Shahadan Bin Saad: 2016

Tuesday, August 9, 2016

tambah multiple subgroup phpldapdmin freebsd 10.3 ldap

#1. katakanlah wujudnya user unit1, unit2, unit3, unit4, unit5 dan unit6

#2. import ldif statement bawah ni

dn: ou=Sem201509,ou=Semester,dc=acme,dc=com

objectclass:organizationalunit

ou: Sem201509

description: Semester September 2015

dn: cn=ITT430,ou=Sem201509,ou=Semester,dc=acme,dc=com

objectclass: groupofnames

cn: ITT430

description: Microprocessors

member: cn=unit1,ou=people,dc=acme,dc=com

member: cn=unit2,ou=people,dc=acme,dc=com

member: cn=unit3,ou=people,dc=acme,dc=com

member: cn=unit4,ou=people,dc=acme,dc=com

member: cn=unit5,ou=people,dc=acme,dc=com

member: cn=unit6,ou=people,dc=acme,dc=com

dn: cn=ITT532,ou=Sem201509,ou=Semester,dc=acme,dc=com

objectclass: groupofnames

cn: ITT532

description: Switching and Routing Technologies

member: cn=unit1,ou=people,dc=acme,dc=com

member: cn=unit2,ou=people,dc=acme,dc=com

member: cn=unit3,ou=people,dc=acme,dc=com

member: cn=unit4,ou=people,dc=acme,dc=com

member: cn=unit5,ou=people,dc=acme,dc=com

member: cn=unit6,ou=people,dc=acme,dc=com

dn: ou=Sem201603,ou=Semester,dc=acme,dc=com

objectclass:organizationalunit

ou: Sem201603

description: Semester March 2016

dn: cn=CSP600,ou=Sem201603,ou=Semester,dc=acme,dc=com

objectclass: groupofnames

cn: CSP600

description: Project Proposal

member: cn=unit1,ou=people,dc=acme,dc=com

member: cn=unit2,ou=people,dc=acme,dc=com

member: cn=unit3,ou=people,dc=acme,dc=com

member: cn=unit4,ou=people,dc=acme,dc=com

member: cn=unit5,ou=people,dc=acme,dc=com

member: cn=unit6,ou=people,dc=acme,dc=com

#3. tekan butang proceed

#4. import success

#5. append butang '+' kat ou=Semester

#6. Klik salah satu subgroup

#7. Alhamdulillah dipermudahkanNya.

Adjusting DNS in FreeBSD 10.3 for LDAP

#1. hostname in rc.conf
ee /etc/rc.conf

#2. comment existing entry hostname and add this line
hostname="acme.com"

#3. save and edit on hosts
ee /etc/host

#4. append this line
127.0.0.1 acme acme.com
192.168.184.132 acme acme.com

#5. save and edit on resolve.conf
ee /etc/resolv.conf

#6. comment existing entry search and add this line
search com

#7. save and edit on httpdconf for phpldapadmin
ee

#8. find ServerName www.example.com:80
ctrl+y
ServerName www.example.com:80

#9. press enter and add line
ServerName acme.com:80

#10. save and restart
init 6

Sunday, August 7, 2016

guna phpldapadmin pula untuk create user dan groups

#1. guna browser terus

#2. login

#3. boleh tengok hasil kerja sebelum ni

#4. akses ke menu import

#5. buat user baru

#6. salah pulak

#7. delete ou=people kat dn

#8. syukur Alhamdulillah

#9. jom buat group pulak

#10. subhanallah senang aja

#11. semakan pada group students

#12. try buat groups yakni sub-sub group pulak

#13. alahai

#14. delete balik group semester

#15. delete satgi buat lagi sekali

#16. confirm delete this entry

#17. secara tak langsung kita dah belajar macammana nak delete entry

#18. lagi sekali perbetulkan ldif

#19. sedikit syntax error

#20. sedikit logic error

#21. semakin mengarut. nampak macam takdak beza saja.

#22. macam dah biasa pulak. tekan delete this entry dan confirmkan.

