Wiki source code of Guide d'installation Ubuntu 20.04 - Production
Last modified by abertrand on 2024/02/19 09:16
Show last authors
author | version | line-number | content |
---|---|---|---|
1 | {{ddtoc/}} | ||
2 | |||
3 | = Digdash = | ||
4 | |||
5 | == OpenJDK 11 == | ||
6 | |||
7 | {{warning}} | ||
8 | Utiliser la version 11 de openjdk | ||
9 | {{/warning}} | ||
10 | |||
11 | {{code language="shell"}} | ||
12 | # Installer la dernière version de openjdk | ||
13 | sudo apt install default-jdk | ||
14 | |||
15 | # Vérifier l'installation | ||
16 | java -version | ||
17 | {{/code}} | ||
18 | |||
19 | == Tomcat 9 == | ||
20 | |||
21 | === Installation === | ||
22 | |||
23 | {{code language="shell"}} | ||
24 | sudo apt install tomcat9 | ||
25 | {{/code}} | ||
26 | |||
27 | === Création de l'arborescence === | ||
28 | |||
29 | {{code language="shell"}} | ||
30 | # Emplacement des webapps | ||
31 | sudo mkdir -p /home/digdash/webapps/default/ | ||
32 | # Répertoire de travail | ||
33 | sudo mkdir -p /home/digdash/appdata/default/ | ||
34 | # Emplacement fichier .properties | ||
35 | sudo mkdir -p /etc/digdash/ | ||
36 | # Emplacement des logs | ||
37 | sudo mkdir -p /var/log/digdash/ | ||
38 | {{/code}} | ||
39 | |||
40 | Modification des droits sur les dossiers | ||
41 | |||
42 | {{code language="shell"}} | ||
43 | sudo chown -R tomcat:tomcat /home/digdash | ||
44 | sudo chown -R tomcat:tomcat /var/log/digdash | ||
45 | sudo chmod a+w /var/log/digdash | ||
46 | {{/code}} | ||
47 | |||
48 | === Configuration du server.xml === | ||
49 | |||
50 | (% class="wikigeneratedid" %) | ||
51 | emplacement : /etc/tomcat9/server.xml | ||
52 | |||
53 | ==== Emplacement des webapps ==== | ||
54 | |||
55 | {{code language="shell"}} | ||
56 | # Modifier la valeur appBase | ||
57 | <Host name="localhost" appBase="webapps" | ||
58 | |||
59 | # par celle ci | ||
60 | <Host name="localhost" appBase="/home/digdash/webapps/default" | ||
61 | {{/code}} | ||
62 | |||
63 | ==== Valve Reverse Proxy ==== | ||
64 | |||
65 | {{code language="shell"}} | ||
66 | # Ajouter cette valve dans l'élément Host vers la fin du fichier | ||
67 | <Valve className="org.apache.catalina.valves.RemoteIpValve" | ||
68 | internalProxies="127\.0\.[0-1]\.1" | ||
69 | remoteIpHeader="X-Forwarded-For" | ||
70 | requestAttributesEnabled="true" | ||
71 | protocolHeader="X-Forwarded-Proto" | ||
72 | protocolHeaderHttpsValue="https"></Valve> | ||
73 | {{/code}} | ||
74 | |||
75 | ==== Valve Log ==== | ||
76 | |||
77 | {{code language="shell"}} | ||
78 | # Ajouter cette valve dans l'élément Host vers la fin du fichier | ||
79 | <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" ></Valve> | ||
80 | {{/code}} | ||
81 | |||
82 | === Modification de la RAM === | ||
83 | |||
84 | {{code language="shell"}} | ||
85 | # Editer le fichier suivant | ||
86 | sudo nano /etc/default/tomcat9 | ||
87 | |||
88 | # Remplacer la variable JAVA_OPTS existante par | ||
89 | JAVA_OPTS="-Djava.awt.headless=true -XX:+UseShenandoahGC -Xms6G -Xmx6G -Djava.security.egd=file:/dev/urandom -DPROP_MAX_CONCURRENT_TOTAL=5000 -DPROP_MAX_CONCURRENT_CON_PER_HOST=5000" | ||
90 | |||
91 | # Changer le paramètre 6G en fonction de la capacité de la machine en laissant au minimum 2G pour l OS | ||
92 | {{/code}} | ||
93 | |||
94 | === Activer l'autorisation d'écriture des logs par tomcat === | ||
95 | |||
96 | {{code language="shell"}} | ||
97 | # Créer le dossier dans /etc/systemd/system/ | ||
98 | sudo mkdir -p /etc/systemd/system/tomcat9.service.d | ||
99 | |||
100 | # Créer le fichier | ||
101 | sudo nano /etc/systemd/system/tomcat9.service.d/logging-allow.conf | ||
102 | |||
103 | # Ajouter les lignes suivantes | ||
104 | [Service] | ||
105 | ReadWritePaths=/var/log/digdash/ | ||
106 | |||
107 | #recharger la configuration des "daemon" | ||
108 | sudo systemctl daemon-reload | ||
109 | |||
110 | sudo systemctl restart tomcat9.service | ||
111 | {{/code}} | ||
112 | |||
113 | === Activation du lancement automatique du service au démarrage === | ||
114 | |||
115 | {{code language="shell"}} | ||
116 | sudo systemctl enable tomcat | ||
117 | {{/code}} | ||
118 | |||
119 | == Déploiement de Digdash Version 22R2 == | ||
120 | |||
121 | {{warning}} | ||
122 | Télécharger la version de digdash | ||
123 | |||
124 | Dézipper la version que vous venez de télécharger | ||
125 | {{/warning}} | ||
126 | |||
127 | === Fichiers properties === | ||
128 | |||
129 | Placer les fichiers suivant dans le dossier /etc/digdash | ||
130 | |||
131 | * digdash.properties (contenu à la racine du dossier dézippé) | ||
132 | * [[log4j2_api.properties>>attach:log4j2_api.properties]] | ||
133 | * [[log4j2_dash.properties>>attach:log4j2_dash.properties]] | ||
134 | * [[log4j2_studio.properties>>attach:log4j2_studio.properties]] | ||
135 | |||
136 | Modifier le fichier digdash.properties précédemment copié | ||
137 | |||
138 | {{code language="shell"}} | ||
139 | # Ajouter ces lignes au début du fichier | ||
140 | |||
141 | # Emplacement des logs | ||
142 | ddenterpriseapi.ddlog4j.properties.file=/etc/digdash/log4j2_api.properties | ||
143 | studio.ddlog4j.properties.file=/etc/digdash/log4j2_studio.properties | ||
144 | digdash_dashboard.ddlog4j.properties.file=/etc/digdash/log4j2_dash.properties | ||
145 | |||
146 | # Emplacement du appadata | ||
147 | ddenterpriseapi.AppDataPath=/home/digdash/appdata/default | ||
