建立學生群組
# groupadd student
建立老師群組
# groupadd teacher
建立學生目錄
# mkdir -p /home/student/s100
建立老師目錄
# mkdir /home/teacher
建立學生帳號及密碼
# useradd -g student -d /home/student/s100/s100001 -m -s /bin/false -c “六忠01林小華” s100001
# useradd -g student -d /home/student/s100/s100002 -m -s /bin/false -c “六忠02陳金花” s100002
# passwd s100001
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
# passwd s100002
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
建立老師帳號及密碼
# useradd -g teacher -d /home/teacher/t100001 -m -s /bin/false -c “李阿土” t100001
# passwd t100001
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
[@more@]
# mkdir /root/ldif
# egrep ‘teacher|student’ /etc/group > /root/ldif/group
# cat /root/ldif/group
student:x:1000:
teacher:x:1001:
# egrep ‘t100|s100’ /etc/passwd > /root/ldif/passwd
# cat /root/ldif/passwd
s100001:x:1002:1000:六忠01林小華:/home/student/s100/s100001:/bin/false
s100002:x:1003:1000:六忠02陳金花:/home/student/s100/s100002:/bin/false
t100001:x:1004:1001:李阿土:/home/teacher/t100001:/bin/false
使用 migrationtools 工具
# cd /usr/share/MigrationTools-47
# ./migrate_base.pl > /root/ldif/base.ldif
# ./migrate_passwd.pl /root/ldif/passwd > /root/ldif/passwd.ldif
# ./migrate_group.pl /root/ldif/group > /root/ldif/group.ldif
# cat /root/ldif/base.ldif
dn: dc=ldap,dc=tces.ilc.edu.tw
dc: ldap
objectClass: top
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw
dn: ou=Group,dc=ldap,dc=tces.ilc.edu.tw
ou: Group
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw
dn: ou=People,dc=ldap,dc=tces.ilc.edu.tw
ou: People
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: tces.ilc.edu.tw
清空資料
# systemctl stop slapd
# rm -rf /var/lib/openldap/openldap-data/*
# rm -rf /etc/openldap/slapd.d/*
# cp /etc/openldap/DB_CONFIG.example /var/lib/openldap/openldap-data/DB_CONFIG
# chown ldap:ldap /var/lib/openldap/openldap-data/DB_CONFIG
# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*
# systemctl start slapd
開始匯入
# systemctl stop slapd
# /usr/bin/slapadd -l /root/ldif/base.ldif
545aedd1 bdb_monitor_db_open: monitoring disabled; configure monitor database to enable
_#################### 100.00% eta none elapsed none fast!
Closing DB…
# /usr/bin/slapadd -l /root/ldif/passwd.ldif
# /usr/bin/slapadd -l /root/ldif/group.ldif
更改目錄擁有者及啟動 OpenLDAP Server
# chown -R ldap.ldap /etc/openldap/slapd.d
# chown -R ldap.ldap /var/lib/openldap/openldap-data/*
# systemctl start slapd