...
Excerpt |
---|
OpenLDAP is typically backed by a BerkeleyDB LMDB database (bdbmdb). However it's backing datastore is actually pluggable. One of the most intriguing backends is back-sql, which allows LDAP data to be fetched from an ODBC (SQL) datasource. This lets us add a LDAP facade on top of database-backed applications, like JIRA and Confluence. This guide is specifically for getting OpenLDAP connecting to PostgreSQL on Ubuntu (20.04). Following these instructions should leave you with an OpenLDAP directory whose tree members are read directly from equivalent database tables. |
...
Now let's add a SQL backend. OpenLDAP can have multiple backends - we'll leave our dc=test,dc=com
backend configured, and add a new SQL backend rooted at dc=example,dc=com :
Code Block |
---|
catsed -e 's/^ //g' - <<EOF >> /etc/ldap/slapd.conf # SQL Backend database sql suffix "dc=example,dc=com" rootdn "cn=admin,dc=example,dc=com" rootpw secret dbname ldapsql dbuser ldapsql dbpasswd ldapsql insentry_stmt "insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from ldap_entries),?,?,?,?)" upper_func "upper" strcast_func "text" concat_pattern "?||?" #subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)" has_ldapinfo_dn_ru no EOF systemctl restart slapd # If unsuccessful, 'journalctl -fu slapd &' and try again |
Note |
---|
The |
Tell AppArmor to let slapd access odbc.ini
...