148 | digdash_dashboard.AppDataPath=/home/digdash/appdata/default | ||
149 | studio.AppDataPath=/home/digdash/appdata/default | ||
150 | adswrapper.ads.instance.name=/home/digdash/appdata/default/ldapdigdash | ||
151 | |||
152 | adminconsole.adminconsole_domain=adminconsole | ||
153 | adminconsole.webstudio_domain=studio | ||
154 | adminconsole.server_domain_list=ddenterpriseapi | ||
155 | adminconsole.dashboard_domain=digdash_dashboard | ||
156 | |||
157 | studio.DOMAIN=ddenterpriseapi | ||
158 | studio.FORCEDOMAIN=true | ||
159 | studio.SERVERURL=http://localhost:8080 | ||
160 | studio.FORCESERVERURL=true | ||
161 | studio.adminconsole_domain=adminconsole | ||
162 | |||
163 | digdash_dashboard.DOMAIN=ddenterpriseapi | ||
164 | digdash_dashboard.FORCEDOMAIN=true | ||
165 | digdash_dashboard.SERVERURL=http://localhost:8080 | ||
166 | digdash_dashboard.FORCESERVERURL=true | ||
167 | digdash_dashboard.adminconsole_domain=adminconsole | ||
168 | |||
169 | ########### Nettoyage automatique des fichiers programmé | ||
170 | ########### Scheduled automatic file cleaning | ||
171 | ddenterpriseapi.startCleaner=true | ||
172 | |||
173 | ########### Nettoyage des fichiers inutilisés au démarrage du serveur | ||
174 | ########### Clean up unused files on server startup | ||
175 | ddenterpriseapi.cleanOnStart=false | ||
176 | |||
177 | ########### Sauvegarde automatique programmée | ||
178 | ########### Scheduled automatic backup | ||
179 | ddenterpriseapi.autoBackup=true | ||
180 | ddenterpriseapi.autoBackupKeepDays=7 | ||
181 | digdash_dashboard.CANCHANGEPASSWORD=true | ||
182 | |||
183 | {{/code}} | ||
184 | |||
185 | === Emplacement des war === | ||
186 | |||
187 | * Placer les éléments suivants dans le dossier /home/digdash/webapps/default | ||
188 | ** adminconsole.war | ||
189 | ** ddenterpriseapi.war | ||
190 | ** digdash_dashboard.war | ||
191 | ** studio.war | ||
192 | ** le dossier ROOT/ | ||
193 | |||
194 | === === | ||
195 | |||
196 | = OpenLDAP = | ||
197 | |||
198 | (% style="line-height:1.38; text-align:justify" %) | ||
199 | = (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:24pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Configuration de OpenLDAP**(%%) = | ||
200 | |||
201 | (% style="line-height:1.2" %) | ||
202 | == (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:18pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Installation**(%%) == | ||
203 | |||
204 | |||
205 | (% style="line-height:1.2; margin-left:77px; margin-top:35px" %) | ||
206 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Installer le serveur OpenLDAP **(%%) === | ||
207 | |||
208 | ((( | ||
209 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
210 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
211 | (% style="line-height:1.38" %) | ||
212 | (% style="background-color:#333333; color:#fc9b9b; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)#(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)apt-get install slapd | ||
213 | ))) | ||
214 | ))) | ||
215 | |||
216 | (% style="line-height:1.2; margin-left:77px; margin-top:39px" %) | ||
217 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Configurer le serveur OpenLDAP **(%%) === | ||
218 | |||
219 | ((( | ||
220 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
221 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
222 | (% style="line-height:1.38" %) | ||
223 | (% style="background-color:#333333; color:#fc9b9b; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)#(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dpkg-reconfigure slapd | ||
224 | ))) | ||
225 | ))) | ||
226 | |||
227 | (% style="line-height:1.2108086585998534; margin-right:-1px; text-align:center; margin-top:47px" %) | ||
228 | (% style="border:none; color:#000000; display:inline-block; font-family:Arial; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; height:144px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)[[image:https://lh3.googleusercontent.com/kuVw6vwg0dBX91G_oCVT_-6gJ1Iqtw2GS1VGWnYiCFP80ELj3YImZCD8kJ_GWVd39bwxgqbYpQNO80uem9FfWfMsWVXtwoXJbUqkgPdFRiDoRABGs4tXoW8GJP8yOSiKArVJWuVYa9SSdbm9P6D79rfBWmF2Dgc1nlFrOusNRbOQnot11k7H3A2YH3KC||height="144" width="601"]](% style="border:none; color:#000000; display:inline-block; font-family:Arial; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; height:114px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)[[image:https://lh3.googleusercontent.com/HlAD2SiDuLzFaa-lXRwsClLB_KEEc48fq83ZWpS4M_BOJXBYbp4fCsZv98WQgJcpgtU8FG0sA-60BGi1i5WqliiL5s78PJX7lFOuLqiv5FWhlyh4yOWd-AkRjZ9UvhRXTya7zBqYq1RxEc_XexJWKlJhbHg06LkwbW-cD6DKn5h8-Ja6f5XQzXhUP2Sk||height="114" width="601"]](% style="border:none; color:#000000; display:inline-block; font-family:Arial; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; height:102px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)[[image:https://lh3.googleusercontent.com/WChWslEOBm3fBde7Le3t00BBkmul_p4vk-Nz0sg22sjaOnqKcY5DgBQHzISdK1n2O-v3sK9zll4TYHt-nNSqWsCS4F8rd4og30KYFb7iF7XVHvfMkHBP9k1Cb8r6c7drf-JQloUpGGbZr_odeh2EFhfltr5UEm1gx68U4uQ8h_v75TJx4hybY-MoCfeo||height="102" width="601"]](% style="border:none; color:#000000; display:inline-block; font-family:Arial; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; height:187px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)[[image:https://lh6.googleusercontent.com/IdWVYDyr8d9bzvznNQh06W_ua91GBYD053zvB-VSxVN5lHlA_kzXv7GZzw7xImOiIFTxLDulENPti8N18-IshVcBF6TUT15KduJEIy6cBYJiWMD3_h3Zh_WnYWuozzTaYo6iAf-G7cvlJHKay3cULzVtiz9iBnFPa-hmHX98rJlZgV8IzS8j8LrmAWBV||height="187" width="601"]] | ||
