API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 3rd, 2017
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.34 KB | None | 0 0
raw download clone embed print report
  1. $ cat module_monitor.ldif
  2. dn: cn=module{0},cn=config
  3. changetype: modify
  4. add: olcModuleLoad
  5. olcModuleLoad: {2}back_monitor
  6.  
  7. $ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f module_monitor.ldif
  8.  
  9. $ sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=module{0},cn=config"
  10. SASL/EXTERNAL authentication started
  11. SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
  12. SASL SSF: 0
  13. # extended LDIF
  14. #
  15. # LDAPv3
  16. # base <cn=module{0},cn=config> with scope subtree
  17. # filter: (objectclass=*)
  18. # requesting: ALL
  19. #
  20.  
  21. # module{0}, config
  22. dn: cn=module{0},cn=config
  23. objectClass: olcModuleList
  24. cn: module{0}
  25. olcModulePath: /usr/lib64/openldap
  26. olcModuleLoad: {0}memberof
  27. olcModuleLoad: {1}refint
  28. olcModuleLoad: {2}back_monitor
  29. <...>
  30.  
  31. $ cat cn_monitor.ldif
  32. dn: cn=monitor,dc=company,dc=de
  33. objectClass: simpleSecurityObject
  34. objectClass: organizationalRole
  35. cn: monitor
  36. description: LDAP monitor
  37. userPassword: {CRYPT}REDACTED
  38.  
  39. $ ldapadd -x -D "cn=admin,dc=company,dc=de" -W -f cn_monitor.ldif -ZZ -H ldap://openldap.internal.company.de
  40.  
  41. $ cat database_monitor.ldif
  42. dn: olcDatabase={1}monitor,cn=config
  43. changetype: modify
  44. replace: olcAccess
  45. olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.base="cn=manager,dc=company,dc=de" read by * none
  46.  
  47. $ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f database_monitor.ldif
  48.  
  49. $ sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b "olcDatabase={1}monitor,cn=config"
  50.  
  51. SASL/EXTERNAL authentication started
  52. SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
  53. SASL SSF: 0
  54. # extended LDIF
  55. #
  56. # LDAPv3
  57. # base <olcDatabase={1}monitor,cn=config> with scope subtree
  58. # filter: (objectclass=*)
  59. # requesting: ALL
  60. #
  61.  
  62. # {1}monitor, config
  63. dn: olcDatabase={1}monitor,cn=config
  64. objectClass: olcDatabaseConfig
  65. olcDatabase: {1}monitor
  66. olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external
  67. ,cn=auth" read by dn.base="cn=manager,dc=company,dc=de" read by * none
  68.  
  69. $ sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=monitor"
  70. <...>
  71. # numResponses: 67
  72. # numEntries: 66
  73.  
  74. $ ldapsearch -D "cn=monitor,dc=company,dc=de" -H ldap://openldap.internal.company.de -W -ZZ -b "cn=monitor"
  75. Enter LDAP Password:
  76. # extended LDIF
  77. #
  78. # LDAPv3
  79. # base <cn=monitor> with scope subtree
  80. # filter: (objectclass=*)
  81. # requesting: ALL
  82. #
  83.  
  84. # search result
  85. search: 3
  86. result: 32 No such object
  87.  
  88. # numResponses: 1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!