{"id":1043,"date":"2026-02-23T23:42:12","date_gmt":"2026-02-23T14:42:12","guid":{"rendered":"http:\/\/www.igoni.kr\/?p=1043"},"modified":"2026-02-23T23:42:12","modified_gmt":"2026-02-23T14:42:12","slug":"ldap%ea%b5%ac%ec%84%b1-1-%ec%84%9c%eb%b2%84%ea%b5%ac%ec%84%b1%ed%95%98%ea%b8%b0","status":"publish","type":"post","link":"http:\/\/www.igoni.kr\/?p=1043","title":{"rendered":"LDAP\uad6c\uc131-1. \uc11c\ubc84\uad6c\uc131\ud558\uae30"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\ubaa9 \ucc28<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\ubaa9\ucc28 \ud1a0\uae00\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"http:\/\/www.igoni.kr\/?p=1043\/#%EA%B5%AC%EC%84%B1%EC%A0%95%EB%B3%B4\" >\uad6c\uc131\uc815\ubcf4<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"http:\/\/www.igoni.kr\/?p=1043\/#LDAP_%EC%84%9C%EB%B2%84_%EA%B5%AC%EC%84%B1\" >LDAP \uc11c\ubc84 \uad6c\uc131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"http:\/\/www.igoni.kr\/?p=1043\/#SSL%EA%B8%B0%EB%B0%98%EC%9D%98_ldap_%EC%82%AC%EC%9A%A9%ED%95%98%EA%B8%B0\" >SSL\uae30\ubc18\uc758 ldap \uc0ac\uc6a9\ud558\uae30<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"http:\/\/www.igoni.kr\/?p=1043\/#ldap_%EC%82%AC%EC%9A%A9%EC%9E%90_%EB%A1%9C%EA%B7%B8%EC%9D%B8%EC%8B%9C_%ED%99%88%EB%94%94%EB%A0%89%ED%86%A0%EB%A6%AC_%EC%9E%90%EB%8F%99%EB%A7%88%EC%9A%B4%ED%8A%B8\" >ldap \uc0ac\uc6a9\uc790 \ub85c\uadf8\uc778\uc2dc \ud648\ub514\ub809\ud1a0\ub9ac \uc790\ub3d9\ub9c8\uc6b4\ud2b8<\/a><\/li><\/ul><\/nav><\/div>\n<h3 id=\"bkmrk-%EA%B5%AC%EC%84%B1%EC%A0%95%EB%B3%B4\" class=\"wikigeneratedid\"><span class=\"ez-toc-section\" id=\"%EA%B5%AC%EC%84%B1%EC%A0%95%EB%B3%B4\"><\/span>\uad6c\uc131\uc815\ubcf4<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol id=\"bkmrk-os-%3A-centos-6.5-ldap\" start=\"1\">\n<li>OS : Centos 6.5<\/li>\n<li>LDAP \uc11c\ubc84IP : 192.168.10.10<\/li>\n<li>LDAP \ud074\ub77c\uc774\uc5b8\ud2b8 IP : 192.168.100.10<\/li>\n<li>LDAP root dn(\uad00\ub9ac\uc790 \uc815\ubcf4) : Manager (\uae30\ubcf8\uc124\uc815\uac12)<\/li>\n<\/ol>\n<h3 id=\"bkmrk-ldap-%EC%84%9C%EB%B2%84-%EA%B5%AC%EC%84%B1\" class=\"wikigeneratedid\"><span class=\"ez-toc-section\" id=\"LDAP_%EC%84%9C%EB%B2%84_%EA%B5%AC%EC%84%B1\"><\/span>LDAP \uc11c\ubc84 \uad6c\uc131<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol id=\"bkmrk-%ED%8C%A8%ED%82%A4%EC%A7%80-%EC%84%A4%EC%B9%98%ED%95%98%EA%B8%B0-%24%3E-yum-inst\">\n<li>\ud328\ud0a4\uc9c0 \uc124\uce58\ud558\uae30\n<pre><code class=\"language-shell\">$&gt; yum install openldap-servers openldap-clients -y<\/code><\/pre>\n<\/li>\n<li>\uc124\uc815\ud30c\uc77c \ubcf5\uc0ac\n<pre><code class=\"language-shell\">$&gt; cp \/usr\/share\/openldap-servers\/slapd.conf.obsolete \/etc\/openldap\/slapd.conf<\/code><\/pre>\n<\/li>\n<li>\uad00\ub9ac\uc790 \ud328\uc2a4\uc6cc\ub4dc \uc0dd\uc131\n<pre><code class=\"language-shell\">$&gt; slappasswd\r\n$&gt; New password:\r\n$&gt; Re-enter new password:\r\n{SSHA}qZsVpahyjRbub0KXgtaNuLs11JGMud\/G\r\n* \uc0dd\uc131\ub41c \ud328\uc2a4\uc6cc\ub4dc \uac12\uc740 \uc77c\ub2e8 \ubcf5\uc0ac.