229 | |||
230 | (% style="line-height:1.2108086585998534; margin-right:-1px; margin-top:47px" %) | ||
231 | (% style="color:#000000; font-family:Inter,sans-serif; font-size:10.0042pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)OpenLDAP sous Linux 1 | ||
232 | |||
233 | (% style="line-height:1.2; margin-left:47px; margin-right:47px; text-align:center" %) | ||
234 | === (% style="border:none; color:#000000; display:inline-block; font-family:~"Open Sans~",sans-serif; font-size:10.0042pt; font-style:normal; font-variant:normal; font-weight:700; height:109px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)**[[image:https://lh4.googleusercontent.com/8DezOhzViBoonenqO_QjnBQUfzRL0i3HNle8TseldiuwFHtcRQzevAQllvsEVTalwmrvWPWDqqahq73IXnmW9FInxKsJHq0c2Ztuj0qnw3CJp8y0z3mnOw28JP-nfRMahNvkQD3IE4N_xsSDzbsNx_xgsfBqJ852qo71r777I_8-xOmso_3f-Ho0hjcy||height="109" width="601"]]**(% style="border:none; color:#000000; display:inline-block; font-family:~"Open Sans~",sans-serif; font-size:10.0042pt; font-style:normal; font-variant:normal; font-weight:700; height:170px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)**[[image:https://lh6.googleusercontent.com/O_Q2mNs--gRanZRl3Ryc0yfhco3GDCnyT1iGoJ0UlhqCqkwt6hLYBV0DnD-sj1h6iT4YLv5TAdkWN7GhSUUJRhCHGFHHxt-beKAKWnjuDCcg3BGiwUkFOyPC3mE3d-jE7Yzo7ku_ehaXQT_hNrHY9TDDRjSzbqMC9yzfyKi172dyA9dg4AMYQTfogk46||height="170" width="601"]]**(% style="border:none; color:#000000; display:inline-block; font-family:~"Open Sans~",sans-serif; font-size:10.0042pt; font-style:normal; font-variant:normal; font-weight:700; height:190px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)**[[image:https://lh6.googleusercontent.com/fYAjODl-emZT-TT85zyKMvVWctj2T-WO1Z28n1vy5FO8_y8FcMVNIZ3Rlr0aW2EnHOOk5wtv6kCGr4x1d-DOgb4cg4fhaajy2Bokcq-9fY7GPy8cMkDGY08z-DSzzgicI-9mcdcSv_hrMLZm43z6uTqmEro4bi6krOh_lPFkfHIl4Uu3VvXq45CpYrdm||height="190" width="601"]]**(% style="border:none; color:#000000; display:inline-block; font-family:~"Open Sans~",sans-serif; font-size:10.0042pt; font-style:normal; font-variant:normal; font-weight:700; height:100px; overflow:hidden; text-decoration:none; white-space:pre-wrap; width:601px" %)**[[image:https://lh4.googleusercontent.com/HbiuK9XJhF_aOaH-zV_ZJLXci1_erpB-JpDiuWDkdF1L2IZlUFhPWyEkiYY76yCcNYSvo3bSeIi-YDC-VRpJUiK7p09S5-vwV5QzYsTXsbayfzHxwj4mPwtlB6mj2RpxrG1wwE_GoJliu4PDjs9ad4MtltUR_TugNHABEFnz08T_PEQoKHAyKqn8gaoh||height="100" width="601"]]**(%%) === | ||
235 | |||
236 | |||
237 | (% style="line-height:1.2; margin-left:47px; margin-right:47px" %) | ||
238 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12.0067pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Démarrer les services OpenLDAP **(%%) === | ||
239 | |||
240 | |||
241 | ((( | ||
242 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
243 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
244 | (% style="line-height:1.38" %) | ||
245 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)service slapd (% style="background-color:#333333; color:#fcc28c; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)start(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:8.2921pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) | ||
246 | ))) | ||
247 | ))) | ||
248 | |||
249 | === Activer le lancement automatique du service au démarrage === | ||
250 | |||
251 | ((( | ||
252 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
253 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
254 | (% style="line-height: 1.38;" %) | ||
255 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo systemctl enable slapd | ||
256 | ))) | ||
257 | ))) | ||
258 | |||
259 | (% style="line-height:1.2" %) | ||
260 | == (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:18pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**BackUp d’OpenLDAP**(%%) == | ||
261 | |||
262 | |||
263 | ((( | ||
264 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
265 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
266 | (% style="line-height:1.38" %) | ||
267 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo slapcat -n 1 -l data.ldif | ||
268 | ))) | ||
269 | ))) | ||
270 | |||
271 | |||
272 | ((( | ||
273 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
274 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
275 | (% style="line-height:1.38" %) | ||
276 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo slapcat -n 0 -l config.ldif | ||
277 | ))) | ||
278 | ))) | ||
279 | |||
280 | |||
281 | |||
282 | |||
283 | (% style="line-height:1.2" %) | ||
284 | == (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:18pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Configuration de OpenLDAP**(%%) == | ||
285 | |||
286 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
287 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Charger le module de password policy : ppolicy**(%%) === | ||
288 | |||
289 | |||
290 | ((( | ||
291 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
292 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
293 | (% style="line-height:1.38" %) | ||
294 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -a -Y EXTERNAL -H ldapi:~/~// -f /etc/ldap/schema/ppolicy.ldif | ||
295 | ))) | ||