#23. please be cool dan cuba taip dengan tenang. cuba tukar objectclass

#24. alhamdulillah alhamdulillah alhamdulillah... allahuakhbar

#25. cuba cheq tengok mai group tree yang kami dah buat ni.. selamat mencuba

Saturday, August 6, 2016

buat group pulak

#1. tulis kat ldif
ee group-groups.ldif

#2. group tu nama groups
dn: ou=groups,dc=acme,dc=com
objectclass:organizationalunit
ou: groups
description: generic groups branch

#3. save file dan run
ldapadd -x -W -D "cn=admin,dc=acme,dc=com" -f group-groups.ldif

#4. password admin jangan lupa
Enter LDAP Password: toor

#5. dah siap
adding new entry "ou=groups,dc=acme,dc=com"

Friday, August 5, 2016

buat user1 kali kedua

#1. buat ldif baru
ee add-user1-2ndtime.ldif

#2. letak entri ni
dn: cn=user1,ou=people,dc=acme,dc=com
objectclass: inetOrgPerson
cn: User1
cn: User 1
sn: User
uid: user1
userpassword: user1
carlicense: HISCAR 124
homephone: 555-111-2223
mail: user1@acme.com
mail: user.1@acme.com
mail: acme.user1@acme.com
ou: CSP650

#3. save dan run
ldapadd -x -W -D cn=admin,dc=acme,dc=com -f add-user1-2ndtime.ldif

#4. tunggu sat
Enter LDAP Password: toor

#5. tak dapat juga
adding new entry "cn=user1,ou=people,dc=acme,dc=com"
ldap_add: No such object (32)
matched DN: dc=acme,dc=com

#6. edit ldif tadi dan delete kat first line ou=people
ee add-user1-2ndtime.ldif

#7. save dan run
ldapadd -x -W -D cn=admin,dc=acme,dc=com -f add-user1-2ndtime.ldif

#8. tunggu sat
Enter LDAP Password: toor

#9. tadaaa
adding new entry "cn=user1,dc=acme,dc=com"

add user kali ke dua

#1. buat file baru
ee addstuff.ldif

#2. copy paste nih
dn: dc=acme,dc=com
objectclass: dcObject
objectclass: organization
o: labs
dc: acme

dn: cn=admin,dc=acme,dc=com
objectclass: organizationalRole
cn: admin

#3. save dan run
ldapadd -x -W -D cn=admin,dc=acme,dc=com -f addstuff.ldif

#4. tunggu sat
Enter LDAP Password: toor

#5. dah siap
adding new entry "dc=acme,dc=com"

adding new entry "cn=admin,dc=acme,dc=com"

tambah user kat ldap

#1. sediakan ldif directory
mkdir ldif-store-here
cd ldif-store-here

#2. create user dalam file format ldif
ee user1.ldif

#3. taip nih
dn: uid=user1,ou=users,dc=acme,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: user1
uid: user1
uidNumber: 1019
gidNumber: 1026
homeDirectory: /home/user1
loginShell: /bin/sh
gecos: user1
userPassword: {crypt}x
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0

#4. save dan run command
ldapadd -x -W -D "cn=admin,dc=acme,dc=com" -f user1.ldif

#5. tunggu sat nanti dia prompt password
Enter LDAP Password: toor

#6. result failed lah
adding new entry "uid=user1,ou=users,dc=acme,dc=com"
ldap_add: No such object (32)

#7. try create group users dulu. pun dalam ldif
ee group-users.ldif

#8. taip nih
dn: cn=admin,ou=users,dc=acme,dc=com
objectClass: top
objectClass: posixGroup
gidNumber: 678

#9. save dan run command
ldapadd -x -W -D "cn=admin,dc=acme,dc=com" -f group-users.ldif

#10. macam biasa prompt password
Enter LDAP Password: toor

#11. pun sama result failed lagi
adding new entry "cn=users,dc=acme,dc=com"
ldap_add: No such object (32)

#12. try ni pulak
ee example.ldif

#13. buat entry ni
dn: dc=acme,dc=com
objectclass: dcObject
objectclass: organization
o: users
dc: acme

dn: cn=admin,dc=example,dc=com
objectclass: organizationalRole
cn: admin

#14. save dan run command
ldapadd -x -W -D "cn=admin,dc=acme,dc=com" -f example.ldif

