-- ·|­û / µù¥U -- ¡@
¡@±b¸¹¡G
¡@±K½X¡G
¡@ | µù¥U | §Ñ°O±K½X
3/26 ·s®Ñ¨ì¡I 3/19 ·s®Ñ¨ì¡I 3/14 ·s®Ñ¨ì¡I 12/12 ·s®Ñ¨ì¡I
ÁʮѬyµ{¡EQ & A¡E¯¸°È¯d¨¥ª©¡E«ÈªA«H½c
¢x 3ds Max¢x Maya¢x Rhino¢x After Effects¢x SketchUp¢x ZBrush¢x Painter¢x Unity¢x
¢x PhotoShop¢x AutoCad¢x MasterCam¢x SolidWorks¢x Creo¢x UG¢x Revit¢x Nuke¢x
¢x C#¢x C¢x C++¢x Java¢x ¹CÀ¸µ{¦¡¢x Linux¢x ´O¤J¦¡¢x PLC¢x FPGA¢x Matlab¢x
¢x Àb«È¢x ¸ê®Æ®w¢x ·j¯Á¤ÞÀº¢x ¼v¹³³B²z¢x Fluent¢x VR+AR¢x ANSYS¢x ²`«×¾Ç²ß¢x
¢x ³æ´¹¤ù¢x AVR¢x OpenGL¢x Arduino¢x Raspberry Pi¢x ¹q¸ô³]­p¢x Cadence¢x Protel¢x
¢x Hadoop¢x Python¢x Stm32¢x Cortex¢x Labview¢x ¤â¾÷µ{¦¡¢x Android¢x iPhone¢x
¥i¬d®Ñ¦W,§@ªÌ,ISBN,3dwoo®Ñ¸¹
¸Ô²Ó®ÑÄy¤ÀÃþ

Linux/UNIX OpenLDAP¹ê¾Ô«ü«n

( ²Åé ¦r)
§@ªÌ¡G³¢¤j«iÃþ§O¡G1. -> §@·~¨t²Î -> Linux
ĶªÌ¡G
¥Xª©ªÀ¡G¤H¥Á¶l¹q¥Xª©ªÀLinux/UNIX OpenLDAP¹ê¾Ô«ü«n 3dWoo®Ñ¸¹¡G 43343
¸ß°Ý®ÑÄy½Ð»¡¥X¦¹®Ñ¸¹¡I

¡i¯Ê®Ñ¡j
NT°â»ù¡G 345 ¤¸

¥Xª©¤é¡G1/1/2016
­¶¼Æ¡G338
¥úºÐ¼Æ¡G0
¯¸ªø±ÀÂË¡G
¦L¨ê¡G¶Â¥Õ¦L¨ê»y¨t¡G ( ²Åé ª© )
¥[¤JÁʪ«¨® ¢x¥[¨ì§Úªº³Ì·R
(½Ð¥ýµn¤J·|­û)
ISBN¡G9787115409249
§@ªÌ§Ç¡@|¡@ĶªÌ§Ç¡@|¡@«e¨¥¡@|¡@¤º®e²¤¶¡@|¡@¥Ø¿ý¡@|¡@§Ç
(²Åé®Ñ¤W©Ò­z¤§¤U¸ü³sµ²¯Ó®É¶O¥\, ®¤¤£¾A¥Î¦b¥xÆW, ­YŪªÌ»Ý­n½Ð¦Û¦æ¹Á¸Õ, ®¤¤£«OÃÒ)
§@ªÌ§Ç¡G

ĶªÌ§Ç¡G

«e¨¥¡G

¤º®e²¤¶¡G

¡@¡@OpenLDAP¬OLinux¾Þ§@¨t²Î¤¤»´«¬¥Ø¿ý³X°Ý¨óij¡]Lightweight Directory Access Protocol¡ALDAP¡^ªº¤@­Ó¦Û¥Ñ©M¶}·½ªº¹ê²{¡C¡mLinux/UNIX OpenLDAP¹ê¾Ô«ü«n¡n§@¬°¤@¥»±MªùÁ¿¸ÑOpenLDAPªº¹Ï®Ñ¡A´`§Çº¥¶i¦aÁ¿¸Ñ¤FLDAP¨óij¥H¤ÎOpenLDAP¥H¤Î¦b¥ø·~¤¤ªºÀ³¥Î¡C
¡mLinux/UNIX OpenLDAP¹ê¾Ô«ü«n¡n¤À¬°°ò¦½g¡B°ª¯Å½g©M¹ê¾Ô½g¡A¦@­p17³¹¡C°ò¦½g²[»\¤FOpenLDAPªº¤u§@­ì²z¡BOpenLDAPªA°È¾¹ªº¦w¸Ë»P°t¸m¡BOpenLDAPªº©R¥O¸Ô¸Ñ¡BOpenLDAP«È¤áºÝ³¡¸p¥H¤ÎGUIºÞ²z¡C°ª¯Å½g«h¤¶²Ð¤FOpenLDAPªº°ª¯Å¥DÃD¡A¥]¬AOpenLDAPÅv­­¡B±K½Xµ¦²¤±±¨î¡B¥D¾÷µ¦²¤±±¨î¡B¥[±K¶Ç¿é¡B¦P¨B­ì²z¤Î°t¸m¡B°ª¥i¥Î­t¸ü§¡¿Å¬[ºc¤Î¹ê²{¡C¹ê¾Ô½g¥D­n¤¶²Ð¤FOpenLDAPªº¨ãÅéÀ³¥Î¡A¥]¬AOpenLDAPªºÀu¤Æ¡B¬G»Ù¸Ñ¨M¤è®×¡A¥H¤Î»P¦UºØÀ³¥Î¬[ºc¶i¦æ¶°¦¨¡A¥H¹ê²{¥Î¤áªº²Î¤@ºÞ²z¤Î±ÂÅv¡C
