COMPOSED DN ALGORITHM:
测试用的软件
LDAP server: openldap-2.2.29 for windows
LDAP Browser 2.5 for windows
ASE: ASE15.0.2 for Linux
LDAP 配置
ldap.cfg配置修改:
include
./schema/core.schema
后面增加:
include
./schema/cosine.schema
include
./schema/inetorgperson.schema
修改如下行:
suffix”dc=sybase,dc=com”
rootdn”cn=Manager,dc=sybase,dc=com”
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5)
for details.
# Use of strong authentication encouraged.
rootpw8888
增加LDAP目录,在openLDAP安装目录(c:\openldap)下执行:
ldapadd -x -D “cn=Manager,dc=sybase,dc=com” -w 8888 -f
.\test1.ldif
ldapadd -x -D “cn=Manager,dc=sybase,dc=com” -w 8888 -f
.\test2.ldif
ASE配置:
sp_configure ‘enable ldap user auth’,2
go
sp_ldapadmin set_access_acct,null,null
go
sp_ldapadmin “set_dn_lookup_url”,NULL
go
sp_ldapadmin
set_primary_url,’ldap://192.168.50.1:389/dc=sybase,dc=com??sub?uid=*’
go
sp_ldapadmin activate, primary
go
sp_maplogin LDAP, NULL, “create login”
go
sp_modifylogin “sa”, “authenticate with”, “ASE”
go
sp_ldapadmin check_login,’Unmi’
go
使用isql登录数据库,如果使用LDAP中的用户Unmi,就可以登录ASE了。
test.ldif内容:
dn: dc=sybase,dc=com
dc: sybase
objectClass:
dcObject
objectClass: organizationalUnit
ou: ldap Dot chenbro Dot com Dot dg
test2.ldif内容:
dn: uid=Unmi,dc=sybase,dc=com
uid: Unmi
objectClass: inetOrgPerson
mail: abcd@abcd.com
userPassword: 123456
labeledURI: http://www.abcd.com
sn: Qiu
cn: abcd
如果是Windows Active Directory,需要按照下面的示例步骤配置(SEARCHED DN
ALGORITHM):
sp_configure ‘enable ldap user auth’,2
go
sp_ldapadmin
set_access_acct,’cn=Manager,dc=sybase,dc=com’,’8888′
go
sp_ldapadmin set_primary_url,’ldap://192.168.50.1:389/’
go
sp_ldapadmin
set_dn_lookup_url,’ldap://192.168.50.1:389/dc=sybase,dc=com?distinguishedName?sub?samaccountname=*’
go
sp_ldapadmin activate, primary
go
sp_maplogin LDAP, NULL, “create login”
go
sp_modifylogin “sa”, “authenticate with”, “ASE”
go
sp_ldapadmin check_login,’Unmi’
go