#15. password
Enter LDAP Password: toor

#16. ok fine dah subuh dah
adding new entry "dc=acme,dc=com "
ldap_add: Invalid syntax (21)
additional info: objectclass: value #0 invalid per syntax

Thursday, August 4, 2016

ringkas install phpldapadmin

####################1. terus install################################################
pkg install phpldapadmin

####################2. terus dapat message##########################################
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
phpldapadmin: 1.2.3_7,1
php56-iconv: 5.6.24
libiconv: 1.14_9
php56-ldap: 5.6.24
php56-gettext: 5.6.24

Number of packages to be installed: 5

The process will require 5 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y
Fetching phpldapadmin-1.2.3_7,1.txz: 76% 630 KiB 81.9kB/s 00:01 ETA

####################3. sekejab je dah siap##########################################
Message from phpldapadmin-1.2.3_7,1:
phpldapadmin-1.2.3_7,1 has been installed into:

/usr/local/www/phpldapadmin

Please edit config.php to suit your needs.

To make phpLDAPadmin available through your web site, I suggest that
you add something like the following to httpd.conf:

Alias /phpldapadmin/ "/usr/local/www/phpldapadmin/htdocs/"

<Directory "/usr/local/www/phpldapadmin/htdocs">
Options none
AllowOverride none

Order Deny,Allow
Deny from all
Allow from 127.0.0.1 .example.com
</Directory>

####################4.follow je nasihat atas tu#####################################
ee /usr/local/etc/apache24/httpd.conf

####################5. tambah line kat mana2 yang sesuai, tak confident letak kat hujung sekali####################
Alias /phpldapadmin/ "/usr/local/www/phpldapadmin/htdocs/"

<Directory "/usr/local/www/phpldapadmin/htdocs">
Options none
AllowOverride none

Order Deny,Allow
Deny from all
Allow from 127.0.0.1 .example.com
</Directory>

####################6. save file dan restart apache#################################
apachectl restart

####################7. tunggu punya tunggu banyak plak warning######################
Performing sanity check on apache24 configuration:
AH00557: httpd: apr_sockaddr_info_get() failed for FWG103nad_iHACK16
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Stopping apache24.
Waiting for PIDS: 756.
Performing sanity check on apache24 configuration:
AH00557: httpd: apr_sockaddr_info_get() failed for FWG103nad_iHACK16
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Starting apache24.
AH00557: httpd: apr_sockaddr_info_get() failed for FWG103nad_iHACK16
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message

####################8. test dulu kat browser########################################
http://192.168.184.132/phpldapadmin/

####################9. tak boleh masuk plak#########################################
Forbidden

You don't have permission to access /phpldapadmin/ on this server.

####################10. apalagi tukar sahaja kat /usr/local/etc/apache24/httpd.conf alamat 127.0.0.1 kepada 192.168.184.1. save dan restart apache.####################
congratulation!!!

Wednesday, August 3, 2016

install ldap on freebsd 10.3

####################1. sebelum install ldap#########################################
ee /etc/hosts

####################2. tambah line ni dalam /etc/hosts##############################
127.0.1.1 admin.acme.com admin

####################3. waktu install################################################
Updating FreeBSD repository catalogue...
Fetching meta.txz: 100% 944 B 0.9kB/s 00:01
Fetching packagesite.txz: 100% 6 MiB 117.8kB/s 00:49
Processing entries: 100%
FreeBSD repository update completed. 25400 packages processed.
New version of pkg detected; it needs to be installed first.
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
pkg: 1.7.2 -> 1.8.7_1

2 MiB to be downloaded.

Proceed with this action? [y/N]: y
Fetching pkg-1.8.7_1.txz: 100% 2 MiB 26.7kB/s 01:36
Checking integrity... done (0 conflicting)
[1/1] Upgrading pkg from 1.7.2 to 1.8.7_1...
[1/1] Extracting pkg-1.8.7_1: 100%
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
openldap-server: 2.4.44
openldap-client: 2.4.44

Number of packages to be installed: 2

The process will require 7 MiB more space.
2 MiB to be downloaded.