¡mLinux/UNIX OpenLDAP¹ê¾Ô«ü«n¡n¾A¦XUNIX/Linux¨t²Î¬[ºc®v¡B¶}µo/¹Bºû/ºÞ²z¤H­û¾\Ū¡C
¥Ø¿ý¡G

²Ä1³¹¡@OpenLDAP¤¶²Ð¤Î¤u§@­ì²z¸Ô¸Ñ 2
1.1 Ãö¤_OpenLDAP 3
1.1.1 OpenLDAP¬O¤°¤\ 3
1.1.2 ¬°¤°¤\¿ï¾ÜOpenLDAP²£«~ 4
1.1.3 OpenLDAP¥Ø¿ýªA°ÈÀuÂI 4
1.1.4 OpenLDAP¥\¯à 5
1.1.5 OpenLDAP¨óijª©¥»·§­z 5
1.1.6 LDAP²£«~¶×Á` 6
1.1.7 OpenLDAP¾A¥Î³õ´º 6
1.1.8 OpenLDAP¤ä«ùªº¨t²Î¥­»O 6
1.1.9 OpenLDAP°ª¯Å¥\¯à¶×Á` 7
1.2 OpenLDAP¥Ø¿ý¬[ºc 7
1.2.1 OpenLDAP¥Ø¿ý¬[ºc¤¶²Ð 7
1.2.2 ¤¬Ápºô©R¦W²Õ´¬[ºc 7
1.2.3 ¥ø·~¯Å©R¦W²Õ´¬[ºc 8
1.2.4 OpenLDAPªº¨t²Î¬[ºc 8
1.2.5 OpenLDAPªº¤u§@¼Ò«¬ 9
1.3 OpenLDAP schema·§©À 9
1.3.1 schema¤¶²Ð¤Î¥Î³~ 9
1.3.2 Àò¨úschemaªº³~®| 10
1.4 OpenLDAP¥Ø¿ý±ø¥Ø·§­z 11
1.4.1 objectClass¤ÀÃþ 11
1.4.2 OpenLDAP±`¨£ªº
objectClass 11
1.4.3 objectClass¸Ô¸Ñ 13
1.4.4 objectClass®×¨Ò¤ÀªR 13
1.5 ÄÝ©Ê 14
1.5.1 ÄÝ©Ê·§­z 14
1.5.2 Attribute¸Ô¸Ñ 14
1.6 LDIF¸Ô¸Ñ 15
1.6.1 LDIF¥Î³~ 15
1.6.2 LDIF¤å¥ó¯SÂI 15
1.6.3 LDIF®æ¦¡»yªk 16
1.7 ¹ï¶H¼ÐÃѲÅÁ¿¸Ñ 16
1.8 ¦Û°Ê¤Æ¹Bºû¸Ñ¨M¤è®× 17
1.8.1 ¤¬Ápºô­±Á{ªº°ÝÃD 17
1.8.2 ¦Û°Ê¤Æ¸Ñ¨M¤è®× 18
1.9 ¥»³¹Á`µ² 19
²Ä2³¹¡@OpenLDAPªA°È¾¹¦w¸Ë»P°t¸m 20
2.1 OpenLDAP¥­»O¤ä«ù 21
2.2 OpenLDAP¦w¸Ë 21
2.2.1 OpenLDAP¦w¸Ë¤è¦¡ 21
2.2.2 OpenLDAP¦w¸Ë¨BÆJ 21
2.3 Linux¥­»O¦w¸Ë 21
2.3.1 yum¥Î³~¤Î»yªk 21
2.3.2 ¥H³n¥ó¥]§Î¦¡¦w¸Ë 23
2.3.3 ³q¹L·½½X½sĶ¦w¸Ë 24
2.3.4 ¿ù»~¤ÀªR¡B¸Ñ¨M 27
2.4 OpenLDAP°t¸m 28
2.4.1 OpenLDAP¬ÛÃö«H®§ 28
2.4.2 slapd.conf°t¸m¤å¥ó 28
2.5 OpenLDAP³æ¸`ÂI°t¸m®×¨Ò 31
2.5.1 ¦w¸ËÀô¹Ò³W¹º 31
2.5.2 ¥D¾÷¦W³W¹º°t¸m 32
2.5.3 ®É¶¡¦P¨B°t¸m 32
2.5.4 ¨¾¤õùÙ¡BSELinux°t¸m 33
2.5.5 FQDN°ì¦W¸ÑªR°t¸m 33
2.5.6 ¦w¸ËOpenLDAP²Õ¥ó 33
2.5.7 ªì©l¤ÆOpenLDAP°t¸m 34
2.5.8 slaptestÀË´ú¡B¥Í¦¨¼Æ¾Ú®w 35
2.5.9 OpenLDAP¤é§Ó°t¸m 35
2.5.10 ³q¹Lcn=config°t¸m
OpenLDAP¤é§Ó 36
2.5.11 OpenLDAP¤é§Ó¤Á³Î°t¸m 37
2.5.12 ¥[¸üslapd¶iµ{¡BºÝ¤fª¬ºA 38
2.6 OpenLDAP¥Ø¿ý¾ð³W¹º 38
