가. LDAP 서비스

vi /etc/hosts

### vi ###
127.0.0.1 localhost
10.1.10.10 int-srv.int.worldskills.org int-srv
### vi ###

# 클라이언트 구성 파일 수정
vi /etc/ldap/ldap.conf

### vi ###
BASE dc=int,dc=worldskills,dc=org
URI ldap://localhost
### vi ###

# 서버 구성 파일 수정
cp /usr/share/doc/slapd/examples/slapd.conf /etc/ldap/slapd.conf
sed -i "s/dc=example,dc=com/dc=int,dc=worldskills,dc=org/g" /etc/ldap/slapd.conf
hash=$(slappasswd -s "Skill39**")
sed -i "/for sync/a\\\\$hash" /etc/ldap/slapd.conf

vi /etc/default/slapd

### vi ###
SLAPD_CONF="/etc/ldap/slapd.conf"
### vi ###

vi /etc/ldap/slapd.conf
### vi ###
rootdn        "cn=admin,dc=int,dc=worldskills,dc=org" # 주석 제거
rootpw        {SSHA}UrMOv4v6gpt4o+fQLr8lzRU+pvXEHHvu #위 과정들 잘 했으면 자동으로 생성됨
### vi ###

systemctl restart slapd

# LDAP 엔트리 구성
vi /usr/share/migrationtools/migrate_common.ph

### vi ###
$DEFAULT_MAIL_DOMAIN = "worldskills.org";
$DEFAULT_BASE = "dc=int,dc=worldskills,dc=org";
$EXTENDED_SCHEMA = 1;
### vi ###

cd /usr/share/migrationtools
./migrate_base.pl > /root/base.ldif

vi /root/base.ldif

### vi ###
~~dn: dc=worldskills,dc=org
dc: worldskills
objectClass: top
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: worldskills.org~~
...
# 제일 밑에 추가할 것
dn: ou=Employees,dc=int,dc=worldskills,dc=org
ou: Employees
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: worldskiils.org
### vi ###

ldapadd -x -D "cn=admin,dc=int,dc=worldskills,dc=org" -W -f /root/base.ldif
./migrate_passwd.pl /etc/passwd > /root/user.ldif
hash=$(slappasswd -s "Skill39**")
sed -i "/userPassword/a\\\\$hash" /root/user.ldif

vi /root/user.ldif

### vi ### 제일 위에 추가할 것
dn: uid=ws-user01,ou=Employees,dc=int,dc=worldskills,dc=org
uid: ws-user01
cn: ws-user01
sn: ws-user01
mail: [email protected]
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
~~objectClass: krbPrincipalAux~~
objectClass: shadowAccount
userPassword: {SSHA}...
shadowLastChange: 20067
shadowMax: 99999
shadowWarning: 7
~~krbPrincipalName: [email protected]~~
loginShell: /bin/bash
uidNumber: 2001
gidNumber: 2001
homeDirectory: /home/ws-user01
gecos: ws-user01,,,

dn: uid=ws-user02,ou=Employees,dc=int,dc=worldskills,dc=org
uid: ws-user02
cn: ws-user02
sn: ws-user02
mail: [email protected]
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
~~objectClass: krbPrincipalAux~~
objectClass: shadowAccount
userPassword: {SSHA}...
shadowLastChange: 20067
shadowMax: 99999
shadowWarning: 7
~~krbPrincipalName: [email protected]~~
loginShell: /bin/bash
uidNumber: 2002
gidNumber: 2002
homeDirectory: /home/ws-user02
gecos: ws-user02,,,
### vi ###

ldapadd -x -D "cn=admin,dc=int,dc=worldskills,dc=org" -W -f /root/user.ldif
ldapsearch -x # ldap 데이터 조회