Proceed with this action? [y/N]: y
Fetching openldap-server-2.4.44.txz: 100% 773 KiB 113.1kB/s 00:07
Fetching openldap-client-2.4.44.txz: 100% 999 KiB 127.9kB/s 00:08
Checking integrity... done (0 conflicting)
[1/2] Installing openldap-client-2.4.44...
[1/2] Extracting openldap-client-2.4.44: 100%
[2/2] Installing openldap-server-2.4.44...
===> Creating groups.
Creating group 'ldap' with gid '389'.
===> Creating users
Creating user 'ldap' with uid '389'.
[2/2] Extracting openldap-server-2.4.44: 100%

####################4. siap install dia habaq kat hang##############################
Message from openldap-client-2.4.44:
************************************************************

The OpenLDAP client package has been successfully installed.

Edit
/usr/local/etc/openldap/ldap.conf
to change the system-wide client defaults.

Try `man ldap.conf' and visit the OpenLDAP FAQ-O-Matic at
http://www.OpenLDAP.org/faq/index.cgi?file=3
for more information.

************************************************************
Message from openldap-server-2.4.44:
************************************************************

The OpenLDAP server package has been successfully installed.

In order to run the LDAP server, you need to edit
/usr/local/etc/openldap/slapd.conf
to suit your needs and add the following lines to /etc/rc.conf:
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
slapd_sockets="/var/run/openldap/ldapi"

Then start the server with
/usr/local/etc/rc.d/slapd start
or reboot.

Try `man slapd' and the online manual at
http://www.OpenLDAP.org/doc/
for more information.

slapd runs under a non-privileged user id (by default `ldap'),
see /usr/local/etc/rc.d/slapd for more information.

************************************************************

####################5. set password#################################################
slappasswd -h '{SHA}'
New password: toor
Re-enter new password: toor
{SHA}Q1tBBo6GZVE6IAcMAzsIucZuQzI=

####################6. pastu edit configuration file################################
ee /usr/local/etc/openldap/slapd.conf

####################7. tambah 6-line ni kat bawah include /usr/local/etc/openldap/schema/core.schema####################
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/corba.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/collective.schema
include /usr/local/etc/openldap/schema/openldap.schema

####################8. buang tanda # atau uncomment dekat line######################
# moduleload back_mdb
# moduleload back_ldap

####################9. tukar suffix "dc=my-domain,dc=com" kepada###########
suffix "dc=acme,dc=com"

####################10. tukar rootdn "cn=Manager,dc=my-domain,dc=com" kepada####################
rootdn "cn=admin,dc=acme,dc=com"

####################11. tukar rootpw secret kepada####################
rootpw {SHA}Q1tBBo6GZVE6IAcMAzsIucZuQzI=

####################12. save file tersebut dan edit rc.conf#########################
ee /etc/rc.conf

####################13. tambah 3-line###############################################
slapd_enable="YES"
slapd_flags='-h "ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/"'
slapd_sockets="/var/run/openldap/ldapi"

####################14. save file tersebut dan up service###########################
service slapd start

####################15. tunggu hingga keluar mesej##################################
Starting slapd.

/usr/local/etc/rc.d/slapd: WARNING: slapd: Can't find socket /var/run/openldap/ldapi

####################16. masuk balik /etc/rc.conf dan tukar #########################
slapd_flags='-h "ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/"' kepada
slapd_flags='-h "ldapi:///var/run/openldap/ldapi/ ldap://0.0.0.0/"'

####################17. follow sangat tutorial sebijik sebijik kan dah kena. save file dan restart service####################
service slapd restart

####################18. tunggu lagi#################################################
Stopping slapd.
Starting slapd.

####################19. test tengok#################################################
ldapsearch -x -W -D cn=admin,dc=acme,dc=com

####################20. tunggu dia minta password###################################
Enter LDAP Password: toor
# extended LDIF
#
# LDAPv3
# base <> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1

####################21.congratulation ldap dah boleh guna... nantikan phpldapadmin pulak esok####################

terima kasih