<\/code><\/pre>\n<\/li>\n<li>\uc124\uc815\ud30c\uc77c \ub0b4\uc6a9\ubcc0\uacbd\n<pre><code class=\"language-shell\">$&gt; vi \/etc\/openldap\/slapd.conf\r\n...\r\nmy-domain test.co.kr\r\n...\r\nrootpw &nbsp;#\ubcf5\uc0ac\ud55c \ud328\uc2a4\uc6cc\ub4dc\uac12 \uc801\uc6a9<\/code><\/pre>\n<\/li>\n<li>DB \ud30c\uc77c \ubcf5\uc0ac\n<pre><code class=\"language-shell\">$&gt; cp \/usr\/share\/openldap-servers\/DB_CONFIG.example &nbsp;\/var\/lib\/ldap\/DB_CONFIG<\/code><\/pre>\n<\/li>\n<li>\uae30\uc874\ub0b4\uc6a9 \uc0ad\uc81c\n<pre><code class=\"language-shell\">$&gt; rm -rf \/etc\/openldap\/slapd.d\/*<\/code><\/pre>\n<\/li>\n<li>\uae30\ubcf8 \uad6c\uc131 \uc138\ud305\ud558\uae30\n<pre><code class=\"language-shell\">$&gt; cat \/root\/root.ldif\r\ndn: dc=my-domain,dc=com\r\ndc: my-domain\r\nobjectClass: dcObject\r\nobjectClass: organizationalUnit\r\nou: my-domain.com\r\n\r\ndn: ou=people,dc=my-domain,dc=com\r\nou: people\r\nobjectClass: organizationalUnit\r\n\r\ndn: ou=groups,dc=my-domain,dc=com\r\nou: groups\r\nobjectClass: organizationalUnit<\/code><\/pre>\n<\/li>\n<li>DB\uc0c8\ub85c \uc0dd\uc131\n<pre><code class=\"language-shell\">$&gt; slapadd -v -n 2 -l \/root\/root.ldif<\/code><\/pre>\n<\/li>\n<li>\uc124\uc815\ud30c\uc77c \uad6c\ubb38\uc624\ub958 \ud655\uc778\ud558\uae30\n<pre><code class=\"language-shell\">$&gt; slaptest -f \/etc\/openldap\/slapd.conf -F \/etc\/openldap\/slapd.d<\/code><\/pre>\n<\/li>\n<li>\uc18c\uc720\uad8c \ubcc0\uacbd\n<pre><code class=\"language-shell\">$&gt; chown -R ldap:ldap \/var\/lib\/ldap\r\n$&gt; chown -R ldap: \/etc\/openldap\/slapd.d\/<\/code><\/pre>\n<\/li>\n<li>LDAP\ub85c\uadf8 \ubd84\ub9ac\n<pre><code class=\"language-shell\">$&gt; echo \"local4.* &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\/var\/log\/slapd\/slapd.log\" &gt;&gt; \/etc\/rsyslog.conf\r\n$&gt; \/etc\/init.d\/rsyslog restart<\/code><\/pre>\n<div>\n<div class=\"box\">\n<div class=\"code\">\n<div class=\"linenoswrapper\">\n<div>\n<p># \ub2e4\ub978 \ubc29\ubc95\uc774 \uc788\ub294\uac78\ub85c \uc54c\uace0 \uc788\ub294\ub370, \uc54c\uac8c\ub418\uba74 \ub2e4\uc2dc \uc5c5\ub370\uc774\ud2b8 \ud560\uaed8\uc694<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li>logrotate\uc5d0 \ub85c\uadf8\ub300\uc0c1\ucd94\uac00 ( \/etc\/logrotate.d\/syslog )<br \/>\ub300\uc0c1\ub85c\uadf8 &#8211; \/var\/log\/slapd\/slapd.log<\/li>\n<li>\uc11c\ube44\uc2a4 \ud65c\uc131\ud654\/\uc2dc\uc791\n<pre><code class=\"language-shell\">$&gt; \/etc\/init.d\/slapd start\r\n$&gt; chkconfig slapd on<\/code><\/pre>\n<\/li>\n<li>\ud3ec\ud2b8 \uc624\ud508\uc0c1\ud0dc \ud655\uc778\n<pre><code class=\"language-shell\">$&gt; netstat -antp | grep