centos 7.9
openldap 2.4.44
phpldapadmin 1.2.5
Kerberos :Kerberos 5 release 1.15.1
注意: yum安装时,会自动安装apache和php的依赖。
注意: phpldapadmin很多没更新了,只支持php5,如果你服务器的环境是php7,则会有问题,页面会有各种报错。
yum install -y phpldapadmin
# 修改apache的phpldapadmin配置文件
# 修改如下内容,放开外网访问,这里只改了2.4版本的配置,因为centos7 默认安装的apache为2.4版本。所以只需要改2.4版本的配置就可以了
# 如果不知道自己apache版本,执行 rpm -qa|grep httpd 查看apache版本
vim /etc/httpd/conf.d/phpldapadmin.conf
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
# 修改配置用DN登录ldap
vim /etc/phpldapadmin/config.php
# 398行,默认是使用uid进行登录,我这里改为cn,也就是用户名
# 460行,关闭匿名登录,否则任何人都可以直接匿名登录查看所有人的信息
# 519行,设置用户属性的唯一性,这里我将cn,sn加上了,以确保用户名的唯一性
# 启动apache
systemctl start httpd
systemctl restart httpd
systemctl restart httpd.service
其中cn:admin 密码:123456
:是因为使用yum搜索某些rpm包,找不到包是因为CentOS是RedHat企业版编译过来的,去掉了所有关于版权问题的东西。安装EPEL后可以很好的解决这个问题。EPEL(Extra Packages for Enterprise Linux )即企业版Linux的扩展包,提供了很多可共Centos使用的组件,安装完这个以后基本常用的rpm都可以找到。
yum localinstall http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum -y install phpldapadmin
May 07 10:10:15 localhost.localdomain dbus[580]: [system] Successfully activated service 'org.freedesktop.problems'
May 07 10:12:34 localhost.localdomain kernel: perf: interrupt took too long (16513 > 15557), lowering kernel.perf_event_max_sample_rate to 12000
May 07 10:13:48 localhost.localdomain polkitd[617]: Registered Authentication Agent for unix-process:5169:404183 (system bus name :1.220 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
May 07 10:13:52 localhost.localdomain polkitd[617]: Operator of unix-process:5169:404183 successfully authenticated as unix-user:root to gain ONE-SHOT authorization for action org.freedesktop.systemd1.manage-units for system-bus-name::1.221 [systemctl start httpd] (owne
May 07 10:13:52 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit httpd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has begun starting up.
May 07 10:13:52 localhost.localdomain httpd[5186]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
May 07 10:13:52 localhost.localdomain httpd[5186]: (98)Address already in use: AH00073: make_sock: unable to listen for connections on address [::]:80
May 07 10:13:52 localhost.localdomain httpd[5186]: (98)Address already in use: AH00073: make_sock: unable to listen for connections on address
May 07 10:13:52 localhost.localdomain httpd[5186]: no listening sockets available, shutting down
May 07 10:13:52 localhost.localdomain httpd[5186]: AH00015: Unable to open logs
May 07 10:13:52 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
May 07 10:13:52 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has failed.
-- The result is failed.
May 07 10:13:52 localhost.localdomain polkitd[617]: Unregistered Authentication Agent for unix-process:5169:404183 (system bus name :1.220, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
May 07 10:13:52 localhost.localdomain systemd[1]: Unit httpd.service entered failed state.
May 07 10:13:52 localhost.localdomain systemd[1]: httpd.service failed.
May 07 10:13:58 localhost.localdomain su[5193]: (to root) zws on pts/0
May 07 10:13:58 localhost.localdomain su[5193]: pam_unix(su:session): session opened for user root by zws(uid=1000)
May 07 10:13:58 localhost.localdomain dbus[580]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
May 07 10:13:58 localhost.localdomain dbus[580]: [system] Successfully activated service 'org.freedesktop.problems'
May 07 10:14:12 localhost.localdomain polkitd[617]: Registered Authentication Agent for unix-process:5232:406549 (system bus name :1.226 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
May 07 10:14:12 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit httpd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has begun starting up.
May 07 10:14:12 localhost.localdomain httpd[5239]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
May 07 10:14:12 localhost.localdomain httpd[5239]: (98)Address already in use: AH00073: make_sock: unable to listen for connections on address [::]:80
May 07 10:14:12 localhost.localdomain httpd[5239]: (98)Address already in use: AH00073: make_sock: unable to listen for connections on address
May 07 10:14:12 localhost.localdomain httpd[5239]: no listening sockets available, shutting down
May 07 10:14:12 localhost.localdomain httpd[5239]: AH00015: Unable to open logs
May 07 10:14:12 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
May 07 10:14:12 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has failed.
-- The result is failed.
May 07 10:14:12 localhost.localdomain systemd[1]: Unit httpd.service entered failed state.
May 07 10:14:12 localhost.localdomain systemd[1]: httpd.service failed.
May 07 10:14:12 localhost.localdomain polkitd[617]: Unregistered Authentication Agent for unix-process:5232:406549 (system bus name :1.226, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
修改apache端口号文件所在路径:/etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf
systemctl start httpd
systemctl restart httpd
systemctl restart httpd.service
7.javax.security.auth.login.LoginException: Unable to obtain password from user
8.javax.security.auth.login.LoginException: null (68)
9.javax.security.auth.login.LoginException: Message stream modified (41)
10.javax.security.auth.login.LoginException: Checksum failed
11.javax.security.auth.login.LoginException: No CallbackHandler available to garner authentication info
12.javax.security.auth.login.LoginException: Cannot locate KDC
13.javax.security.auth.login.LoginException: Receive timed out
14.java: 无法访问org.springframework.context.ConfigurableApplicationContext
15.LDAP: error code 34 - invalid DN
16.LDAP: error code 32 - No Such Object
如有侵权,请联系 cloudcommunity@tencent.com 删除。
如有侵权,请联系 cloudcommunity@tencent.com 删除。