Diff for /admin/quickstart.sdf between versions 1.17 and 1.18

version 1.17, 2000/08/10 20:31:41 version 1.18, 2000/08/11 06:17:34
Line 1 Line 1
 # $OpenLDAP: pkg/openldap-guide/admin/quickstart.sdf,v 1.16 2000/08/10 16:38:15 kurt Exp $  # $OpenLDAP: pkg/openldap-guide/admin/quickstart.sdf,v 1.17 2000/08/10 20:31:41 kurt Exp $
 # Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.  # Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.  # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
   
 H1: A Quick-Start Guide to Running slapd  H1: A Quick-Start Guide
   
 This chapter provides a quick step-by-step guide to building,  The following is a quick start guide to OpenLDAP software,
 installing and running {{slapd}}(8). It is intended to provide  including the stand-alone LDAP daemon, {{slapd}}(8).
 users with a simple and quick way to get started only.  
 If you intend to run {{slapd}} seriously, you should read the rest  
 of this guide.  
   
   It is meant to step you through the basic steps needed to install
   and configure OpenLDAP software. It should be used in conjunction
   with the other chapters of this document, manual pages, and
   other materials provided with the distribution (e.g. the {{F:INSTALL}}
   document) or on the OpenLDAP web site (in particular, the
   OpenLDAP Software FAQ).
   
   If you intend to run OpenLDAP seriously, you should review the all
   of this document before attempt to install the software.
   
   Note: This quick start guide does not use strong authentication nor
   any privacy and integrity protection services.  These services are
   described in other chapters of the OpenLDAP Administrator's Guide.
   
 Note: This guide does not use strong authentication nor any  
 privacy and integrity protection services.  These services are  
 described in detail in later chapters.  
   
   .{{S: }}
   ^{{B: Get the software}}
   
 ^{{B:Get the software}}.  . You can obtain a copy of the software by following the
   instructions on the OpenLDAP download
   page ({{URL: http://www.openldap.org/software/download/}}).
   It is recommended that new users start with either the (latest)
   {{release}} or the (most) {{stable}} release.
   
 .{{slapd}} is part of the {{PRD:OpenLDAP}} distribution, which  
 you can retrieve from {{URL: http://www.openldap.org/software/download/}}  
 or {{URL: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release.tgz}}.  
 If you are reading this guide, you have probably already done this.  
   
 .{{S: }}  .{{S: }}
 +{{B:Unpack the distribution}}.  +{{B: Unpack the distribution}}
   
   .Pick a directory for the LDAP source to live under, change
   directory to there, and unpack the distribution using the
   following commands:
   
   ..{{EX:gunzip -c openldap-VERSION.tgz | tar xvfB -}}
   
 .Pick a directory for the LDAP source to live under and change  . then relocate yourself into the distribution directory:
 directory there, and untar it. For example:  
   
 ..{{EX:cd /usr/local/src}}  ..{{EX:cd openldap-VERSION.tgz}}
 ..{{EX:gunzip -c openldap-release.tgz | tar xvfB -}}  
 ..{{EX:cd openldap-release}}  
   
 . You'll have to replace {{F:openldap-release}} with the full  . You'll have to replace {{F:VERSION}} with the version
 name of the release.  name of the release.
   
   
 .{{S: }}  .{{S: }}
 +{{B: Configure the software}}.  +{{B: Review the release documents}}
   
 .You will need to run the {{EX:configure}} script to configure slapd.  . You should review the {{F:COPYRIGHT}}, {{F:LICENSE}}, {{F:README}}
   and {{F:INSTALL}} documents provided with the distribution.
   The {{F:COPYRIGHT}} and {{F:LICENSE}} provide information on
   acceptable use, copying, and limitation of warranty of OpenLDAP
   software. The {{F:README}} and {{F:INSTALL}} documents provide
   detailed information on prerequisite software and installation
   procedures.
   
 ..{{EX:./configure}}  
   
 . The {{EX:configure}} accepts many command line options that enable  .{{S: }}
 or disable optional software features.  Usually the defaults are okay,  +{{B: Run {{EX:configure}}}}
   
   . You will need to run the provided {{EX:configure}} script to
   {{configure}} to the distribution for building on your system.  The
   {{EX:configure}} accepts many command line options that enable or
   disable optional software features.  Usually the defaults are okay,
 but you may want to change them.  To get a complete list of options  but you may want to change them.  To get a complete list of options
 that {{EX:configure}} accepts, use the {{EX:--help}} option.  that {{EX:configure}} accepts, use the {{EX:--help}} option:
   
 ..{{EX:./configure --help}}  ..{{EX:./configure --help}}
   
 . Once OpenLDAP has been configured, it needs to be compiled.    . However, given that you using this guide, we'll assume you'll
 You'll need to construct dependencies and then compile the software  are brave enough to just let {{EX:configure}} to determine
 using {{make}}(1) utility.  what's best:
 For example:  
   ..{{EX:./configure}}
   
   . Assuming {{EX:configure}} doesn't dislike your system, you can
   proceed with building the software.  If {{EX:configure}} did
   complain, well, you'll likely need to go to the FAQ Installation
   Section ({{URL:http://www.openldap.org/faq/}} and/or actually
   read the {SECT:Building and Installing OpenLDAP Software}}
   chapter of this document.
   