2.6.1 ³W¹ºOpenLDAP¥Ø¿ý¾ð
²Õ´¬[ºc 38
2.6.2 ¬G»Ù¤ÀªR 39
2.7 OpenLDAP¥Î¤á¥H¤Î»P¥Î¤á²Õ
¬ÛÃöªº°t¸m 40
2.7.1 ³q¹Lmigrationtools¹ê²{
OpenLDAP¥Î¤á¤Î¥Î¤á²Õ
ªº²K¥[ 40
2.7.2 ¦Û©w¸qLDIF¤å¥ó²K¥[¥Î¤á
¤Î¥Î¤á²Õ±ø¥Ø 42
2.8 OpenLDAP¯Á¤Þ 43
2.8.1 ¯Á¤Þ¤¶²Ð 43
2.8.2 ³Ð«Ø¯Á¤Þ 44
2.9 OpenLDAP±±¨îµ¦²¤ 44
2.9.1 ³q¹Lslapd.conf©w¸q¥Î¤á
µ¦²¤±±¨î 44
2.9.2 ³q¹Lcn=config©w¸q¥Î¤á
±±¨îµ¦²¤ 45
2.10 ¥»³¹Á`µ² 45
²Ä3³¹¡@OpenLDAP©R¥O¸Ô¸Ñ 46
3.1 OpenLDAP©R¥O¤¶²Ð 47
3.2 OpenLDAP©R¥OÁ¿¸Ñ¤Î®×¨Ò¤ÀªR 47
3.2.1 ldapsearch©R¥O 47
3.2.2 ldapadd©R¥O 48
3.2.3 ldapdelete©R¥O 49
3.2.4 ldapmodify©R¥O 50
3.2.5 ldapwhoami©R¥O 51
3.2.6 ldapmodrdn©R¥O 51
3.2.7 ldapcompare©R¥O 52
3.2.8 ldappasswd©R¥O 54
3.2.9 slaptest©R¥O 54
3.2.10 slapindex©R¥O 55
3.2.11 slapcat©R¥O 55
3.3 ¥»³¹Á`µ² 56
²Ä4³¹¡@OpenLDAP«È¤áºÝ³¡¸p 57
4.1 ªA°È¾¹¡B¦sÀxWeb±±¨î¶°¦¨
OpenLDAP 58
4.1.1 «È¤áºÝ³¡¸p¤¶²Ð 58
4.1.2 ªA°È¾¹Web±±¨î»O¶°¦¨
LDAP 58
4.1.3 EMC Web±±¨î»O¶°¦¨
LDAP 59
4.2 UNIX¨t²Î³¡¸pOpenLDAP
«È¤áºÝ 60
4.2.1 ¥»¦a¥Ø¿ýªA°È¬d¸ß¬yµ{ 60
4.2.2 ¨t²Îµo¦æª©5.x/6.x/7.xªº
³¡¸p°Ï§O 60
4.2.3 ½ã¸¹µn¿ý¨t²Î¬yµ{Á¿¸Ñ 60
4.2.4 5.x¡B6.x¡B7.x¨t²Îª©¥»¥H¤Î
°t¸m¤å¥ó¤¶²Ð 60
4.2.5 °t¸m¤å¥ó¥\¯à¤¶²Ð 61
4.2.6 ¤TºØ³¡¸p¤è¦¡¤¶²Ð 61
4.3 ¬õ´U5.x¨t²Îª©¥»³¡¸p 62
4.3.1 ¹Ï§Î¤Æ³¡¸pOpenLDAP
«È¤áºÝ 62
4.3.2 ¬G»Ù¤ÀªR¤§¤@ 64
4.3.3 ¬G»Ù¤ÀªR¤§¤G 65
4.4 ¬õ´U6.x¨t²Îª©¥»³¡¸p 65
4.4.1 sssd»Pnslcdªº°Ï§O 66
4.4.2 °t¸m¤å¥ó³¡¸p 66
4.5 ©R¥O¦æ³¡¸pOpenLDAP«È¤áºÝ 69
4.5.1 authconfig©R¥O¤¶²Ð 69
4.5.2 authconfig³Æ¥÷«ì´_®×¨Ò 70
4.5.3 ³¡¸p¹ê¬I¨BÆJ 71
4.6 ¬G»Ù¤ÀªR 72
4.7 ¥»³¹Á`µ² 73
²Ä5³¹¡@OpenLDAP GUIºÞ²z³¡¸p 74
5.1 phpLDAPadmin·§­z 75
5.2 ³¡¸pphpLDAPadmin 75
5.2.1 ¦w¸ËphpLDAPadminªº
Àô¹Ò·Ç³Æ 75
5.2.2 Apache³¡¸p 75
5.2.3 ¬G»Ù¤ÀªR 76
5.2.4 ÅçÃÒApache¥\¯à 77
5.2.5 PHP¶}µoÀô¹Ò³¡¸p 78
5.2.6 ÅçÃÒ·í«e¨t²Î¬O§_¤ä«ù
PHPÀô¹Ò 79
5.2.7 ¦w¸ËphpLDAPadmin GUI
ºÞ²z³n¥ó 80
5.2.8 ÅçÃÒphpLDAPadmin¬É­± 81
