2 # Copyright 1999, The OpenLDAP Foundation, All Rights Reserved.
3 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
5 H1: A Quick-Start Guide to Running slapd
7 This section provides a quick step-by-step guide to building,
8 installing and running {{I:slapd}}. It is intended to provide users with a
9 simple and quick way to get started only. If you intend to run slapd
10 seriously, you should read the rest of this guide.
13 ^ {{B:Get the software}}.
14 . {{I:Slapd}} is part of the OpenLDAP distribution, which
15 you can retrieve using this URL:
17 ..{{URL: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release.tgz}}
19 .If you are reading this guide, you have probably already done this.
22 + {{B:Untar the distribution}}.
23 .Pick a place for the LDAP source to live, cd
24 there, and untar it. For example:
26 .{{EX:cd /usr/local/src}}
27 .{{EX:gunzip -c openldap-release.tgz | tar xvfB -}}
30 + {{B: Configure the software}}.
31 . You will need to run the configure script to configure slapd.
35 . Configure accepts many command line options that enable or disable
36 optional features in slapd. Usually the defaults are okay, but you
37 may want to change them. To get a complete list of options that configure
38 accepts, use the --help option.
40 .{{EX:./configure --help}}
42 . Once OpenLDAP has been configured, it needs to be compiled.
43 You'll need to make dependencies and then compile the software.
49 . Once OpenLDAP is compiled you need to install it. By default OpenLDAP
50 is installed into /usr/local. This is typically done as root.
55 + {{B:Edit the configuration file}}.
56 . Use this section as a brief guide. For more details on the configuration
59 . Now we need to edit the default configuration file that was installed
60 earlier. By default the configuration file for slapd is located at
61 {{FILE:/usr/local/etc/openldap/slapd.conf}}. If you specified the --prefix
62 option when you ran configure, then replace {{FILE:/usr/local}} with the
63 value you gave as the prefix.
65 . For example, if you ran configure as
66 .{{EX:./configure --prefix=/opt/ldap}}
67 . You would find your configuration file in {{FILE:/opt/ldap/etc/openldap/slapd.conf}}.
69 . Now look in the configuration file for a line that begins with
72 . This marks the begining of the database configuration for slapd. Everything
73 you will need to change for this example is located after the line begining with
76 . Listed below are the default settings for the database in {{FILE:slapd.conf}}.
77 Lines that begin with a # are considered to be comments by slapd, they have
78 been removed from the listing below to save space.
80 .{{EX:suffix "dc=my-domain, dc=com"}}
81 .{{EX:rootdn "cn=Manager, dc=my-domain, dc=com"}}
83 .{{EX:directory /usr/local/var/openldap-ldbm}}
85 . Now we need to replace all of the references to my-domain with the correct
86 value. For example, if your domain is example.net we might use the following.
88 .{{EX:suffix "dc=example, dc=net"}}
89 .{{EX:rootdn "cn=Manager, dc=example, dc=net"}}
91 .{{EX:directory /usr/local/var/openldap-ldbm}}
93 + {{B:Create a database}}.
94 . This is a two-step process. Step A is to create
95 a file (we'll call it myldif) containing the entries you want your database
96 to contain. Use the following example as a guide, or see Section 7.3 for
99 .{{EX:dn: dc=example, dc=net}}
100 .{{EX:objectclass: dcObject}}
101 .{{EX:objectclass: organization}}
102 .{{EX:o: Example Net Inc.}}
105 .{{EX:dn: cn=Bob Smith, dc=example, dc=net}}
106 .{{EX:objectclass: person}}
107 .{{EX:cn: Bob Smith}}
110 .Remember to replace dc=example,dc=net with the correct values for your
111 site, and to put your name instead of Bob's.
113 .You can include additional entries and attributes in this file if you want,
114 or add them later via LDAP.
116 .Step B is to run this file through a tool to create the slapd database.
118 .First we'll need to start slapd.
119 To do this just run slapd.
120 .{{EX:/usr/local/libexec/slapd}}
122 .At this point the LDAP server is up and running, but there isn't any data
124 You can check to see if the server is running and your naming context
125 (the {{EX:suffix}} you specified above) by searching it with
127 By default ldapsearch is installed as {{FILE:/usr/local/bin/ldapsearch}}.
129 .{{EX:ldapsearch -x -b "" -s base '(objectclass=*)' namingContexts
134 .{{EX:namingContexts: dc=example, dc=net}}
136 .We can use {{I:ldapadd}}(1) to populate the directory.
137 Again remember to replace dc=example,dc=net with the correct values for your
138 site. By default ldapadd is installed as {{FILE:/usr/local/bin/ldapadd}}.
140 .{{EX:ldapadd -x -D"cn=Manager,dc=example,dc=net" -w secret -f myldif}}
142 .Where myldif is the file you made in step 7A above. By default, the database
143 files will be created in {{FILE:/usr/local/var/openldap-ldbm}}.
144 You may specify an alternate directory via the directory option in the
145 {{FILE:slapd.conf}} file.
147 + {{B:See if it works}}.
148 . Now we're ready to try everything out.
150 . You can use any LDAP client to do this, but our
151 example uses the ldapsearch tool. Remember to replace dc=example,dc=net with
152 the correct values for your site.
154 .{{EX:ldapsearch -x -b 'dc=example,dc=net' '(objectclass=*)'}}
156 . This command will search for and retrieve every entry in the database.
157 Note the use of single quotes around the filter, which prevents the "*"
158 from being interpreted by the shell.
160 . You are now ready to add more entries (e.g., using {{I:ldapadd}}(1) or
161 another LDAP client), experiment with various configuration options,
162 backend arrangements, etc. Note that by default, the {{I:slapd}} database
163 grants {{EX:READ}} access to everybody. So if you want to add or modify
164 entries over LDAP, you will have to bind as the rootdn specified in the
165 config file (see Section 5.2.2), or change the default access control
168 The following sections provide more detailed information on making,
169 installing, and running slapd.
projects / openldap / blob