OpenLDAP Phpldapadmin Linux

环境：Fedora Core6
从DVD光盘完全安装的OpenLDAP(版本：2.3.30)和phpldapadmin(版本：1.0.1)

OpenLDAP的配置文件在/etc/openldap
配置slapd.conf文件，不需要修改什么
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=ldaproot,dc=example,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw secret
rootpw {SSHA}**************************
注意不要有空格，需要空格时用table键.
应该可以运行OpenLDAP了(slapd)，具体运行方法搜一搜！

配置phpldapadmin
phpldapadmin的配置文件缺省在/etc/httpd/conf.d下
more phpldapadmin.conf得到
#
# Web-based tool for managing LDAP servers
#

Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs


Order Deny,Allow
Deny from all
Allow from 127.0.0.1


cd /usr/share/phpldapadmin/htdocs
起动service httpd start
firefox example.com/ldapadmin/就应该可以看到














cd /usr/share/phpldalpadmin/config
gedit /usr/share/phpldapadmin/config/config.php

将
/* If you specified 'cookie' or 'session' as the auth_type above, you can
optionally specify here an attribute to use when logging in. If you enter
'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
and log in as that user.
Leave blank or specify 'dn' to use full DN for logging in. Note also that if
your LDAP server requires you to login to perform searches, you can enter the
DN to use when searching in 'login_dn' and 'login_pass' above. You may also
specify 'string', in which case you can provide a string to use for logging
users in. See 'login_string' directly below. */
// $ldapservers->SetValue($i,'login','attr','dn');
$ldapservers->SetValue($i,'login','attr','uid');
改为
$ldapservers->SetValue($i,'login','attr','dn');
//$ldapservers->SetValue($i,'login','attr','uid');
以便使用完整的dn登录，其他部分不用改.

登录后，若出现















而phpldapadmin/config.php的$server段没有修改，即为：
//$ldapservers->SetValue($i,'server','auth_type','cookie');
$ldapservers->SetValue($i,'server','auth_type','session');

可能是/etc/php.ini出了问题, 将register_globals=Off改为On,即：
; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = On

PS:phpldapadmin的调用关系：
htdocs/index.php调用login_form.php;
login_form.php调用./common.php(即require './common.php';)；
./common.php调用../lib/common.php(即@define('LIBDIR',sprintf('%s/',realpath('../lib/')));
require LIBDIR.'common.php';)；
../lib/common.php调用/etc/phpldapadmin/config.php

OK!
ENJOY IT!