KirovLUG: пользователи Linux в Вятке (comp.soft.linux.kirovlug) : Рассылка : Subscribe.Ru

Чтиво: установка сервера часть 029

KirovLUG: пользователи Linux в Вятке

Статистика

← Март 2004 →
1 01.03.2004 14:00:16 14:00:31 14:00:49 21:38:20 22:01:18	2 02.03.2004 08:36:29 13:01:47 16:36:57	3 03.03.2004 10:30:01 10:31:08 14:58:17 16:29:59 20:15:30	4 04.03.2004 12:56:02 16:35:07	5	6	7
8	9	10	11	12 12.03.2004 09:20:07 09:40:58	13	14
15	16	17 17.03.2004 01:03:08 02:53:21 08:27:49 08:34:43 08:53:31 09:15:42 10:06:53 10:18:56 10:19:33 10:40:36 11:18:45 21:20:26 21:20:48 21:22:50	18 18.03.2004 00:57:45 00:57:51 00:57:51 03:18:59 03:23:15 03:36:37 08:42:11 08:45:17 09:29:50 10:56:59 11:44:03	19 19.03.2004 03:02:26 03:02:27 09:13:28 09:25:58 09:26:12	20	21
22 22.03.2004 15:05:29 20:49:47 22:09:18	23 23.03.2004 02:30:22 08:23:23 21:00:57	24	25 25.03.2004 14:04:36 16:45:24 16:58:32	26	27	28
29	30	31

← Март 2004 →

01.03.2004
14:00:16
14:00:31
14:00:49
21:38:20
22:01:18

02.03.2004
08:36:29
13:01:47
16:36:57

03.03.2004
10:30:01
10:31:08
14:58:17
16:29:59
20:15:30

04.03.2004
12:56:02
16:35:07

12.03.2004
09:20:07
09:40:58

17.03.2004
01:03:08
02:53:21
08:27:49
08:34:43
08:53:31
09:15:42
10:06:53
10:18:56
10:19:33
10:40:36
11:18:45
21:20:26
21:20:48
21:22:50

18.03.2004
00:57:45
00:57:51
00:57:51
03:18:59
03:23:15
03:36:37
08:42:11
08:45:17
09:29:50
10:56:59
11:44:03

19.03.2004
03:02:26
03:02:27
09:13:28
09:25:58
09:26:12

22.03.2004
15:05:29
20:49:47
22:09:18

23.03.2004
02:30:22
08:23:23
21:00:57

25.03.2004
14:04:36
16:45:24
16:58:32

Чтиво: установка сервера часть 029

Настройка и использование LDAP. Часть III.

На текущий момент в базе LDAP существует следующая структура

karavay-shops.ru
|
|-- admin
|-- users
|-- services

Для использования bind совместно с LDAP нужно занести данные о
зонах DNS, для этого создаем ldif-файлы следующего содержания:

begin ou_dns.ldif dn: ou=DNS,dc=karavay-shops,dc=ru
objectclass: organizationalUnit
ou: DNS
description: DNS entry
end ou_dns.ldif для прямой зоны зоны "localhost"

***********************************************************************
$TTL 86400
$ORIGIN localhost.
@ IN SOA bridge.karavay-shops.ru. root.bridge.karavay-shops.ru.
(
2003111001 28800 14400 3600000 86400 )
IN NS bridge.karavay-shops.ru.
IN A 127.0.0.1
***********************************************************************

begin ou_dns_loc.ldif dn: zoneName=localhost,ou=DNS,dc=karavay-shops,dc=ru
objectClass: dNSZone
zoneName: localhost
relativeDomainName: localhost

dn: relativeDomainName=@,zoneName=localhost,ou=DNS,dc=karavay-shops,dc=ru
objectClass: dNSZone
relativeDomainName: @
zoneName: localhost
dNSClass: IN
sOARecord: bridge.karavay-shops.ru. root.bridge.karavay-shops.ru. 2004022701
28800 14400 3600000 86400
nSRecord: bridge.karavay-shops.ru.
aRecord: 127.0.0.1
end ou_dns_loc.ldif для обратной зоны "0.0.127.in-addr.arpa"

