Page 166 - RHEL8 BOOK
P. 166
1. NIS: It is platform Dependent. It works on random ports. Its is less secure because it transfers the
passwords in decrypted format. It has no firewall support. It has no domain hierarchy support.
2. LDAP: It is a platform independent. It works on standard ports like 389, 636. It is more secure because
it transfers the user’s password by encrypting it with the help of 636 port. Firewall supported because it
works on standard ports. It has Hierarchy domain support. BDB (Berkeley Database) is the LDAP
Database by default comes with BDB application which maintain LDAP database.
Structure of LDAP Database:
LDAP structure can be maintain with the help of object class and schema
1. Object Class: The collection of properties like DN(Distinguish Name), DC (Domain Container),
OU (Organizational Unit) & UID is called object class.
2. Schema: The collection of users properties like Pin code, emp ID, etc is called schema.
Requirement of LDAP
Software = openldap* ldap* nss* db*
Config file = vi / etc/ openldap / sladp.conf
Files= /usr/share / openldap/ migration / migrate_common.ph
Data Base = /var / lib / ldap
Service = Ldap
Port = 389, 636
Daemon = ldap
DBfile == DB_CONFIG.sample
To configure LDAP (In LDAP server)
Step-1 (Check & install the s/w)
[root@linux1 ~]# yum -y install openldap* migrationtools
Step 2: Create LDAP root password for Admin purpose
[root@linux1 ~]# slappasswd
New password:
Re-enter new password:
{SSHA}bHSiwuPJEypHS6zHSE2Uy7M69sQjmkPL
Step 3: Edit openLdap Server Configuration
[root@linux1 ~]# cd /etc/openldap/slapd.d/cn=config
[root@linux1 cn=config]# vi olcDatabase={2}hdb.ldif
olcSuffix: dc=iiht,dc=com
olcRootDN: cn=Manager,dc=iiht,dc=com
Add three Lines below
olcRootPW: {SSHA}bHSiwuPJEypHS6zHSE2Uy7M69sQjmkPL
olcTLSCertificateFile: /etc/pki/tls/certs/iihtldap.pem
olcTLSCertificateKeyFile: /etc/pki/tls/certs/iihtldapkey.pem
S. Pradhan
(MCA, MBA-IT, BCA, CCNA, MCSA 2012, RHCE, ETHICAL HACKING)
Email Id:-spradhan.iiht@gmail.com
166
