Différences

Ci-dessous, les différences entre deux révisions de la page.

--- doc:formations:hebergement:service:ldap [2022/06/23 15:18] – jeremie
+++ doc:formations:hebergement:service:ldap [2022/07/20 16:36] (Version actuelle) – jeremie
@@ Ligne 1: / Ligne 1: @@
 :!: page en cours, brouillon
-Ref: [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-openldap-and-phpldapadmin-on-ubuntu-16-04]]
+Mot de passe LDAP perdu ? https://www.linuxwave.info/2015/07/reset-openldap-default-admin-password.html
-<code ->
+Ref: https://computingforgeeks.com/install-and-configure-openldap-server-ubuntu/
-apt update && apt-upgrade -y
-wget http://ftp.fr.debian.org/debian/pool/main/p/phpldapadmin/phpldapadmin_1.2.2-6.3_all.deb
-dpkg -i phpldapadmin_1.2.2-6.3_all.deb
-# (answer questions here)
-vi /etc/phpldapadmin/config.php
-# $servers->setValue('server','base',array('dc=tecrd,dc=com'));
-# $servers->setValue('login','bind_id','cn=admin,dc=tecrd,dc=com');
-# Setup letsencrypt
-apt install snapd
-snap install core
-snap refresh core
-snap install --classic certbot
+# https://computingforgeeks.com/install-and-configure-ldap-account-manager-on-ubuntu/
-ln -s /snap/bin/certbot /usr/bin/certbot
-certbot --apache
-# (answer questions here)
-[[ $(ldapwhoami -H ldap:// -x) = 'anonymous' ]] && echo 'ALL OK SO FAR'
-</code>
-Build ''/usr/local/bin/ldap_renew_cert.sh'':
-<code bash>
-#!/bin/sh
-SITE=tools.tecrd.com
-# move to the correct let's encrypt directory
-cd /etc/letsencrypt/live/$SITE
-# copy the files
-cp cert.pem /etc/ssl/certs/$SITE.cert.pem
-cp fullchain.pem /etc/ssl/certs/$SITE.fullchain.pem
-cp privkey.pem /etc/ssl/private/$SITE.privkey.pem
-# adjust permissions of the private key
-chown :ssl-cert /etc/ssl/private/$SITE.privkey.pem
-chmod 640 /etc/ssl/private/$SITE.privkey.pem
-# restart slapd to load new certificates
-systemctl restart slapd
-</code>
-<code ->
-### ./systemd/system/snap.certbot.renew.service
-systemctl list-timers snap.certbot.renew.timer
---post-hook /usr/local/bin/ldap_renew_cert.sh
-Better:
---deploy-hook /usr/local/bin/ldap_renew_cert.sh
-ExecStart=/usr/bin/snap run --timer="00:00~24:00/2" certbot.renew
-</code>
+sudo apt -y install ldap-account-manager
+https://www.openldap.org/doc/admin23/intro.html