OpenLDAPの最新バージョンを使うためにソースからコンパイルしてインストールします。
構築
apt install make apt install gcc apt install libtool apt install libssl-dev apt install libwrap0-dev tar zxf openldap-server-2.4.49.tar.gz cd openldap-server-2.4.49 ./configure \ --localstatedir=/var \ --libdir=/usr/local/lib/openldap \ --enable-dynacl=yes \ --enable-modules=yes \ --enable-overlays=yes \ --disable-bdb \ --disable-hdb \ --enable-ldap=yes \ --enable-meta=yes \ --enable-wrappers make depend make make install cd contrib/slapd-modules/passwd/sha2 make SLAPD_SHA2_DEBUG=1 all rm -f /usr/local/libexec/openldap/pw-sha2.a make SLAPD_SHA2_DEBUG=1 install strip /usr/local/lib/libexec/openldap/*.so mkdir -p /var/run/slapd groupadd -g 389 ldap useradd -u 389 -g 389 -d /var/lib/ldap -c "OpenLDAP server" -s /usr/sbin/nologin ldap chown ldap:ldap /var/run/slapd
登録
/etc/systemd/system/slapd.service
SyncReplを使用する場合は必ずServerIDと符合するURIを-hオプションの引数で指定する。
[Unit] Description=OpenLDAP server After=syslog.target network.target Documentation=man:slapd(8) [Service] Type=forking PIDFile=/var/run/slapd/slapd.pid ExecStart=/usr/local/libexec/slapd -u ldap -g ldap -h 'ldap://localhost/ ldap://ldap.example.com/ ldapi:///' ExecReload=/bin/kill -HUP $MAINPID ExecStop=/bin/kill -TERM $MAINPID [Install] WantedBy=multi-user.target
/etc/rsyslog.d/50-default.conf
+ local4.* /var/log/ldap.log
/etc/logrotate.d/slapd
/var/log/ldap.log { daily rotate 30 missingok notifempty compress dateext dateformat .%Y-%m-%d }
/etc/rc.local
#!/bin/sh mkdir -p /var/run/slapd chown ldap:ldap /var/run/slapd
/var/spool/cron/crontabs/root
crontab -e
+ @reboot /etc/rc.local
起動
systemctl restart rsyslog systemctl list-unit-files --type=service | grep slapd systemctl enable slapd systemctl start slapd