{"id":1276,"date":"2018-08-30T15:30:07","date_gmt":"2018-08-30T07:30:07","guid":{"rendered":"http:\/\/www.yaoge123.com\/blog\/?p=1276"},"modified":"2020-03-15T10:59:46","modified_gmt":"2020-03-15T02:59:46","slug":"openldap-%e5%af%86%e7%a0%81%e7%ad%96%e7%95%a5","status":"publish","type":"post","link":"https:\/\/www.yaoge123.com\/blog\/archives\/1276","title":{"rendered":"OpenLDAP \u5bc6\u7801\u7b56\u7565"},"content":{"rendered":"<p>OpenLDAP\u9ed8\u8ba4\u662f\u6ca1\u6709\u5bc6\u7801\u68c0\u67e5\u7b56\u7565\u7684\uff0c123456\u8fd9\u4e5f\u5f97\u5bc6\u7801\u4e5f\u80fd\u63a5\u53d7\uff0c\u8fd9\u663e\u7136\u662f\u7ba1\u7406\u5458\u4e0d\u5e0c\u671b\u770b\u5230\u7684\u3002<\/p>\n<ol>\n<li>\u5bfc\u5165\u5bc6\u7801\u7b56\u7565schema\n<pre class=\"lang:sh decode:true \">ldapadd -Y EXTERNAL -H ldapi:\/\/\/ -D \"cn=config\" -f \/etc\/openldap\/schema\/ppolicy.ldif<\/pre>\n<\/li>\n<li>\u52a0\u8f7d\u6a21\u5757\uff0c\u56e0\u4e3a\u5df2\u7ecf\u6dfb\u52a0\u8fc7syncprov\u6a21\u5757\u4e86\uff0c\u6240\u4ee5\u53ea\u8981\u8ffd\u52a0ppolicy\u6a21\u5757\u5c31\u53ef\u4ee5\u4e86\n<pre class=\"lang:default decode:true\">dn: cn=module{0},cn=config\nchangetype: modify\nadd: olcModuleLoad\nolcModuleLoad: ppolicy.la\n<\/pre>\n<pre class=\"lang:sh decode:true\">ldapmodify -Y EXTERNAL -H ldapi:\/\/\/ -f mod_ppolicy.ldif<\/pre>\n<\/li>\n<li>\u6307\u5b9a\u9ed8\u8ba4\u7b56\u7565dn\u540d\n<pre class=\"lang:default decode:true\">dn: olcOverlay=ppolicy,olcDatabase={2}hdb,cn=config\nchangeType: add\nobjectClass: olcOverlayConfig\nobjectClass: olcPPolicyConfig\nolcOverlay: ppolicy\nolcPPolicyDefault: cn=default,ou=ppolicy,dc=yaoge123,dc=com\nolcPPolicyHashCleartext: TRUE<\/pre>\n<pre class=\"lang:sh decode:true \">ldapmodify -Y EXTERNAL -H ldapi:\/\/\/ -f ppolicy.ldif<\/pre>\n<\/li>\n<li>\u521b\u5efa\u9ed8\u8ba4\u7b56\u7565\n<pre class=\"lang:default decode:true \">dn: ou=ppolicy,dc=yaoge123,dc=com\nobjectClass: organizationalUnit\nobjectClass: top\nou: ppolicy\n\ndn: cn=default,ou=ppolicy,dc=yaoge123,dc=com\ncn: default\nobjectClass: top\nobjectClass: device\nobjectClass: pwdPolicy\nobjectClass: pwdPolicyChecker\npwdAllowUserChange: TRUE\npwdAttribute: userPassword\npwdCheckQuality: 2\npwdExpireWarning: 604800\npwdFailureCountInterval: 0\npwdGraceAuthnLimit: 5\npwdInHistory: 5\npwdLockout: TRUE\npwdLockoutDuration: 600\npwdMaxAge: 0\npwdMaxFailure: 5\npwdMinAge: 0\npwdMinLength: 8\npwdMustChange: FALSE\npwdSafeModify: FALSE\npwdCheckModule: check_password.so<\/pre>\n<pre class=\"lang:sh decode:true \">ldapadd -Y EXTERNAL -H ldapi:\/\/\/ -f defaultppolicy.ldif<\/pre>\n<\/li>\n<li>\u4fee\u6539\/etc\/openldap\/check_password.conf\uff0c\u5b9a\u4e49check_password.so\u89c4\u5219<\/li>\n<li>MirrorMode\u7684\u4e24\u53f0LDAP\u5747\u9700\u8fdb\u884c\u4e0a\u8ff0\u540c\u6837\u7684\u914d\u7f6e<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>OpenLDAP\u9ed8\u8ba4\u662f\u6ca1\u6709\u5bc6\u7801\u68c0\u67e5\u7b56\u7565\u7684\uff0c123456\u8fd9\u4e5f\u5f97\u5bc6\u7801\u4e5f\u80fd\u63a5\u53d7\uff0c\u8fd9\u663e\u7136\u662f\u7ba1\u7406\u5458\u4e0d\u5e0c\u671b\u770b\u5230\u7684\u3002 \u5bfc\u5165\u5bc6 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[11],"tags":[229],"class_list":["post-1276","post","type-post","status-publish","format-standard","hentry","category-xnix","tag-ldap"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/paOwEq-kA","_links":{"self":[{"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/posts\/1276","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/comments?post=1276"}],"version-history":[{"count":13,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/posts\/1276\/revisions"}],"predecessor-version":[{"id":1421,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/posts\/1276\/revisions\/1421"}],"wp:attachment":[{"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/media?parent=1276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/categories?post=1276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yaoge123.com\/blog\/wp-json\/wp\/v2\/tags?post=1276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}