5.2.9 ¬G»Ù¤ÀªR 82
5.3 ³q¹LphpLDAPadminºÞ²z
OpenLDAP 83
5.3.1 ¥Î¤á±ø¥ØºÞ²z 83
5.3.2 phpLDAPadmin¥Î¤á
µn¿ý²§±` 87
5.4 ³X°ÝphpLDAPadmin»Ý­n´£¨Ñ
ApacheÅçÃÒ 87
5.4.1 °t¸mApache»{ÃÒµ¦²¤ 88
5.4.2 phpLDAPamdinÅçÃÒ
»{ÃÒµ¦²¤ 89
5.5 LAM 89
5.5.1 LAM³n¥ó²¤¶ 89
5.5.2 LAM¥\¯à 90
5.5.3 LAM¦w¸Ë¡B°t¸m 90
5.5.4 ÅçÃÒLAM¥­»O 91
5.5.5 ¬G»Ù¤ÀªR 93
5.6 LDAP AdminºÞ²z 94
5.6.1 LDAP Admin³n¥ó¤¶²Ð 94
5.6.2 LDAP Admin¦w¸Ë 94
5.7 LDAP AdminºÞ²z±ø¥Ø 96
5.7.1 ±ø¥ØºÞ²z 96
5.7.2 ouºÞ²z 97
5.7.3 objectClassºÞ²z 97
5.8 ¥»³¹Á`µ² 99
²Ä6³¹¡@OpenLDAPÅv­­¡B±K½Xµ¦²¤±±¨î 102
6.1 sudo¸Ô¸Ñ 103
6.1.1 sudo·§©À´y­z 103
6.1.2 ¨t²ÎÅv­­ÄÄ­z 103
6.2 sudoÅv­­¯Å§O¤ÀÃþ 104
6.2.1 ¥Î¤á¯Å§O·§©À 104
6.2.2 ²Õ¯Å§O·§©À 104
6.2.3 ©R¥O¯Å§O·§©À 104
6.3 sudo°õ¦æ¬yµ{Á¿¸Ñ 105
6.4 OpenLDAP sudoÅv­­Á¿¸Ñ 105
6.5 sudoÅv­­±±¨î¹ê¾Ô 106
6.5.1 sudoÅv­­±±¨î¹ê¾Ô©Ý¼³¹Ï 106
6.5.2 ³q¹L¥»¦asudo³W«h¹ê²{
OpenLDAP¥Î¤á´£Åv°t¸m 106
6.5.3 ¦bOpenLDAPªA°ÈºÝ¹ê²{
¥Î¤áÅv­­±±¨î 108
6.6 ¦b«È¤áºÝ°t¸mOpenLDAP¬ÛÃö
sudo³]¸m 115
6.6.1 5.x¡B6.x³¡¸psudoªº°Ï§O 115
6.6.2 RHEL 5.x¨t²Î°t¸m
OpenLDAPªºsudo³W«h 115
6.6.3 RHEL 6.5¨t²Î°t¸m
OpenLDAPªºsudo³W«h 116
6.7 OpenLDAP±K½Xµ¦²¤¡B¼f­p±±¨î 118
6.7.1 ±K½Xµ¦²¤ 118
6.7.2 ³q¹L¥»¦a°t¸m¹ê²{±K½X
µ¦²¤¤¶²Ð 118
6.7.3 ±K½Xµ¦²¤ÄÝ©Ê¸Ô¸Ñ 119
6.8 OpenLDAP©w¨î±K½Xµ¦²¤ 119
6.8.1 OpenLDAPªA°ÈºÝ©w¨î
±K½Xµ¦²¤ 119
6.8.2 ©w¸q±K½Xµ¦²¤²Õ 121
6.8.3 ©w¸q¥Î¤áµn¿ý­×§ï±K½X 122
6.8.4 «È¤áºÝ°t¸m 123
6.9 ±K½X¼f­p±±¨î 124
6.9.1 ¥[¸ü¼f­p¼Ò¶ôauditlog 124
6.9.2 ¦b«È¤áºÝÅçÃÒ±K½X
µ¦²¤®É®Ä 124
6.9.3 OpenLDAP¥Î¤á±K½X¸òÂÜ 124
6.10 ±`¨£¥Î¤á±K½X³B²z¤èªk 125
6.10.1 ±K½X³QÂê¸Ñ¨M¤èªk 125
6.10.2 ¦p¦ó´£¥Ü­×§ïªì©l±K½X 126
6.10.3 ±K½X¹L´Á¸Ñ¨M¤è®× 127
6.11 ¥»³¹Á`µ² 127
²Ä7³¹¡@OpenLDAP¥D¾÷±±¨îµ¦²¤ 129
7.1 ¥D¾÷±±¨îµ¦²¤ÄÄ­z 130
7.2 ³q¹LLinux-PAM¼Ò¶ô¹ê²{±±¨î 130
7.2.1 Linux-PAM²Õ´¬[ºc 130
7.2.2 PAM°t¸m¤å¥ó»yªkÁ¿¸Ñ 130
7.3 ³q¹Laccess¹ê²{¥D¾÷±±¨î 132
7.3.1 access¼Ò¶ô¥\¯àÄÄ­z 132