   
   .{{S: }}
   +{{B:Build the software}}.
   
   . The next step is to build the software.  This step has two
   parts, first we construct dependencies and then we compile the
   software:
   
 ..{{EX:make depend}}  ..{{EX:make depend}}
 ..{{EX:make}}  ..{{EX:make}}
   
 . Once OpenLDAP is compiled you need to install it.  By default OpenLDAP   
 is installed into {{F:/usr/local}}.  This is typically done as root.  . Both makes should complete without error.
   
   
   .{{S: }}
   +{{B:Test the build}}.
   
   . To ensure a correct build, you should run the test suite
   (it only takes a few minutes):
   
   ..{{EX:make test}}
   
   . Tests which apply to your configuration will run and they
   should pass.  Some tests, such as the replication test, may
   be skipped.
   
   
   .{{S: }}
   +{{B:Install the software}}.
   
   . You are now ready to install the software, this usually requires
   {{super-user}} privledges: 
   
 ..{{EX:su root -c 'make install'}}  ..{{EX:su root -c 'make install'}}
   
   . Everything should now be installed under {{F:/usr/local}} (or
   whatever installation prefix was used by {{EX:configure}}.
   
   
 .{{S: }}  .{{S: }}
 +{{B:Edit the configuration file}}.  +{{B:Edit the configuration file}}.
   
 .Use this chapter as a brief tutorial.  For more details on the  . Use your favorite editor to edit the provided {{slapd.conf}}(5)
 configuration file, see slapd.conf(5) and the  example (usually installed as {{F:/usr/local/etc/slapd.conf}}) to
 {{SECT:The slapd Configuration File}} chapter of this document.  contain an LDBM database definition of the form:
   
 .Now we need to edit the default configuration file that was  ..{{EX:database        ldbm}}
 installed earlier.  The {{slapd}} configuration file {{slapd.conf}}(5)  ..{{EX:suffix          "dc=<MY-DOMAIN>, dc=<COM>"}}
 for is normally located at {{F:/usr/local/etc/openldap/slapd.conf}}.  ..{{EX:rootdn          "cn=Manager, dc=<MY-DOMAIN, dc=<COM>"}}
 If you specified the {{EX:--prefix}} option when you ran {{EX:configure}},  ..{{EX:rootpw          secret}}
 then replace {{F:/usr/local}} with the value you gave as the  ..{{EX:directory       /usr/local/var/openldap-ldbm}}
 prefix.  For example, if you ran {{EX:configure}} as  
   
 ..{{EX:./configure --prefix=/opt/ldap}}  
   
 .You would find your configuration file in  
 {{F:/opt/ldap/etc/openldap/slapd.conf}}.   
 Now look in the configuration file for a line that begins with   
   
 ..{{EX:database          ldbm}}  
   
 .This marks the beginning of the database configuration for {{slapd}}.  
 Everything you will need to change for this example is located  
 after this line.  
   
 .Listed below are the default settings for the database in  
 {{F:slapd.conf}}(5).  Lines that begin with a sharp sign ('{{EX:#}}')  
 are considered to be comments by slapd, they have been removed  
 from the listing below to save space.  If a line starts with  
 white space it is considered a continuation of the preceding  
 line.  
   
 ..{{EX:suffix          "dc=my-domain, dc=com"}}  . Be sure to replace {{EX:<MY-DOMAIN>}} and {{EX:<COM>}} with
 ..{{EX:rootdn          "cn=Manager, dc=my-domain, dc=com"}}  the appropriate domain components of your domain name.  For
   example, for {{EX:example.com}}, use:
   
   ..{{EX:database        ldbm}}
   ..{{EX:suffix          "dc=example, dc=com"}}
   ..{{EX:rootdn          "cn=Manager, dc=example, dc=com"}}
 ..{{EX:rootpw          secret}}  ..{{EX:rootpw          secret}}
 ..{{EX:directory       /usr/local/var/openldap-ldbm}}  ..{{EX:directory       /usr/local/var/openldap-ldbm}}
   
 . Now we need to replace all of the references to {{EX:my-domain}}  .If your domain contains additional components, such as
 and {{EX:com}} with the correct value.  For example, if your domain  {{EX:eng.uni.edu.eu}}, use:
 is {{EX:example.net}} we might use the following.  
   
