ldap
fd
Installing
rm -rf /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg /etc/apt/sources.list.d/sury-php.list
/etc/apt/sources.list.d/ltb.list /etc/apt/sources.list.d/ltb2.list /etc/apt/trusted.gpg.d/sury-php.gpg
apt update
apt install -y curl gpg
curl https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg
wget -O- https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor | sudo tee /usr/share/keyrings/ltb-project.gpg >/dev/null
wget -qO - https://packages.sury.org/php/apt.gpg | sudo tee /etc/apt/trusted.gpg.d/sury-php.gpg > /dev/null
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project.gpg] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb.list
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb2.list
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list
apt install -y software-properties-common apt-transport-https ca-certificates
apt update
project.gpg >/dev/nullgpg --keyserver keys.openpgp.org --recv-key 0xFE0FEAE5AC483A86
gpg --export -a "FusionDirectory Packages Signing Key <contact@fusiondirectory.org>" > FD-archive-key
apt-key add FD-archive-key
apt updateecho "#fusiondirectory integrator \
deb https://public.fusiondirectory.org/debian/fusiondirectory-integrator/ bullseye main \
#fusiondirectory utilities \
deb https://public.fusiondirectory.org/debian/fusiondirectory-utilities/ bullseye main \
#fusiondirectory tools \
deb https://public.fusiondirectory.org/debian/fusiondirectory-tools/ bullseye main \
#fusiondirectory libraries \
deb https://public.fusiondirectory.org/debian/fusiondirectory-external-libraries/ bullseye main \
#fusiondirectory repository \
deb https://public.fusiondirectory.org/debian/bullseye-fusiondirectory-release/ bullseye main" | sudo tee /etc/apt/sources.list.d/fd.listapt install -y php7.4-common php7.4-ldap php7.4-xml php-cas php7.4-gd php7.4-curl \
php-fpdf php7.4-imagick php7.4-imap php7.4-mbstring php-gettext-languages php8.4-ldap php8.4-xmlapt install -y slapd
dpkg-reconfigure slapdapt-get install -y fusiondirectory fusiondirectory-schema fusiondirectory-plugin-mail-schema fusiondirectory-plugin-mail php-ldap php-mbstring php-xml php-curl php-json fusiondirectory-plugin-dsa fusiondirectory-plugin-dsa-schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/ldapns.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/template-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd-conf.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/dsa-fd-conf.schema
systemctl restart apache2 slapdapt install -y self-service-passwordapt install -y libapache2-mod-php7.4
a2enmod php7.4
a2dismod php8.3
a2dismod php7.3
systemctl restart apache2go to http://SERVER-IP/fusiondirectory
do your config....
https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761
https://github.com/ltb-project/self-service-password/issues/243
STILL TODO :
finish this https://self-service-password.readthedocs.io/en/stable/index.html
--------------------------------------------
openldap/slapd part :
apt update
apt install -y curl gpg software-properties-common apt-transport-https ca-certificates
apt update
apt install -y slapd
sudo dpkg-reconfigure slapd--------------------------------------------
php part
wget -qO - https://packages.sury.org/php/apt.gpg | sudo tee /etc/apt/trusted.gpg.d/sury-php.gpg > /dev/null
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list
apt update
apt install -y php7.4-common php7.4-ldap php7.4-xml php-cas php7.4-gd php7.4-curl \
php-fpdf php7.4-imagick php7.4-imap php7.4-mbstring php-gettext-languages php8.4-ldap php8.4-xml----------------------------------------
fusion directory
gpg --keyserver keys.openpgp.org --recv-key 0xFE0FEAE5AC483A86
gpg --export -a "FusionDirectory Packages Signing Key <contact@fusiondirectory.org>" > FD-archive-key
apt-key add FD-archive-key
echo "#fusiondirectory integrator
deb https://public.fusiondirectory.org/debian/fusiondirectory-integrator/ bullseye main
#fusiondirectory utilities
deb https://public.fusiondirectory.org/debian/fusiondirectory-utilities/ bullseye main
#fusiondirectory tools
deb https://public.fusiondirectory.org/debian/fusiondirectory-tools/ bullseye main
#fusiondirectory libraries
deb https://public.fusiondirectory.org/debian/fusiondirectory-external-libraries/ bullseye main
#fusiondirectory repository
deb https://public.fusiondirectory.org/debian/bullseye-fusiondirectory-release/ bullseye main" | sudo tee /etc/apt/sources.list.d/fd.list
apt update
apt-get install -y fusiondirectory fusiondirectory-schema fusiondirectory-plugin-mail-schema fusiondirectory-plugin-mail php-ldap php-mbstring php-xml php-curl php-json fusiondirectory-plugin-dsa fusiondirectory-plugin-dsa-schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd-conf.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/ldapns.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/template-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd-conf.schema
fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/dsa-fd-conf.schema
systemctl restart apache2 slapdapt install -y libapache2-mod-php7.4
a2enmod php7.4
a2dismod php8.3
systemctl restart apache2go to http://SERVER-IP/fusiondirectory
do your config....