7.3.2 access°t¸m»yªk 132
7.4 ³q¹Laccess±±¨î¥Î¤á¹ê¾Ôºt½m 132
7.4.1 ¥[¸üpam_access.so¼Ò¶ô 132
7.4.2 °t¸maccess.conf³X°Ý³W«h 133
7.4.3 «È¤áºÝÅçÃÒ³W«h 133
7.5 OpenLDAPªA°ÈºÝ¥D¾÷±±¨î³W«h 134
7.5.1 ©w¸qolcModuleList¹ï¶H 135
7.5.2 ²K¥[¼Ò¶ô¸ô®|
/usr/lib64/openldap 135
7.5.3 ©w¸q¥D¾÷±±¨î¼Ò¶ô 135
7.5.4 ©w¸q¥D¾÷objectClass¹ï¶H 136
7.5.5 ©w¸qldapnsªºschema³W­S 136
7.5.6 ©w¸q¥D¾÷¦Cªí²Õ 136
7.5.7 ©w¸q¥Î¤á²Õ 137
7.6 OpenLDAP«È¤áºÝ³¡¸p 139
7.6.1 ©w¸qFQDN¸ÑªR 139
7.6.2 ¥[¸üLDAP¥D¾÷±±¨î³W«h 139
7.6.3 ¦b«È¤áºÝÅçÃÒ±±¨îµ¦²¤ 140
7.6.4 ¤é§Ó¤ÀªR 141
7.7 6.x«È¤áºÝ³¡¸p 142
7.7.1 ©w¸qFQDN¸ÑªR 142
7.7.2 pam_ldap.conf°Ñ¼Æ³W¹º 142
7.7.3 ¦b«È¤áºÝÅçÃÒ±±¨îµ¦²¤ 142
7.7.4 ¤é§Ó¤ÀªR 143
7.8 LAM±±¨î»OºÞ²z 143
7.8.1 ©w¸q¥Î¤á²K¥[ÄÝ©Ê 144
7.8.2 ¦b«È¤áºÝÅçÃÒ 146
7.9 ¥»³¹Á`µ² 147
²Ä8³¹¡@OpenLDAP¥[±K¶Ç¿é»PÃÒ®Ñ
¹{µo¾÷ºc 148
8.1 OpenSSL 149
8.1.1 SSL·§­z 149
8.1.2 OpenSSL·§­z 149
8.1.3 OpenSSL·|¸Ü«Ø¥ß¹Lµ{ 149
8.2 CA 150
8.2.1 CA·§­z 150
8.2.2 CAÃҮѦ³®Ä«H®§ 150
8.2.3 ¯µÆ_¥æ´«­ì²z 151
8.3 ¥[±KºâªkÁ¿¸Ñ 151
8.3.1 ¹ïºÙ¥[±Kºâªk 151
8.3.2 ³æ¦V¥[±Kºâªk 152
8.3.3 «D¹ïºÙ¥[±Kºâªk 153
8.4 OpenSSL²Õ¥ó»P©R¥O 155
8.4.1 OpenSSL²Õ¥ó 155
8.4.2 OpenSSL©R¥OÁ¿¸Ñ 155
8.5 ³q¹LOpenSSLºc«ØÃҮѹ{µo¾÷ºc 156
8.5.1 CAÃÒ®ÑÀò¨ú³~®| 156
8.5.2 ¦Û«ØCA 156
8.6 OpenLDAP»PCA¶°¦¨ 159
8.6.1 OpenLDAPÃÒ®ÑÀò¨ú 159
8.6.2 OpenLDAP TLS/SASL
³¡¸p 160
8.6.3 «È¤áºÝ³¡¸p 164
8.7 phpLDAPadmin¥[±K·|¸Ü»{ÃÒ 167
8.7.1 ³¡¸pÀô¹Ò³W¹º 167
8.7.2 phpLDAPadmin¥[±K·|¸Ü 168
8.8 ¥»³¹Á`µ² 172
²Ä9³¹¡@OpenLDAP¦P¨B­ì²z¤Î°t¸m 173
9.1 OpenLDAP¦P¨B 174
9.1.1 OpenLDAP¦P¨B­ì²z 174
9.1.2 syncrepl¡Bslurpd¦P¨B¾÷¨î
Àu¯ÊÂI 175
9.1.3 OpenLDAP¦P¨B±ø¥ó 175
9.1.4 OpenLDAP¦P¨B°Ñ¼Æ 175
9.2 OpenLDAPªº5ºØ¦P¨B¼Ò¦¡ 176
9.2.1 syncrepl¼Ò¦¡ 176
9.2.2 N-Way Multi-Master¼Ò¦¡ 176
9.2.3 MirrorMode¼Ò¦¡ 176
9.2.4 syncrepl Proxy¼Ò¦¡ 177
9.2.5 Delta-syncrepl¼Ò¦¡ 177
9.3 OpenLDAP¥D±q¦P¨B¹ê¾Ô®×¨Ò 177