***********************************************************************
$TTL 86400
@ IN SOA bridge.karavay-shops.ru. root.bridge.karavay-shops.ru. (
2003111001 28800 14400 3600000 86400 )
IN NS bridge.karavay-shops.ru.
1 IN PTR localhost.
***********************************************************************

begin ou_dns_loc_r.ldif dn: zoneName=0.0.127.in-addr.arpa,ou=DNS,dc=karavay-shops,dc=ru
objectClass: dNSZone
zoneName: 0.0.127.in-addr.arpa
relativeDomainName: 0.0.127.in-addr.arpa

dn: relativeDomainName=@,zoneName=0.0.127.in-addr.arpa,ou=DNS,dc=karavay-shops,dc=ru
objectClass: dNSZone
relativeDomainName: @
zoneName: 0.0.127.in-addr.arpa
dNSClass: IN
sOARecord: bridge.karavay-shops.ru. root.bridge.karavay-shops.ru. 2004022701
28800 14400 3600000 86400
nSRecord: bridge.karavay-shops.ru.

dn: relativeDomainName=1,zoneName=0.0.127.in-addr.arpa,ou=DNS,dc=karavay-shops,dc=ru
objectClass: dNSZone
relativeDomainName: 1
zoneName: 0.0.127.in-addr.arpa
dNSClass: IN
pTRRecord: localhost.
end ou_dns_loc_r.ldif Добавляю их в базу:

$ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f ou_dns.ldif
$ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f ou_dns_loc.ldif
$ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f ou_dns_loc_r.ldif

На этом пока остановлюсь. А добавлю еще пользователей, сервисов, и
почтовых транспортов, с помощью которых покажу правила работы с ACL и
примеры использования программы ldapsearch.

Итак, сервисы:

begin services.ldif dn: cn=postfix,ou=services,dc=karavay-shops,dc=ru
objectclass: person
cn: postfix
sn: postfix
description: postfix account
userPassword: {SSHA}BxMFldDbN1o/ZdyyQOwt/qyW7YYx290A

dn: cn=courier,ou=services,dc=karavay-shops,dc=ru
objectclass: person
cn: courier
sn: courier-imap
description: courier account
userPassword: {SSHA}5lZkHbUOdAQFIN6RT36chw/+x+mGT3bV
end services.ldif $ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f services.ldif

Сейчас - пользователи:

begin users.ldif dn: uid=koal,ou=users,dc=karavay-shops,dc=ru
objectClass: posixAccount
objectClass: mailAccount
cn: standart mail account
uid: koal
userPassword: {MD5}8s7qFTasG8ypIx/ByEHg2w==
mail: Kolotov.Alexan***@m*****.com
mailAccess: enable
mailAlias: koal@m*****.com
mailAlias: kolotov.alexan***@m*****.com
mailAlias: ebo***@m*****.com
uidNumber: 500
gidNumber: 500
gecos: Kolotov Alexandr
homeDirectory: /home/koal
loginShell: /bin/bash
mailBox: koal/
mailDirectory: /var/spool/mail
mailQuota: 0
mailForward: Kolotov.Alexan***@m*****.com

dn: uid=nina,ou=users,dc=karavay-shops,dc=ru
objectClass: posixAccount
objectClass: mailAccount
cn: standart mail account
uid: nina
userPassword: {MD5}8s7qFTasG4/tGhZ6nIvwTQ==
mail: Sykchina.Ni***@m*****.com
mailAccess: enable
mailAlias: nina@m*****.com
mailAlias: sykchina.ni***@m*****.com
uidNumber: 501
gidNumber: 501
gecos: Sykchina Nina Sergeevna
homeDirectory: /home/nina
loginShell: /bin/bash
mailBox: myvirual.mydomain.com/nina/
mailDirectory: /var/spool/mail
mailQuota: 20480000
mailForward: Sykchina.Ni***@m*****.com

dn: ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectclass: organizationalUnit
ou: myvirual.mydomain.com
description: virtual domain

dn: uid=abuse,ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectClass: posixAccount
objectClass: mailAccount
cn: virtual mail account
uid: abuse
mail: abu***@m*****.com
mailAccess: enable
uidNumber: 5002
gidNumber: 5002
homeDirectory: /var/spool/mail/myvirual.mydomain.com
mailBox: myvirual.mydomain.com/abuse
mailDirectory: /var/spool/mail
mailQuota: 0

dn: uid=postmaster,ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectClass: posixAccount
objectClass: mailAccount
cn: virtual mail account
uid: postmaster
mail: postmast***@m*****.com
mailAccess: enable
uidNumber: 5001
gidNumber: 5001
homeDirectory: /var/spool/mail/myvirual.mydomain.com
mailBox: myvirual.mydomain.com/postmaster
mailDirectory: /var/spool/mail
mailQuota: 0