296 | ))) | ||
297 | |||
298 | |||
299 | (% style="line-height:1.2; text-indent:-51.05pt; margin-top:24px; margin-bottom:5px; padding:0pt 0pt 0pt 51.05pt" %) | ||
300 | ==== (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:italic; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**//Vérification //**(%%) ==== | ||
301 | |||
302 | |||
303 | ((( | ||
304 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
305 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
306 | (% style="line-height:1.38" %) | ||
307 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapsearch -Y EXTERNAL -s one -H ldapi:~/~// -b cn=schema,cn=config cn -LLL | ||
308 | ))) | ||
309 | ))) | ||
310 | |||
311 | |||
312 | |||
313 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Activer le module ppolicy module** | ||
314 | |||
315 | ((( | ||
316 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
317 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
318 | (% style="line-height:1.38" %) | ||
319 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi ppolicy-module.ldif | ||
320 | ))) | ||
321 | ))) | ||
322 | |||
323 | |||
324 | ((( | ||
325 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
326 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
327 | (% style="line-height:1.38" %) | ||
328 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): cn=module{0},cn=config(%%) | ||
329 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)changeType(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): modify(%%) | ||
330 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)add(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): olcModuleLoad(%%) | ||
331 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcModuleLoad(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): ppolicy | ||
332 | ))) | ||
333 | ))) | ||
334 | |||
335 | |||
336 | ((( | ||
337 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
338 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
339 | (% style="line-height:1.38" %) | ||
340 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -Y EXTERNAL -H ldapi:~/~// -f ppolicy-module.ldif | ||
341 | ))) | ||
342 | ))) | ||
343 | |||
344 | |||
345 | (% style="line-height:1.2; text-indent:-51.05pt; margin-top:24px; margin-bottom:5px; padding:0pt 0pt 0pt 51.05pt" %) | ||
346 | ==== (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:italic; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**//Vérification//**(%%) ==== | ||
347 | |||
348 | ((( | ||
349 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
350 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
351 | (% style="line-height:1.38" %) | ||
352 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo sudo ldapsearch -Y EXTERNAL -H ldapi:~/~// -b cn=config (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)"(objectClass=olcModuleList)"(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) olcModuleLoad -LLL | ||
353 | ))) | ||
354 | ))) | ||
355 | |||
356 | |||
357 | |||
358 | ---- | ||
359 | |||
360 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
361 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**A Hasher les mots de passe et bloquer les compte utilisateur ppolicy-conf**(%%) === | ||
362 | |||
363 | ((( | ||
364 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
365 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
366 | (% style="line-height:1.38" %) | ||
367 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi ppolicy-conf.ldif | ||
368 | ))) | ||
369 | ))) | ||
370 | |||
371 | |||
372 | ((( | ||
373 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
374 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
375 | (% style="line-height:1.38" %) | ||
376 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn: (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config(%%) | ||
377 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass: (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcPpolicyConfig(%%) | ||
378 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcOverlay: (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ppolicy(%%) | ||
379 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcPPolicyDefault: (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)cn=ppolicy,dc=digdash,dc=com(%%) | ||
380 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcPPolicyUseLockout: (% style="background-color:#333333; color:#fcc28c; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)TRUE(%%) | ||
381 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcPPolicyHashCleartext: (% style="background-color:#333333; color:#fcc28c; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)TRUE | ||
382 | ))) | ||
383 | ))) | ||
384 | |||
385 | |||
386 | ((( | ||
387 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
388 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
389 | (% style="line-height:1.38" %) | ||
390 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -a -Y EXTERNAL -H ldapi:~/~// -f ppolicy-conf.ldif | ||
391 | ))) | ||
392 | ))) | ||
393 | |||
394 | |||
395 | (% style="line-height:1.2; text-indent:-51.05pt; margin-top:24px; margin-bottom:5px; padding:0pt 0pt 0pt 51.05pt" %) | ||
396 | ==== (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:italic; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**//Vérification//**(%%) ==== | ||
397 | |||
398 | ((( | ||