slap\r\ntcp &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 0.0.0.0:389 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0.0.0.0:* &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LISTEN &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1339\/slapd\r\ntcp &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 :::389 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:::* &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LISTEN &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1339\/slapd<\/code><\/pre>\n<\/li>\n<\/ol>\n<h3 id=\"bkmrk-ssl%EA%B8%B0%EB%B0%98%EC%9D%98-ldap-%EC%82%AC%EC%9A%A9%ED%95%98%EA%B8%B0\" class=\"wikigeneratedid\"><span class=\"ez-toc-section\" id=\"SSL%EA%B8%B0%EB%B0%98%EC%9D%98_ldap_%EC%82%AC%EC%9A%A9%ED%95%98%EA%B8%B0\"><\/span>SSL\uae30\ubc18\uc758 ldap \uc0ac\uc6a9\ud558\uae30<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul id=\"bkmrk-%28ssl-%EA%B8%B0%EB%B0%98%EC%9C%BC%EB%A1%9C-ldap%EC%9D%84-%EC%9A%B4%EC%98%81%ED%95%98%EB%A0%A4\">\n<li>(SSL \uae30\ubc18\uc73c\ub85c ldap\uc744 \uc6b4\uc601\ud558\ub824\uba74 \uac01 \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\ub3c4 \ud0a4\ud30c\uc77c\uc744 \uac00\uc9c0\uace0 \uc788\uc5b4\uc57c \ud568.) examply.pem \ud30c\uc77c\uc774 key\ud30c\uc77c.<\/li>\n<\/ul>\n<ol id=\"bkmrk-%ED%82%A4%ED%8C%8C%EC%9D%BC%EC%83%9D%EC%84%B1-%24%3E-openssl-req\">\n<li>\ud0a4\ud30c\uc77c\uc0dd\uc131\n<pre><code class=\"language-shell\">$&gt; openssl req -new -x509 -nodes -out \/etc\/pki\/tls\/certs\/example.pem -keyout \/etc\/pki\/tls\/certs\/examplekey.pem -days 365<\/code><\/pre>\n<\/li>\n<li>\ud0a4\ud30c\uc77c \uc18c\uc720\uad8c \ubcc0\uacbd\n<pre><code class=\"language-shell\">$&gt; chown -R :ldap \/etc\/pki\/tls\/certs\/example*<\/code><\/pre>\n<\/li>\n<li>\/etc\/openldap\/slapd.conf \ud30c\uc77c \ub0b4\uc6a9 \uc218\uc815\n<pre><code class=\"language-shell\">$&gt; cat \/etc\/openldap.slapd.conf\r\nTLSCertificateFile \/etc\/pki\/tls\/certs\/example.pem\r\nTLSCertificateKeyFile \/etc\/pki\/tls\/certs\/examplekey.pem\r\nTLSCACertificatePath &nbsp;\uc740 \uc8fc\uc11d\ucc98\ub9ac<\/code><\/pre>\n<\/li>\n<li>\uc124\uc815\ud30c\uc77c\uc5d0\uc11c LDAPS \ud65c\uc131\ud654\n<pre><code class=\"language-shell\">$&gt; vi \/etc\/sysconfig\/ldap\r\n...\r\nSLAPD_LDAPS=yes<\/code><\/pre>\n<\/li>\n<li>\uc11c\ube44\uc2a4 \uc7ac\uc2dc\uc791 \ud6c4 tcp\/636 \uc624\ud508 \ud655\uc778\n<pre><code class=\"language-shell\">$&gt; netstat -antp | grep slapd | grep &nbsp;:636\r\ntcp &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 0.0.0.0:636 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0.0.0.0:* &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LISTEN &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1339\/slapd\r\ntcp &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0 :::636 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:::* &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LISTEN &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1339\/slapd\r\nSSL\uae30\ubc18\uc740 636\ubc88 \ud3ec\ud2b8, \uae30\ubcf8\uc740 389\ubc88\ud3ec\ud2b8 \uc0ac\uc6a9\ud568.