Master Controller/Software
From ESCTL
Contents |
Download esctl software
- apt-get install subversion
- cd /root
- mkdir esctl
- svn co svn://giles.northenden.ninja.org.uk/esctl/server/trunk/ esctl/
Configure LDAP
- cd esctl/schema/
- cp -p 70esctl.ldif /etc/ldap/schema/
- vi /usr/share/slapd/slapd.conf
- include /etc/ldap/schema/70esctl.ldif
- [ dpkg-reconfigure --force slapd ]
- DNS domain name: customername.hosted.esctl.co.uk
- Organization name: customername
- Administrator password: ****
- Database backend to use: HDB
- Remove database when slapd is purged? Yes (??!!)
- Allow LDAPv2 protocol?: No
- /etc/init.d/slapd restart
Sample LDAP schema content
version: 1 dn: ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: top objectClass: organizationalUnit ou: esctl dn: ou=readers,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: top objectClass: organizationalUnit ou: readers dn: ou=tokens,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: top objectClass: organizationalUnit ou: tokens dn: ou=1,ou=readers,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: top objectClass: organizationalUnit ou: 1 description: Door 1 dn: cn=Manager,ou=1,ou=readers,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: escReader cn: Manager escDoor: 1 escgid: esctl Manager dn: cn=Resident,ou=1,ou=readers,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: escReader cn: Resident escDoor: 1 escgid: esctl Resident dn: et=PIN:1234,ou=tokens,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: escToken et: PIN:1234 escuid: jbloggs dn: et=C0572A00,ou=tokens,ou=esctl,dc=customername,dc=hosted,dc=esctl,dc=co,dc=uk objectClass: escToken et: C15A2D03 escDateFrom: 20140128001003Z escDateTo: 20380101000000Z escuid: jbloggs
- mkdir /root/schemaconv
- cd /root/schemaconv
- vi test.conf
include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /root/schemaconv/70esctl.schema
- slaptest -f test.conf -F /root/schemaconv
- vi cn\=config/cn\=schema/cn\=\{3\}70esctl.ldif
- (Change {3}70esctl to {4}70esctl or whichever number is next in your LDAP tree
- Find out via ls /etc/ldap/slapd.d/cn\=config/cn\=schema/
- cp -p /root/schemaconv/cn=config/cn=schema/cn={3}70esctl.ldif /etc/ldap/slapd.d/cn\=config/cn\=schema/{4}70esctl.ldif
- service slapd restart
- !!! Have not actually done this !!!! Works fine without..!
- vi olc-esc-access.ldif
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {1}to dn.sub="ou=esctl,dc=<<ROOTDN>>"
by dn="cn=ESCTL Controller,dc=<<ROOTDN>>" read
by self write
by * none
- ldapmodify -Y EXTERNAL -H ldapi:/// -f ./olcAccess.ldif
- Need to create:
- ou=Special Users
- ou=People
- ou=Groups
dn: cn=ESCTL Controller,ou=Special Users,dc=<<ROOTDN>> changetype: add objectClass: simpleSecurityObject objectClass: organizationalRole userPassword:: ******** description: ESCTL Controller cn: ESCTL Controller
Create indexes to optimise performance
- vi olcDbIndex.ldif
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcDbIndex
olcDbIndex: cn pres,sub,eq
-
add: olcDbIndex
olcDbIndex: et pres,eq
-
add: olcDbIndex
olcDbIndex: memberUid pres,sub,eq
- ldapmodify -Y EXTERNAL -H ldapi:/// -f ./olcDbIndex.ldif
MySQL
- cd ~/esctl/controller
- mysql -p < log.mysql
- grant insert,select on esctl.log to esctl_log@localhost identified by '***********';
xinetd
- cd /root/esctl/controller
- cp -p xinetd.d-esctl /etc/xinetd.d/esctl
- service xinetd restart
Final configuration
- cp config.pm.template config.pm
- vi config.pm
- vi /etc/rsyslog.d/esctl.conf
local3.* /var/log/esctl
- service rsyslog restart