399 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
400 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
401 | (% style="line-height:1.38" %) | ||
402 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapsearch -Y EXTERNAL -H ldapi:~/~// -b cn=config (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)"(objectClass=olcPpolicyConfig)"(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) -LLL | ||
403 | ))) | ||
404 | ))) | ||
405 | |||
406 | |||
407 | 1. (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**olcPPolicyDefault**(% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %): Indique un DN de configuration utilisé par défaut (cf. paragraphe suivant). | ||
408 | 1. (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**olcPPolicyHashCleartext**(% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %): Indique si les mots de passe doivent être cryptés systématiquement. Ce paramètre devrait être à TRUE sauf cas exceptionnel. | ||
409 | 1. (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**olcPPolicyUseLockout**(% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %): Indique si le message d’erreur retourné en cas de tentative de connexion à un compte verrouillé est un message spécifique à cet état de verrouillage (TRUE), ou un message général d’echec de connexion (FALSE). FALSE est plus sécurisé (pas d’indication à un éventuel pirate), TRUE est plus pratique. | ||
410 | |||
411 | ---- | ||
412 | |||
413 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
414 | === === | ||
415 | |||
416 | |||
417 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
418 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Définition d’une politique de mot de passe**(%%) === | ||
419 | |||
420 | ((( | ||
421 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
422 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
423 | (% style="line-height:1.38" %) | ||
424 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi ppolicy-defaut.ldif | ||
425 | ))) | ||
426 | ))) | ||
427 | |||
428 | |||
429 | ((( | ||
430 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
431 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
432 | (% style="line-height:1.38" %) | ||
433 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): cn=ppolicy,dc=digdash,dc=com(%%) | ||
434 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): device(%%) | ||
435 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): pwdPolicyChecker(%%) | ||
436 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): pwdPolicy(%%) | ||
437 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)cn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): ppolicy(%%) | ||
438 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdAllowUserChange(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): TRUE(%%) | ||
439 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdAttribute(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): userPassword(%%) | ||
440 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdCheckQuality(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 1(%%) | ||
441 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdExpireWarning(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 600(%%) | ||
442 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdFailureCountInterval(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 30(%%) | ||
443 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdGraceAuthNLimit(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 5(%%) | ||
444 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdInHistory(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 5(%%) | ||
445 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdLockout(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): TRUE(%%) | ||
446 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdLockoutDuration(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 900(%%) | ||
447 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdMaxAge(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 0(%%) | ||
448 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdMaxFailure(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 5(%%) | ||
449 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdMinAge(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 0(%%) | ||
450 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdMinLength(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 12(%%) | ||
451 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdMustChange(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): FALSE(%%) | ||
452 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)pwdSafeModify(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): FALSE | ||
453 | ))) | ||
454 | ))) | ||
455 | |||
456 | |||
457 | ((( | ||
458 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
459 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
460 | (% style="line-height:1.38" %) | ||
461 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -x -a -H ldap:~/~/localhost -D cn=admin,dc=digdash,dc=com -W -f ppolicy-defaut.ldif | ||
462 | ))) | ||
463 | ))) | ||
464 | |||
465 | |||
466 | (% style="line-height:1.2; text-indent:-51.05pt; margin-top:24px; margin-bottom:5px; padding:0pt 0pt 0pt 51.05pt" %) | ||
467 | ==== (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:italic; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**//Vérification//**(%%) ==== | ||