 ..{{EX:suffix          "dc=example, dc=net"}}  ..{{EX:database        ldbm}}
 ..{{EX:rootdn          "cn=Manager, dc=example, dc=net"}}  ..{{EX:suffix          "dc=eng, dc=uni, dc=edu, dc=eu"}}
   ..{{EX:rootdn          "cn=Manager, dc=eng, dc=uni, dc=edu, dc=eu"}}
 ..{{EX:rootpw          secret}}  ..{{EX:rootpw          secret}}
 ..{{EX:directory       /usr/local/var/openldap-ldbm}}  ..{{EX:directory       /usr/local/var/openldap-ldbm}}
   
 . By default, the database files will be created in  . Details regarding configuring {{slapd}}(8) can be found
 {{F:/usr/local/var/openldap-ldbm}}.  in the {{slapd.conf}}(5) manual page and the
 You may specify an alternate directory via the directory option  {{SECT:The slapd Configuration File}} chapter of this
 in the {{F:slapd.conf}} file.  The directory must exist before  document.
 you start the server.  
   
 Note: Use of rootpw is deprecated in favor of strong authentication  
 mechanisms.  These are described in later chapters.  
   
 .{{S: }}  .{{S: }}
 +{{B:Starting the server}}.  +{{B:Start SLAPD}}.
   
 .You are now ready to start the server by running the command  . You are now ready to start the stand-alone LDAP server, slapd(8),
 {{slapd}}(8):  by running the command:
   
 ..{{EX:/usr/local/libexec/slapd}}  ..{{EX:su root -c /usr/local/libexec/slapd}}
   
 . At this point the LDAP server is up and running, but there isn't  
 any data in the directory.  You can check to see if the server is  . To check to see if the server is running and configured correctly,
 running and your naming context (the {{EX:suffix}} you specified above)  you can run search it with {{ldapsearch}}(1).  By default, ldapsearch
 by searching it with {{ldapsearch}}(1).  By default, ldapsearch is  is installed as {{F:/usr/local/bin/ldapsearch}}:
 installed as {{F:/usr/local/bin/ldapsearch}}.  
   
 ..{{EX:ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts}}  ..{{EX:ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts}}
   
Line 141  installed as {{F:/usr/local/bin/ldapsear Line 182  installed as {{F:/usr/local/bin/ldapsear
 special characters from interpreted by the shell.  This should return:  special characters from interpreted by the shell.  This should return:
   
 ..{{EX:dn:}}  ..{{EX:dn:}}
 ..{{EX:namingContexts: dc=example, dc=net}}  ..{{EX:namingContexts: dc=example, dc=com}}
   
   . Details regarding running {{slapd}}(8) can be found
   in the {{slapd}}(8) manual page and the
   {{SECT:Running slapd}} chapter of this document.
   
   
 .{{S: }}  .{{S: }}
 +{{B:Create a database}}.  +{{B:Add initial entries to your directory}}.
   
   . You can use {{ldapadd}}(1) to add entries to your LDAP directory.
   {{ldapadd}} expects input in LDIF form. We'll do it two steps:
   
   ^^ create LDIF file
   ++ run ldapadd
   
   . Use your favorite editor and create an LDIF file that contains:
   
 . This is a two-step process. The first step is to create a file  ..{{EX:dn: dc=<MY-DOMAIN>, dc=<COM>}}
 (we'll call it {{F:example.ldif}}) containing the entries you  ..{{EX:objectclass: dcObject}}
 want your database to contain. Use the following example as a  ..{{EX:objectclass: organization}}
 guide, or see {{Database Creation and Maintenance Tools}} section  ..{{EX:o: <MY ORGANIZATION>}}
 of this document for more details.  ..{{EX:dc: <MY-DOMAIN>}}
   ..{{EX: }}
   ..{{EX:dn: cn=Manager, dc=<MY-DOMAIN>, dc=<COM>}}
   ..{{EX:objectclass: person}}
   ..{{EX:cn: Manager}}
   ..{{EX:sn: Manager}}
   
   . Be sure to replace <MY-DOMAIN> and <COM> with the appropriate domain
   components of your domain name.  <MY ORGANIZATION> should be replaced
   with the name of your organization. If you cut and paste, be sure
   to trim any leading whitespace from the example:
   