can be useful :
https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761
https://github.com/ltb-project/self-service-password/issues/243
New Page
1 vim .ssh/authorized_keys
2 sudo su -
3 su -
4 sudo chown arthur_wambst .ssh/
5 exit
6 sudo chown arthur_wambst .ssh/
7 vim .ssh/authorized_keys
8 exit
9 sudo systemctl restart sshd
10 exit
11 apt update
12 apt install -y curl gpg
13 curl https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg
14 wget -O - https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor | sudo tee /usr/share/keyrings/ltb-
15 echo "deb [signed-by=/usr/share/keyrings/php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
16 echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg] https://ltb-project.org/debian/openldap26/bookworm bookworm main" | sudo tee /etc/apt/sources.list.d/ltb.list
17 echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project.gpg] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb2.list
18 project.gpg >/dev/null
19 apt install -y software-properties-common apt-transport-https ca-certificateswget -q https://packages.sury.org/php/apt.gpg -O- | sudo gpg --dearmor -o /usr/share/keyrings/php.gpg
20 apt update
21 apt install -y openldap-ltb openldap-ltb-contrib-overlays openldap-ltb-mdb-utils self-service-password
22 su -
23 exit
24 su -
25 exit
26 su -
27 exit
28 su -
29 exit
30 slapcat -n 0 | grep olcModuleLoad
31 sudo slapcat -n 0 | grep olcModuleLoad
32 ldapmodify -Q -Y EXTERNAL -H ldapi:///
33 dn: cn=module{0},cn=config
34 changetype: modify
35 add: olcModuleLoad
36 olcModuleLoad: memberof.la
37 ldapmodify -Q -Y EXTERNAL -H ldapi:///
38 sudo ldapmodify -Q -Y EXTERNAL -H ldapi:///
39 ldapadd -Y EXTERNAL -Q -H ldapi:///
40 dn: cn=module,cn=config
41 cn: module
42 objectClass: olcModuleList
43 olcModulePath: /usr/bin/ldap
44 olcModuleLoad: memberof.la
45 ldapadd
46 ldapadd -Y EXTERNAL -Q -H ldapi:///
47 dn: cn=module,cn=config
48 cn: module
49 objectClass: olcModuleList
50 olcModulePath: /usr/lin
51 olcModuleLoad: memberof.la
52 sudo ldapadd -h
53 sudo ldapadd -U admin -W
54 sudo ldapadd -x -W
55 sudo ldapadd -x
56 sudo ldapadd -h
57 ldapadd -x -D "cn=admin,dc=example,dc=com" -W -H ldap://localhost
58 dn: cn=module,cn=config
59 cn: module
60 objectClass: olcModuleList
61 olcModulePath: /usr/lib/ldap
62 olcModuleLoad: memberof.la
63 ldapadd -x -D "cn=admin,dc=example,dc=com" -W -H ldap://localhost
64 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
65 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
66 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhostdn: cn=module,cn=config
67 cn: module
68 objectClass: olcModuleList
69 olcModulePath: /usr/lib/ldap
70 olcModuleLoad: memberof.la
71 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
72 dn: cn=module,cn=config
73 cn: module
74 objectClass: olcModuleList
75 olcModulePath: /opt/openldap-current/libexec/openldap
76 olcModuleLoad: memberof.la
77 sudo slapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
78 sudo slapadd -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
79 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost
80 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -w -H ldap://localhost
81 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -w
82 sudo slapadd
83 sudo systemctl sla
84 sudo systemctl slapd
85 sudo systemctl status slapd
86 sudo slapd -h
87 sudo slapadd
88 sudo slapd
89 ls
90 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
91 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
92 sudoldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
93 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
94 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
95 vim config_acl.ldif
96 ldapmodify -Y EXTERNAL -H ldapi:/// -f config-acl.ldif
97 ldapmodify -Y EXTERNAL -H ldapi:/// -f ./config-acl.ldif
98 ldapmodify -Y EXTERNAL -H ldapi:/// -f ./config_acl.ldif
99 ldapmodify -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost -f ./config_acl.ldif
100 ldapadd -x -D "cn=admin,cn=config" -W -H ldap://localhost <<EOF
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
101 cat /etc/ldap/ldap.conf
102 cat /etc/ldap/slapd.d/cn\=config.ldif
103 sudo cat /etc/ldap/slapd.d/cn\=config.ldif
104 sudo cat /etc/ldap/slapd.d/cn\=config/
105 ls /etc/ldap/slapd.d/cn\=config/
106 sudo ls /etc/ldap/slapd.d/cn\=config/
107 cat /usr/local/openldap/etc/openldap/slapd.conf
108 sudo cat /usr/local/openldap/etc/openldap/slapd.conf
109 sudo cat /usr/local/openldap/etc/openldap/ldap.conf
110 sudo cat /usr/local/openldap/etc/openldap/slapd-cli.conf
111 sudo cat /usr/local/openldap/etc/openldap/slapd.d/
112 sudo ls /usr/local/openldap/etc/openldap/slapd.d/
113 ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcRootPW=*)" olcRootPW
114 sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcRootPW=*)" olcRootPW
115 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
116 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
EOF
117 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
EOF
118 sudo ldapadd -Y EXTERNAL -H ldapi:///
119 dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
120 objectClass: olcOverlayConfig
121 objectClass: olcMemberOf
122 olcOverlay: memberof
123 olcMemberOfRefint: TRUE
124 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: memberof
olcMemberOfRefint: TRUE
EOF
125 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: memberof
olcMemberOfRefint: TRUE
EOF
126 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: memberof
olcMemberOfRefint: TRUE
EOF
127 ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test_user)" memberOf
128 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test_user)" memberOf
129 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test_user)" memberOfds
130 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test_user)" memberOf
131 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=arthur.wambst)" memberOf
132 history