468 | |||
469 | ((( | ||
470 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
471 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
472 | (% style="line-height:1.38" %) | ||
473 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapsearch -Y EXTERNAL -H ldapi:~/~// -b dc=digdash,dc=com (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)"(objectClass=pwdPolicy)"(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) -LLL | ||
474 | ))) | ||
475 | ))) | ||
476 | |||
477 | |||
478 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
479 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Création d’une nouvelle organisation**(%%) === | ||
480 | |||
481 | |||
482 | ((( | ||
483 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
484 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
485 | (% style="line-height:1.38" %) | ||
486 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi neworganisation.ldif | ||
487 | ))) | ||
488 | ))) | ||
489 | |||
490 | |||
491 | ((( | ||
492 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
493 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
494 | (% style="line-height:1.38" %) | ||
495 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): ou=default,dc=digdash,dc=com(%%) | ||
496 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): organizationalUnit(%%) | ||
497 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ou(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): default | ||
498 | ))) | ||
499 | ))) | ||
500 | |||
501 | |||
502 | ((( | ||
503 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
504 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
505 | (% style="line-height:1.38" %) | ||
506 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldapadd -H ldap:~/~/localhost -D cn=admin,dc=digdash,dc=com -x -W -f neworganisation.ldif | ||
507 | ))) | ||
508 | ))) | ||
509 | |||
510 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
511 | === (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:14pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Création d’un utilisateur admin avec les bon droit**(%%) === | ||
512 | |||
513 | (% style="line-height:1.2" %) | ||
514 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Le super admin bypass les politiques de mot de passe, s' il est définie comme compte de connexion dans Digdash les politiques de mot de passe LDAP ne seront pas appliquées! | ||
515 | |||
516 | ((( | ||
517 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
518 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
519 | (% style="line-height:1.38" %) | ||
520 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi create_user_admin.ldif | ||
521 | ))) | ||
522 | ))) | ||
523 | |||
524 | |||
525 | ((( | ||
526 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
527 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
528 | (% style="line-height:1.38" %) | ||
529 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn: (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)uid(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)=admin,ou=default,dc=digdash,dc=com(%%) | ||
530 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass: shadowAccount(%%) | ||
531 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)objectClass: inetOrgPerson(%%) | ||
532 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)cn: Admin Domain(% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) Default(%%) | ||
533 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sn:(% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) Default(%%) | ||
534 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)uid: admin_default | ||
535 | ))) | ||
536 | ))) | ||
537 | |||
538 | |||
539 | ((( | ||
540 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
541 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
542 | (% style="line-height:1.38" %) | ||
543 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldapadd -H ldap:~/~/localhost -D cn=admin,dc=digdash,dc=com -x -W -f create_user_admin.ldif | ||
544 | ))) | ||
545 | ))) | ||
546 | |||
547 | |||
548 | ((( | ||
549 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
550 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
551 | (% style="line-height:1.38" %) | ||
552 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi add_right_admin.ldif | ||
553 | ))) | ||
554 | ))) | ||
555 | |||
556 | |||
557 | ((( | ||
558 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
559 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
560 | (% style="line-height:1.38" %) | ||
561 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn: olcDatabase={1}mdb,cn=config | ||
562 | |||
563 | (% style="line-height:1.38" %) | ||
564 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)changetype: modify | ||
565 | |||
566 | (% style="line-height:1.38" %) | ||
567 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)add: olcAccess | ||
568 | |||
569 | (% style="line-height:1.38" %) | ||
570 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcaccess: {0}to dn.subtree=ou=default,dc=digdash,dc=com attrs=userpassword,shadowlastchange by dn.exact=uid=admin,ou=default,dc=digdash,dc=com write by self write by anonymous auth by * read | ||
571 | |||
572 | (% style="line-height:1.38" %) | ||