dn: mailAlias=mailer-daem***@m*****.com,ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectClass: mailRecipient
mailAlias: mailer-daem***@m*****.com
mailAccess: enable
mailForward: postmast***@m*****.com

dn: mailAlias=ro***@m*****.com,ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectClass: mailRecipient
mailAlias: root@m*****.com
mailAccess: enable
mailForward: abu***@m*****.com

dn: uid=tany,ou=myvirual.mydomain.com,ou=users,dc=karavay-shops,dc=ru
objectClass: posixAccount
objectClass: mailAccount
cn: virtual mail account
uid: tany
userPassword: {MD5}vsxSxnBrT8ypIx/ByEHg2w==
mail: Novikova.Tatya***@m*****.com
mailAccess: enable
mailAlias: tany@m*****.com
mailAlias: novikova.tatya***@m*****.com
uidNumber: 5003
gidNumber: 5003
gecos: Novikova Tat'yana Alexandrovna
homeDirectory: /var/spool/mail/myvirual.mydomain.com
mailBox: myvirual.mydomain.com/tany/
mailDirectory: /var/spool/mail
mailQuota: 20480000
mailForward: Novikova.Tatya***@m*****.com
end users.ldif $ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f users.ldif

И последнее - почтовый транспорт:

begin transport.ldif dn: ou=mail,dc=karavay-shops,dc=ru
objectclass: organizationalUnit
ou: mail
description: mail service tree

dn: ou=transports,ou=mail,dc=karavay-shops,dc=ru
objectclass: organizationalUnit
ou: transports
description: MTA routing table

dn: mailDomain=karavay-shops.ru,ou=transports,ou=mail,dc=karavay-shops,dc=ru
objectclass: mailDomainTransport
mailDomain: karavay-shops.ru
mailTransport: local
description: domain name

dn: mailDomain=bridge.karavay-shops.ru,ou=transports,ou=mail,dc=karavay-shops,dc=ru
objectclass: mailDomainTransport
mailDomain: bridge.karavay-shops.ru
mailTransport: local
description: host name

dn: mailDomain=localhost.karavay-shops.ru,ou=transports,ou=mail,dc=karavay-shops,dc=ru
objectclass: mailDomainTransport
mailDomain: localhost.karavay-shops.ru
mailTransport: local
description: host name

dn: mailDomain=myvirtual.mydomain.com,ou=transports,ou=mail,dc=karavay-shops,dc=ru
objectclass: mailDomainTransport
mailDomain: myvirtual.mydomain.com
mailTransport: virtual
description: virtual domain name
end transport.ldif $ ldapadd -x -D cn=admin,dc=karavay-shops,dc=ru -W -f transport.ldif

В итоге получилась следующая структура:

C уважением, Kolotov Alexandr aka mr. Эбола
отвечать: akmypo***@m*****.ru
ICQ: 100349254

| Registered Linux user # 236664 |
-*Информационный канал Subscribe.Ru
Написать в лист: mailto:comp.soft.linux.kirovlug-list@subscribe.ru
Отписаться: mailto:comp.soft.linux.kirovlug--unsub@subscribe.ru

http://subscribe.ru/ mailto:ask@subscribe.ru

← Март 2004 →

1 01.03.2004 14:00:16 14:00:31 14:00:49 21:38:20 22:01:18

2 02.03.2004 08:36:29 13:01:47 16:36:57

3 03.03.2004 10:30:01 10:31:08 14:58:17 16:29:59 20:15:30

4 04.03.2004 12:56:02 16:35:07

12 12.03.2004 09:20:07 09:40:58

17 17.03.2004 01:03:08 02:53:21 08:27:49 08:34:43 08:53:31 09:15:42 10:06:53 10:18:56 10:19:33 10:40:36 11:18:45 21:20:26 21:20:48 21:22:50

18 18.03.2004 00:57:45 00:57:51 00:57:51 03:18:59 03:23:15 03:36:37 08:42:11 08:45:17 09:29:50 10:56:59 11:44:03

19 19.03.2004 03:02:26 03:02:27 09:13:28 09:25:58 09:26:12

22 22.03.2004 15:05:29 20:49:47 22:09:18

23 23.03.2004 02:30:22 08:23:23 21:00:57

25 25.03.2004 14:04:36 16:45:24 16:58:32