OpenLDAP
Jump to navigation
Jump to search
Certificate
mizar.umassmed.edu
cd /etc/pki/tls/certs/ openssl req -newkey rsa:1024 -x509 -days 730 -nodes -out mizar.umassmed.edu.pem -keyout mizar.umassmed.edu.pem chmod 640 /etc/pki/tls/certs/mizar.umassmed.edu.* chown ldap.ldap /etc/pki/tls/certs/mizar.umassmed.edu.pem
pull out the certificate
grep -A 50 CERT mizar.umassmed.edu.pem > mizar.umassmed.edu.cl.pem cp mizar.umassmed.edu.cl.pem /storage/big1/kdb/linux_setup/certs/
verify
openssl x509 -noout -in mizar.umassmed.edu.cl.pem -dates
alcor.umassmed.edu
cd /etc/pki/tls/certs/ openssl req -newkey rsa:1024 -x509 -days 730 -nodes -out alcor.umassmed.edu.pem -keyout alcor.umassmed.edu.pem chmod 640 /etc/pki/tls/certs/alcor.umassmed.edu.* chown ldap.ldap /etc/pki/tls/certs/alcor.umassmed.edu.pem
pull out the certificate
grep -A 50 CERT alcor.umassmed.edu.pem > alcor.umassmed.edu.cl.pem cp alcor.umassmed.edu.cl.pem /storage/big1/kdb/linux_setup/certs/
verify
openssl x509 -noout -in mizar.umassmed.edu.cl.pem -dates
linux workstations
copy the BIG certificates to each workstation
cp ~kdb/linux_setup/certs/*.umassmed.edu.cl.pem /etc/pki/tls/certs/; chmod a+r /etc/pki/tls/certs/*.umassmed.edu.cl.pem chcon --reference=/etc/openldap/cacerts/cacert.pem /etc/pki/tls/certs/mizar.umassmed.edu.cl.pem chcon --reference=/etc/openldap/cacerts/cacert.pem /etc/pki/tls/certs/alcor.umassmed.edu.cl.pem
copy Umassmed certs to each workstation
cp ~kdb/linux_setup/certs/umms*.crt /etc/pki/tls/certs/
Run the following command to get everything going
authconfig-tui
SSSD
cp ~kdb/linux_setup/etc/sssd/sssd.conf /etc/sssd/sssd.conf
decent tutorial OpenLDAP Tutorial