#1. Environment
- Server 1 (ESXi): OpenLDAP -> slapd 2.5.17, Ubuntu 22.04.4
- Server 2 (VirtualBox): MariaDB -> 10.11.8-MariaDB, Ubuntu 22.04.4
#2. Server 세팅
apt update
## MariaDB 관련 패키지
apt install mariadb-server libmariadb-dev mariadb-client
## LDAP 관련 패키지
apt install libldap2-dev libpam-ldap libnss-ldap ldap-utils nslcd
## PAM 관련 패키지
apt install libpam0g-dev
## MariaDB Security Setting
mysql_secure_installation
## Install LDAP auth Plugin
apt install libmariadb-dev
apt install libldap2-dev
apt install libpam-ldap libnss-ldap nslcd
## MariaDB PAM Plugin 활성화
## /etc/mysql/mariadb.conf.d/50-server.cnf
[mysqld]
plugin-load-add=auth_pam
## /etc/pam.d/mariadb 파일 생성
auth required pam_ldap.so
account required pam_ldap.so
## /etc/ldap.conf (LDAP 서버 설정에 맞게 작성)
base dc=example,dc=com
uri ldap://[IP]
ldap_version 3
rootbinddn cn=admin,dc=example,dc=com
## /etc/nsswitch.conf
passwd: files ldap systemd sss
group: files ldap systemd sss
shadow: files ldap systemd sss
## restart
systemctl restart mariadb
## DB 접속
mysql -u root -p
## Database, table, user 생성
CREATE DATABASE ldap_db;
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE USER 'ldap_user'@'localhost' IDENTIFIED VIA pam USING 'mariadb';
GRANT ALL PRIVILEGES ON database_name.* TO 'ldap_user'@'localhost';
FLUSH PRIVILEGES;
## 권한 설정
GRANT ALL ON ldap_db.* TO 'ldap_user'@'localhost';
flush privileges;
#3. 접속 테스트
mysql -u [LDAP_USER_NAME] -p
📌 LDAP_USER_NAME은 LDAP 서버에 실제 존재하는 사용자 이름이어야 하고, MariaDB에서도 생성되어 있어야 한다.
🤗
일모도원