●サフィックス名「dc=example, dc=com」のツリーを作成するデータベースのLDIFファイルを記載します。作成するデータベースはHDBとします。
[root@ora12ee01 openldap]# vi example_com.ldif
[root@ora12ee01 openldap]# cat example_com.ldif
dn: olcDatabase=hdb,cn=config
objectClass: olcHdbConfig
olcDatabase: hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=com
olcRootDN: cn=Manager,dc=example,dc=com
olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none
[root@ora12ee01 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f example_com.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=hdb,cn=config"
[root@ora12ee01 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config
dn: olcDatabase={3}hdb,cn=config
objectClass: olcHdbConfig
olcDatabase: {3}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=com
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth" manage by * none
olcRootDN: cn=Manager,dc=example,dc=com
●エントリ追加
[root@ora12ee01 openldap]# vi base.ldif
[root@ora12ee01 openldap]# cat base.ldif
# 一つ目のエントリ
dn: dc=example,dc=com
dc: example
o: example.com
objectClass: dcObject
objectClass: organization
# 2つ目のエントリ
dn: ou=Users,dc=example,dc=com
ou: Users
objectClass: organizationalUnit
[root@ora12ee01 openldap]# slappasswd
New password:
Re-enter new password:
{SSHA}vdJekeVhBJTWltC03slLTrVrj9j3Z6XW
[root@ora12ee01 openldap]# vi base.ldif
[root@ora12ee01 openldap]# cat base.ldif
# 一つ目のエントリ
dn: dc=example,dc=com
dc: example
o: example.com
objectClass: dcObject
objectClass: organization
# 2つ目のエントリ
dn: ou=Users,dc=example,dc=com
ou: Users
objectClass: organizationalUnit
# 3つ目のエントリ
dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: Manager
userPassword: {SSHA}vdJekeVhBJTWltC03slLTrVrj9j3Z6XW
[root@ora12ee01 openldap]# ldapadd -Y EXTERNAL -H ldapi:/// -f base.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "dc=example,dc=com"
adding new entry "ou=Users,dc=example,dc=com"
adding new entry "cn=Manager,dc=example,dc=com"
●全部表示
[root@ora12ee01 openldap]# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b dc=example,dc=com
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: dc=example,dc=com
dc: example
o: example.com
objectClass: dcObject
objectClass: organization
dn: ou=Users,dc=example,dc=com
ou: Users
objectClass: organizationalUnit
dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: Manager
userPassword:: e1NTSEF9dmRKZWtlVmhCSlRXbHRDMDNzbExUclZyajlqM1o2WFc=
https://qiita.com/toshihirock/items/fc6ba5b6be8040e69ac9