573 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcaccess: {1}to dn.subtree=ou=default,dc=digdash,dc=com by dn.exact=uid=admin,ou=default,dc=digdash,dc=com write by * read | ||
574 | ))) | ||
575 | ))) | ||
576 | |||
577 | |||
578 | ((( | ||
579 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
580 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
581 | (% style="line-height:1.38" %) | ||
582 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -a -Y EXTERNAL -H ldapi:~/~// -f add_right_admin.ldif | ||
583 | ))) | ||
584 | ))) | ||
585 | |||
586 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
587 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Définir le mot de passe du nouvel admin | ||
588 | |||
589 | |||
590 | ((( | ||
591 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
592 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
593 | (% style="line-height:1.38" %) | ||
594 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldappasswd -H ldap:~/~/localhost -x -D (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)"cn=admin,dc=digdash,dc=com"(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) -W -S (% style="background-color:#333333; color:#a2fca2; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)"uid=admin,ou=default,dc=digdash,dc=com" | ||
595 | ))) | ||
596 | ))) | ||
597 | |||
598 | |||
599 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
600 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:23pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Étendre la limite de 500 pour les recherches LDAP** | ||
601 | |||
602 | ((( | ||
603 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
604 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
605 | (% style="line-height:1.38" %) | ||
606 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi extend_limit_search.ldif | ||
607 | ))) | ||
608 | ))) | ||
609 | |||
610 | |||
611 | ((( | ||
612 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
613 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
614 | (% style="line-height:1.38" %) | ||
615 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): olcDatabase={-1}frontend,cn=config(%%) | ||
616 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)changetype(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): modify(%%) | ||
617 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)replace(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): olcSizeLimit(%%) | ||
618 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcSizeLimit(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 3000 | ||
619 | ))) | ||
620 | ))) | ||
621 | |||
622 | |||
623 | ((( | ||
624 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
625 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
626 | (% style="line-height:1.38" %) | ||
627 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)sudo ldapmodify -(% style="background-color:#333333; color:#fcc28c; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)a(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %) -Y EXTERNAL -H ldapi:(% style="background-color:#333333; color:#888888; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)~/~// -f (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)extend_limit_search(% style="background-color:#333333; color:#888888; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %).ldif | ||
628 | ))) | ||
629 | ))) | ||
630 | |||
631 | |||
632 | (% style="line-height:1.2; margin-top:32px; margin-bottom:8px" %) | ||
633 | = (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:23pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Débloquer un compte bloqué manuellement**(%%) = | ||
634 | |||
635 | ((( | ||
636 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
637 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
638 | (% style="line-height:1.38" %) | ||
639 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)vi unlock.ldif | ||
640 | ))) | ||
641 | ))) | ||
642 | |||
643 | |||
644 | ((( | ||
645 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
646 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
647 | (% style="line-height:1.38" %) | ||
648 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): uid=olivier,ou=users,dc=digdash,dc=com(%%) | ||
649 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)changetype(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): modify(%%) | ||
650 | (% style="background-color:#333333; color:#ffffaa; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)delete(% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): pwdAccountLockedTime | ||
651 | ))) | ||
652 | ))) | ||
653 | |||
654 | |||
655 | ((( | ||
656 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
657 | |(% style="background-color:#333333; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
658 | (% style="line-height:1.38" %) | ||
659 | (% style="background-color:#333333; color:#ffffff; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldapmodify -x -H ldap:~/~/localhost -D cn=admin,dc=digdash,dc=com -W -f unlock.ldif | ||
660 | ))) | ||
661 | ))) | ||
662 | |||
663 | |||
664 | (% style="line-height:1.2; margin-top:16px; margin-bottom:16px" %) | ||
665 | [[(% style="font-size:12pt; font-variant:normal; white-space:pre-wrap" %)__Overriding password policy and unlocking accounts__>>url:https://www.ibm.com/docs/en/zos/2.2.0?topic=policy-overriding-password-unlocking-accounts||style="text-decoration:none"]] | ||