9.3.1 ³¡¸pÀô¹Ò 177
9.3.2 OpenLDAPªA°È¾¹ªì©l¤Æ 178
9.3.3 °t¸m¥DªA°È¾¹¦P¨Bµ¦²¤ 179
9.3.4 OpenLDAP¥D±q¦P¨B 180
9.3.5 OpenLDAP¥D±q¦P¨BÅçÃÒ 184
9.4 OpenLDAP MirrorMode¦P¨B
¹ê¾Ô®×¨Ò 186
9.4.1 ³¡¸pÀô¹Ò 186
9.4.2 ¬°OpenLDAP¥DªA°È¾¹A
³¡¸pmirrormode 186
9.4.3 ¬°OpenLDAP¥DªA°È¾¹B
³¡¸pmirrormode 187
9.4.4 OpenLDAP mirrormode
ÅçÃÒ 188
9.5 OpenLDAP N-Way Multi-master
¦P¨B¹ê¾Ô¾Þ§@ 189
9.5.1 ³¡¸pÀô¹Ò 189
9.5.2 OpenLDAP N-Way
Multimaster³¡¸p 189
9.5.3 «È¤áºÝÅçÃÒ 191
9.6 ¥»³¹Á`µ² 191
²Ä10³¹¡@OpenLDAP­t¸ü§¡¿Å¡B°ª¥i¥Î
¨t²Î¬[ºc 193
10.1 ­t¸ü§¡¿Å¡B°ª¥i¥Î 194
10.2 LVS¤¶²Ð 194
10.2.1 LVS½Õ«×ºâªk 194
10.2.2 LVS¶°¸s¤u§@¼Ò¦¡ 195
10.2.3 ipvsadm©R¥O 197
10.2.4 LVS«ù¤[³s±µÄÄ­z 199
10.3 LVS»POpenLDAP¶°¦¨®×¨Ò 200
10.3.1 ½sĶ¦w¸Ëipvsadm 200
10.3.2 «eºÝ­t¸ü§¡¿Å³W¹º 201
10.3.3 ¦ZºÝrealserver³¡¸p 202
10.3.4 «È¤áºÝÅçÃÒ 203
10.4 realserver°·±dºÊ´ú 204
10.4.1 ©w¸qrealserverºÊ±±¸}¥» 204
10.4.2 ¦Û°Ê³¡¸pLVS¡B
realserver 206
10.4.3 ¦Û°Ê³¡¸pLVS 206
10.4.4 ¦Û°Ê³¡¸prealserver 207
10.5 F5»POpenLDAP¶°¦¨®×¨Ò 208
10.5.1 ³¡¸p³W¹º 208
10.5.2 F5 Big-IP°t¸m 208
10.5.3 «È¤áºÝ³¡¸pÅçÃÒ 211
10.5.4 realserver¬G»Ù®×¨Ò 211

10.6 A10 Networks»POpenLDAP
¶°¦¨®×¨Ò 212
10.6.1 A10 NetworksºÞ²z±`ÃÑ 213
10.6.2 ³¡¸p³W¹º 214
10.6.3 A10 Networks°t¸m 215
10.6.4 Àò¨ú¶°¸s¸ê·½ 219
10.6.5 «È¤áºÝÅçÃÒ 220
10.6.6 realserver¬G»Ù®×¨Ò 220
10.7 OpenLDAP¶}·½­t¸ü°ª
¥i¥Î¬[ºc 221
10.7.1 ³¡¸p³W¹º 221
10.7.2 Keepalived³¡¸p 222
10.7.3 «È¤áºÝÅçÃÒ 226
10.7.4 Keepalived²§±`ÀË´ú 226
10.8 ¥»³¹Á`µ² 227
²Ä11³¹¡@FTP»POpenLDAP¶°¦¨®×¨Ò 230
11.1 FTPªA°È¾¹ 231
11.1.1 FTP²¤¶ 231
11.1.2 FTP¥\¯à 231
11.1.3 FTP¤u§@­ì²z 231
11.1.4 FTP³s±µ¼Ò¦¡ 231
11.1.5 FTPµn¿ý¤è¦¡ 232
11.1.6 FTP½ã¸¹ÅçÃҤ覡 232
11.2 OpenLDAP»PFTP¶°¦¨®×¨Ò 233
11.2.1 OpenLDAPªA°È¡BFTP
ªA°È»{ÃÒ¾÷¨î 233
11.2.2 ³¡¸p³W¹º 233
11.2.3 FTPªA°ÈºÝ³¡¸p 234
11.2.4 «È¤áºÝÅçÃÒ´ú¸Õ 236
11.2.5 °t¸mOpenLDAP«È¤áºÝ 237