 ..{{EX:dn: dc=example, dc=net}}  ..{{EX:dn: dc=example, dc=com}}
 ..{{EX:objectclass: dcObject}}  ..{{EX:objectclass: dcObject}}
 ..{{EX:objectclass: organization}}  ..{{EX:objectclass: organization}}
 ..{{EX:o: Example Network}}  ..{{EX:o: Example Company}}
 ..{{EX:dc: example}}  ..{{EX:dc: example}}
 ..{{EX: }}  ..{{EX: }}
 ..{{EX:dn: cn=Bob Smith, dc=example, dc=net}}  ..{{EX:dn: cn=Bob Smith, dc=example, dc=com}}
 ..{{EX:objectclass: person}}  ..{{EX:objectclass: person}}
 ..{{EX:cn: Bob Smith}}  ..{{EX:cn: Bob Smith}}
 ..{{EX:sn: Smith}}  ..{{EX:sn: Smith}}
   
 .Remember to replace {{EX:dc=example, dc=net}} with the correct  . Now, you may run {{ldapadd}}(1) to insert these entries into
 values for your site, and to put your name instead of Bob's.  You can  your directory.
 include additional entries and attributes in this file if you want,  
 or add them later via LDAP.  ..{{EX:ldapadd -D "cn=Manager, dc=<MY-DOMAIN>, dc=<COM>" -W -f example.ldif}}
   
 .The second step is to run a tool to add the contents of this file to the  
 your directory.  We use the tool {{ldapadd}}(1) to populate the directory.  
 Again remember to replace {{EX:dc=example, dc=net}} with the correct values  
 for your site.  By default ldapadd is installed as  
 {{F:/usr/local/bin/ldapadd}}.  
   
 ..{{EX:ldapadd -x -D 'cn=Manager,dc=example,dc=net' -w secret -f example.ldif}}  
   
 .Where {{F:example.ldif}} is the file you created above.  
   
 Note: Use of strong authentication and transport security services  
 is highly recommended when updating the directory.  These services  
 are described in later chapters.  
   
   . Be sure to replace {{EX:<MY-DOMAIN>}} and {{EX:<COM>}} with the
   appropriate domain components of your domain name.  You will be
   prompted for the "{{EX:secret}}" specified in {{F:slapd.conf}}. 
   For example, for {{EX:example.com}}, use:
   
   ..{{EX:ldapadd -x -D "cn=Manager, dc=example, dc=com" -W -f example.ldif}}
   
   . where {{F:example.ldif}} is the file you created above.
   ..{{EX: }}
   . Additional informaton regarding directory creation can be found
   in the {{SECT:Database Creation and Maintenance Tools}} chapter of
   this document.
   
 .{{S: }}  .{{S: }}
 +{{B:See if it works}}.  +{{B:See if it works}}.
   
 .Now we're ready to verify the added entries are in your directory.    . Now we're ready to verify the added entries are in your directory.  
 You can use any LDAP client to do this, but our example uses the  You can use any LDAP client to do this, but our example uses the
 {{ldapsearch}}(1) tool.  Remember to replace {{EX:dc=example,dc=net}}  {{ldapsearch}}(1) tool.  Remember to replace {{EX:dc=example,dc=com}}
 with the correct values for your site.  with the correct values for your site:
   
 ..{{EX:ldapsearch -x -b 'dc=example,dc=net' '(objectclass=*)'}}  ..{{EX:ldapsearch -x -b 'dc=example,dc=com' '(objectclass=*)'}}
   
 .This command will search for and retrieve every entry in the database.  . This command will search for and retrieve every entry in the database.
   
 You are now ready to add more entries using {{ldapadd}}(1) or  You are now ready to add more entries using {{ldapadd}}(1) or
 another LDAP client, experiment with various configuration options,  another LDAP client, experiment with various configuration options,
 backend arrangements, etc. Note that by default, the {{slapd}}(8)  backend arrangements, etc.
 database grants {{read access to everybody}} excepting the  
 {{super-user}} (as specified by the {{EX:rootdn}} configuration  Note that by default, the {{slapd}}(8) database grants {{read access
 directive).  It is highly recommended that you establish controls  to everybody}} excepting the {{super-user}} (as specified by the
 to restrict access to authorized users.  Access controls are discussed  {{EX:rootdn}} configuration directive).  It is highly recommended that
 in the {{SECT:Access Control}} section of the  you establish controls to restrict access to authorized users.  Access
   controls are discussed in the {{SECT:Access Control}} section of the
 {{SECT:The slapd Configuration File}} chapter.  {{SECT:The slapd Configuration File}} chapter.
   
 The following chapters provide more detailed information on making,  The following chapters provide more detailed information on making,
 installing, and running {{slapd}}(8).  installing, and running {{slapd}}(8).
   

Removed from v.1.17  
changed lines
  Added in v.1.18


______________
© Copyright 1998-2020, OpenLDAP Foundation, info@OpenLDAP.org