لطفا منتظر باشید ...
•
Table of Contents
•
Index
•
Reviews
•
Reader Reviews
•
Errata
LDAP System Administration
By
Gerald Carter
Publisher
: O''''Reilly
Pub Date
: March 2003
ISBN
: 1-56592-491-6
Pages
: 308
If you want to be a master of your domain, LDAP
System Administration will help you get up and
running quickly regardless of which LDAP version you use.
After reading this book, even with no previous LDAP
experience, you''''ll be able to integrate a directory server
into essential network services such as mail, DNS, HTTP, and
SMB/CIFS.
4.4 Starting slapd
Once the final tweaks have been added to the configuration file, the
next step is to start the
slapd daemon by executing the following
command as root:
root# /usr/local/libexec/slapd
Use the ps command to verify that
slapd is running. On a Linux system, the output
should appear similar to:
$ ps -ef | grep slapd
root 8235 1 0 12:37 ? 00:00:00 /usr/local/libexec/slapd
root 8241 8235 0 12:37 ? 00:00:00 /usr/local/libexec/slapd
root 8242 8241 0 12:37 ? 00:00:00 /usr/local/libexec/slapd
On Linux and IRIX, multiple threads of a process will show up as
individual entries in the output from ps. On
Solaris, slapd will be displayed as a single
process.Stopping the OpenLDAP server requires that the daemon have a chance
to flush modified directory data to disk. The best way to do this is
to send the parent slapd process an
INT signal, as shown here (the
pidfile location was defined in the
server's configuration file):
root# kill -INT 'cat /var/run/slapd.pid'
Shutting down slapd by more drastic means, such
as kill -9, can result in
data
corruption and should be avoided at all costs.In the absence of any command-line options,
slapd's behavior is governed by
compile-time defaults or options defined in the
slapd.conf file. At times, it is necessary to
override some of these settings via the command line. Table 4-1 lists the available slapd
options.
Option | Description |
|---|---|
-d integer | Specifies the log level to use for logging information. This option causes slapd to log all information to standard output on the controlling terminal; it can be very helpful for quick server debugging sessions. The integer value specified should be a combination of the logging levels associated with the loglevel parameter in slapd.conf. |
-f filename | Uses a configuration file other than the compile-time default (slapd.conf). |
-h URI_list | Specifies a space-separated list of LDAP URIs that the slapd daemon should serve. The most common URIs are ldap:/// (LDAP on port 389; the default), ldaps:/// (LDAP over SSL on port 636), and ldapi:/// (LDAP over IPC). |
-l syslog-local-user | Specifies the local user of the syslog facility. The default value is LOCAL4. Possible values range from LOCAL0 to LOCAL7. This option may not be supported on all systems. Check the syslog(8) manpage to verify the existence of the local-user syslog facility. |
-n name | Defines the service name used when logging messages to syslog. This is for convenience only and defaults to the string slapd. |
-r directory | Specifies a chroot(1) jail directory to be used by slapd. |
-s syslog-level | Defines a syslog level other than the default level to log all syslog messages. Refer to the syslog.conf(5) manpage for available levels on your system. |
-u username-g groupname | Specify the effective user or group ID for slapd. |
is something you do only while testing. In practice, it would be
started by one of the system's boot time
initialization scriptseither
rc.local for BSD systems, or one of the
/etc/rc.d/rc?.d/ (or
/etc/init.d/) scripts for System V hosts. You should
refer to the init(8) manpage for a brief
description of run levels and which levels are used (and for what
functions) on your system. On most Linux systems, the
slapd daemon should be launched at run levels 3
and 5. Run level 5 is basically the same as run level 3 with the
addition of X11.