11.2.6 ÅçÃÒOpenLDAP¥Î¤á
µn¿ýFTPªA°È¾¹ 238
11.3 ¬G»Ù³B²z 240
11.3.1 500OP²§±`³B²z 240
11.3.2 ¥Î¤áÅv­­±±¨î 240
11.4 ¥»³¹Á`µ² 240
²Ä12³¹¡@Samba»POpenLDAP¶°¦¨®×¨Ò 241
12.1 Samba 242
12.1.1 Samba²¤¶ 242
12.1.2 Samba³n¥ó¥\¯à¼Ò¶ô 242
12.1.3 Samba¦@¨É¸ê·½»yªk 242
12.1.4 SambaªA°È¾¹¦w¥þ 243
12.2 Samba³¡¸p®×¨Ò 243
12.2.1 Samba²Õ¥ó 243
12.2.2 Samba³¡¸pª`·N¨Æ¶µ 244
12.2.3 ³¡¸pSambaªA°ÈºÝ 244
12.2.4 «È¤áºÝÅçÃÒ¦@¨É¸ê·½ 246
12.3 OpenLDAP»PSamba¶°¦¨®×¨Ò 246
12.3.1 ³¡¸p³W¹º 247
12.3.2 ©w¸qSchema 248
12.3.3 SambaªA°È¾¹ºÝ°t¸m
OpenLDAPÅçÃÒ 248
12.3.4 «È¤áºÝÅçÃÒ 249
12.3.5 SambaÂX®i¡X¡XOpenLDAP
²Õ³X°ÝSamba¸ê·½ 251
12.4 ³q¹LLDAP AdminºÞ²z
Samba½ã¸¹ 251
12.4.1 µn¿ýLDAP Admin 252
12.4.2 ²K¥[Samba½ã¸¹ 252
12.4.3 ±ÂÅvSamba½ã¸¹ 253
12.5 ¥»³¹Á`µ² 253
²Ä13³¹¡@Zabbix»POpenLDAP¶°¦¨®×¨Ò 254
13.1 Zabbix 255
13.1.1 Zabbix²¤¶ 255
13.1.2 Zabbix¯SÂI 255
13.1.3 Zabbix¦w¸Ë³¡¸p 255
13.1.4 Zabbix°t¸m 256
13.1.5 Zabbixªì©l¤Æ³W¹º 258
13.2 Zabbix»POpenLDAP¶°¦¨®×¨Ò 261
13.2.1 ZabbixÅçÃÒ¼Ò¦¡¤¶²Ð 261
13.2.2 Zabbix°ò¤_OpenLDAP
ªº°t¸m°Ñ¼ÆÁ¿¸Ñ 262
13.2.3 °ò¤_Zabbix¹ê²{
OpenLDAPÅçÃÒ¹ê¾Ô 262
13.2.4 Zabbix¥Î¤áºÞ²z 264
13.2.5 Zabbix²§±`®×¨Ò¤ÀªR 267
13.3 ¥»³¹Á`µ² 268
²Ä14³¹¡@Apache»POpenLDAP¶°¦¨ÅçÃÒ 269
14.1 Apache 270
14.1.1 Apache¤¶²Ð 270
14.1.2 Apache³¡¸p¤è¦¡ 270
14.1.3 Apache³¡¸p¹ê¾Ô 270
14.1.4 «È¤áºÝ´ú¸Õ 271
14.2 OpenLDAP»PApache¶°¦¨ 272
14.2.1 OpenLDAP»PApache
³¡¸p®×¨Ò 272
14.2.2 ­­¨îOpenLDAP¥Î¤á
µn¿ýApache 275
14.2.3 ­­¨îOpenLDAP²Õ³X°Ý
Apache 277
14.3 ¥»³¹Á`µ² 279
²Ä15³¹¡@Jumpserver¶}·½¸õªO¾÷
¶°¦¨®×¨Ò 280
15.1 Jumpserver¤¶²Ð 281
15.1.1 »{ÃÑJumpserver 281
15.1.2 Jumpserver­ì²z¸Ô¸Ñ 281
15.2 Jumpserver»POpenLDAP
¶°¦¨®×¨Ò 283
15.2.1 Àô¹Ò³¡¸p³W¹º 283
15.2.2 ¦w¸Ëepel·½©M¨Ì¿à¥] 283
15.2.3 MySQL¼Æ¾Ú®w³¡¸p 283
15.2.4 Jumpserver¦w¸Ë¡B³¡¸p 286
15.2.5 ÅçÃÒJumpserver 290
15.3 JumpserverºÞ²z 292
15.3.1 ¥Î¤áºÞ²z 292
