<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber<br \/>\nFeb 3 07:44:24 orz slapd[374]: conn=166 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=<\/p><\/blockquote>\n<p>\u5543~~\u53ea\u662f\u6211\u4e0d\u592a\u4e86\u89e3\u70ba\u5565amd64\u4e0a\u9762\u6703\u76f4\u63a5core dump\uff0ci386\u53ea\u662f\u5c0d\u6620\u4e0d\u5230uid\/gid\uff0c\u4f86\u5beb\u4fe1\u8acb<a href=\"http:\/\/www.freebsd.org\/\">FreeBSD<\/a> close pr\u597d\u4e86Orz\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6628\u5929\u795e\u79d8\u7684\u554f\u984c\u767c\u751f\u5b8c\u5f8c\uff0c\u4e0d\u6b7b\u5fc3\u518d\u88dd\u4e00\u53f0FreeBSD 6\u8d77\u4f86\uff0c\u53ea\u4e0d\u904e\u9019\u6b21\u662fi386\u7248\uff0c\u4e4b\u524d\u662f\u704camd64\u3002 \u4f9d\u7167\u6b63\u5e38\u7a0b\u7e8c\u628aOpenLDAP\/pam_ldap\/nss_ldap\u5f04\u8d77\u4f86\u5f8c\uff0cuser\u4e5f\u53ef\u4ee5\u767b\u9032\u7cfb\u7d71\uff0c\u4f46\u662f\u7528id xxx\u6216\u662ffinger xxx\u90fd\u7121\u6cd5\u5c0d\u61c9\u5230\u6b63\u78ba\u7684uid\/gid\u627e\u5230user\uff0c\u800cls -al\u7684\u6642\u5019\u662f\u53ea\u770b\u5f97\u5230uid\/gid\uff0c\u4f46\u662f\u7528root\u53bb\u770b\u53c8\u53ef\u4ee5\u5c0d\u6620\u7684\u5230-_-\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[56],"tags":[14,12,19,11,3],"class_list":["post-195","post","type-post","status-publish","format-standard","hentry","category-technology","tag-computer","tag-freebsd","tag-network","tag-opensource","tag-unix"],"_links":{"self":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=195"}],"version-history":[{"count":2,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/195\/revisions"}],"predecessor-version":[{"id":1214,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/195\/revisions\/1214"}],"wp:attachment":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}