<\/code><\/pre>\n<\/li>\n<\/ol>\n<h3 id=\"bkmrk-ldap-%EC%82%AC%EC%9A%A9%EC%9E%90-%EB%A1%9C%EA%B7%B8%EC%9D%B8%EC%8B%9C-%ED%99%88%EB%94%94%EB%A0%89%ED%86%A0%EB%A6%AC-\" class=\"wikigeneratedid\"><span class=\"ez-toc-section\" id=\"ldap_%EC%82%AC%EC%9A%A9%EC%9E%90_%EB%A1%9C%EA%B7%B8%EC%9D%B8%EC%8B%9C_%ED%99%88%EB%94%94%EB%A0%89%ED%86%A0%EB%A6%AC_%EC%9E%90%EB%8F%99%EB%A7%88%EC%9A%B4%ED%8A%B8\"><\/span>ldap \uc0ac\uc6a9\uc790 \ub85c\uadf8\uc778\uc2dc \ud648\ub514\ub809\ud1a0\ub9ac \uc790\ub3d9\ub9c8\uc6b4\ud2b8<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol id=\"bkmrk-nfs%EC%84%9C%EB%B2%84-%EA%B5%AC%EC%84%B1%EC%9D%84-%EC%9C%84%ED%95%9C-%ED%8C%A8%ED%82%A4%EC%A7%80-%EC%84%A4%EC%B9%98-\">\n<li>nfs\uc11c\ubc84 \uad6c\uc131\uc744 \uc704\ud55c \ud328\ud0a4\uc9c0 \uc124\uce58\n<pre><code class=\"language-shell\">$&gt; yum install nfs-utils* -y<\/code><\/pre>\n<\/li>\n<li>NFS \uc124\uc815\n<pre><code class=\"language-shell\">$&gt; cat \/etc\/exports\r\n\/home &nbsp;&nbsp;192.168.100.10(rw,no_root_squash)<\/code><\/pre>\n<\/li>\n<li>NFS\uc11c\ube44\uc2a4 \uc2dc\uc791 &amp; \ud65c\uc131\ud654\n<pre><code class=\"language-shell\">$&gt; \/etc\/init.d\/rpcbind start\r\n$&gt; \/etc\/init.d\/rpcidmapd start\r\n$&gt; \/etc\/init.d\/nfs start\r\n$&gt; chkconfig rpcbind on\r\n$&gt; chkconfig rpcidmapd on\r\n$&gt; chkconfig nfs on<\/code><\/pre>\n<\/li>\n<li>nfs\ud65c\uc131\ud654 \ud655\uc778\n<pre><code class=\"language-shell\">$&gt; showmount -e localhost\r\nExport list for localhost:\r\n\/home 192.168.10.10<\/code><\/pre>\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>\uad6c\uc131\uc815\ubcf4 OS : Centos 6.5 LDAP \uc11c\ubc84IP : 192.168.10.10 LDAP \ud074\ub77c\uc774\uc5b8\ud2b8 IP : 192.168.100.10 LDAP root&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[297],"tags":[299],"class_list":["post-1043","post","type-post","status-publish","format-standard","hentry","category-openldap-","tag-openldap"],"aioseo_notices":[],"_links":{"self":[{"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/posts\/1043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1043"}],"version-history":[{"count":1,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/posts\/1043\/revisions"}],"predecessor-version":[{"id":1045,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=\/wp\/v2\/posts\/1043\/revisions\/1045"}],"wp:attachment":[{"href":"http:\/\/www.igoni.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1043"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1043"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.igoni.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}