15.3.2 ¸ê²£ºÞ²z 294
15.3.3 ±ÂÅvºÞ²z 296
15.3.4 ¼f­pºÞ²z 299
15.3.5 ¥Î¤áµn¿ýÅçÃÒ 299
15.4 ¥»³¹Á`µ² 301
²Ä16³¹¡@OpenLDAPªA°È¾¹©Ê¯àÀu¤Æ¡B
³Æ¥÷«ì´_¡B¬G»Ù¤ÀªR 302
16.1 OpenLDAPªA°È¾¹©Ê¯àÀu¤Æ 303
16.1.1 ©Ê¯àÀu¤Æ¥Ø¼Ð 303
16.1.2 ¬[ºc½Õ¾ã 303
16.1.3 ¯Á¤ÞÀu¤Æ 303
16.1.4 ¼Æ¾Ú¦sÀxÀu¤Æ 304
16.1.5 ½Õ¾ã±ø¥Ø½w¦s¤j¤p 304
16.1.6 «È¤áºÝ°Ñ¼Æ½Õ¾ã 304
16.1.7 OpenLDAPªA°ÈºÝ¤º®Ö
°Ñ¼ÆÀu¤Æ 305
16.2 OpenLDAP³Æ¥÷¡B«ì´_ 306
16.2.1 OpenLDAP³Æ¥÷¾÷¨î 306
16.2.2 OpenLDAP«ì´_¾÷¨î 308
16.3 OpenLDAPªA°È¾¹¬G»Ù¤ÀªR 308
16.3.1 ºôµ¸²§±`¡A½ã¸¹µLªk
¥¿±`µn¿ý 308
16.3.2 ©R¥O°õ¦æ½wºC 310
16.3.3 slapd±Ò°Ê²§±` 311
16.3.4 slaptestÀË´ú¥¢±Ñ 311
16.3.5 OpenLDAP±ø¥Ø²§±` 312
16.3.6 OpenLDAP¥Î¤á³s±µ
¼Æ¹L¦h 312
16.3.7 ªA°È¾¹²§±`Â_¹q³B²z 313
16.4 ¥»³¹Á`µ² 313
²Ä17³¹¡@OpenLDAP§å¶q³¡¸p¸Ñ¨M
¤è®×¡X¡XPuppet 314
17.1 Puppet 315
17.1.1 Puppet²¤¶ 315
17.1.2 Puppet¤u§@¬yµ{¹Ï 315
17.1.3 Puppet¦p¦ó¤u§@ 316
17.1.4 Puppet¤u§@¼Ò«¬ 316
17.1.5 Puppet¸ê·½ 316
17.1.6 Puppet¸ê·½¤Þ¥Î 318
17.1.7 Puppet¼Æ¾ÚÃþ«¬ 319
17.1.8 Puppet¸ê·½¶¡ªºÀ³¥ÎÃì 320
17.1.9 PuppetÅܶq§@¥Î°ì 320
17.1.10 Puppet±ø¥ó§PÂ_ 321

17.1.11 Puppet¼Ò¶ô¡BÃþ¡B
¸ê·½ 323
17.2 PuppetªA°ÈºÝ¦w¸Ë¡B³¡¸p 324
17.2.1 ³¡¸pÀô¹Ò 324
17.2.2 PuppetªA°È¾¹¦w¸Ë 324
17.2.3 ¬G»Ù¤ÀªR 326
17.2.4 Puppet master¦Û°Êñ¸p
«È¤áºÝÃÒ®Ñ 327
17.3 Puppet«È¤áºÝ³¡¸p 328
17.3.1 Puppet agent¦w¸Ë 328
17.3.2 ¬G»Ù¤ÀªR 329
17.3.3 Puppet agentÃҮѥӽР329
17.3.4 Puppet masterºÝ¹{µo
»{ÃÒ 329
17.3.5 «È¤áºÝ­×§ï¥D¾÷¦Wªº
¸Ñ¨M¤è®× 330
17.4 Puppet agent¸ê·½ÅçÃÒ 330
17.4.1 PuppetªA°ÈºÝ©w¸q
¸ê·½²M³æ 330
17.4.2 Puppet agentÅçÃÒ 331
17.5 Puppet kick¼Ò¶ô 331
17.5.1 Puppet kick¥\¯à¤¶²Ð 331
17.5.2 Puppet kick³¡¸p 331
17.5.3 Puppet masterÅçÃÒ 332
17.5.4 ¬G»Ù¤ÀªR 333
17.6 OpenLDAP«È¤áºÝ¦Û°Ê³¡¸p
¸Ñ¨M¤è®×¡X¡XPuppet 334
17.6.1 ©w¸qOpenLDAP¼ÒªO 334
17.6.2 ³W¹ºOpenLDAP¸ê·½
¥N½X 334
17.6.3 «È¤áºÝÅçÃÒ 335
17.7 ¥»³¹Á`µ² 338
§Ç¡G