666 | |||
667 | |||
668 | |||
669 | (% style="line-height:1.38; text-align:justify" %) | ||
670 | = (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:24pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**Augmenter la mémoire de la base de données MDB**(%%) = | ||
671 | |||
672 | |||
673 | (% style="line-height:1.2" %) | ||
674 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:italic; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)//Nécessaire en cas d’erreur de type “MDB_MAP_FULL: Environment mapsize limit reached”// | ||
675 | |||
676 | |||
677 | (% style="line-height:1.2" %) | ||
678 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Créer le fichier de configuration “increase_mem.ldif” avec le contenu suivant : | ||
679 | |||
680 | |||
681 | ((( | ||
682 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
683 | |(% style="background-color:#161b1d; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
684 | (% style="line-height:1.38" %) | ||
685 | (% style="background-color:#161b1d; color:#d22d72; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)dn(% style="background-color:#161b1d; color:#7ea2b4; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): olcDatabase={1}mdb,cn=config(%%) | ||
686 | (% style="background-color:#161b1d; color:#d22d72; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)changetype(% style="background-color:#161b1d; color:#7ea2b4; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): modify(%%) | ||
687 | (% style="background-color:#161b1d; color:#d22d72; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)replace(% style="background-color:#161b1d; color:#7ea2b4; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): olcDbMaxSize(%%) | ||
688 | (% style="background-color:#161b1d; color:#d22d72; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)olcDbMaxSize(% style="background-color:#161b1d; color:#7ea2b4; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %): 10000000000 | ||
689 | ))) | ||
690 | ))) | ||
691 | |||
692 | |||
693 | (% style="line-height:1.2" %) | ||
694 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**olcDbMaxSize**(% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %) doit être exprimé en (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:700; text-decoration:none; white-space:pre-wrap" %)**bytes**(% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %). Dans l’exemple ci-dessus le réglages est à 10GB | ||
695 | |||
696 | |||
697 | (% style="line-height:1.2" %) | ||
698 | (% style="color:#000000; font-family:~"Open Sans~",sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Exécuter la commande : | ||
699 | |||
700 | ((( | ||
701 | (% cellspacing="0" style="border-collapse:collapse; border:none; width:1040px" %) | ||
702 | |(% style="background-color:#161b1d; padding:7px 7px 7px 7px; vertical-align:top" %)((( | ||
703 | (% style="line-height:1.38" %) | ||
704 | (% style="background-color:#161b1d; color:#7ea2b4; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldapmodify -H (% style="background-color:#161b1d; color:#568c3b; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)ldapi:(% style="background-color:#161b1d; color:#7195a8; font-family:Consolas,sans-serif; font-size:12pt; font-style:normal; font-variant:normal; font-weight:400; overflow-wrap:break-word; overflow:hidden; text-decoration:none; white-space:pre-wrap" %)~/~// -Y EXTERNAL -f increase_mem.ldif | ||
705 | ))) | ||
706 | ))) | ||
707 | |||
708 | |||
709 | = MariaDB (Préconisé) = | ||
710 | |||
711 | La base de données MariaDB va servir à stocker les éléments suivants : Commentaires, données d'audit et formulaires de saisies. | ||
712 | |||
713 | Cette base est plus pérenne qu'une base H2 c'est pourquoi nous préconisons son utilisation. Si vous possédez déjà une base de données sur laquelle digdash peut écrire et lire alors passez à l'étape de configuration. | ||
714 | |||
715 | Cela fonctionne aussi avec Mysql ou Postgresql. | ||
716 | |||
717 | == Installation == | ||
718 | |||
719 | {{code language="shell"}} | ||
720 | sudo apt install mariadb-server | ||
721 | {{/code}} | ||
722 | |||
723 | {{code language="shell"}} | ||
724 | #Démarrage de mariadb | ||
725 | sudo systemctl start mariadb | ||
726 | #Arrêt de mariadb | ||
727 | sudo systemctl stop mariadb | ||
728 | #Reload pour prise en compte de modification de configuration | ||
729 | sudo systemctl reload mariadb | ||
730 | sudo systemctl force-reload mariadb | ||
731 | #Connaître la version | ||
732 | mariadb --version | ||
733 | |||
734 | {{/code}} | ||
735 | |||
736 | (% class="wikigeneratedid" %) | ||
737 | Lancer mysql_secure_installation, cela va permettre de sécuriser l'installation | ||
738 | |||
739 | {{code language="shell"}} | ||
740 | sudo mysql_secure_installation | ||
741 | |||
742 | # Répondez oui à toutes les étapes | ||
743 | {{/code}} | ||
744 | |||
745 | === Activation du lancement automatique du service au démarrage === | ||
746 | |||
747 | {{code language="shell"}} | ||
748 | sudo systemctl enable mariadb | ||
749 | {{/code}} | ||
750 | |||
751 | == Configuration côté base de données == | ||
752 | |||
753 | Nous allons créer une base pour chaque domaine et chaque webapps (par exemple prod_ddaudit et dev_ddaudit et ainsi de suite) | ||
754 | |||
755 | Dans l'exemple ci dessous nous allons considérer qu'il n'existe qu'un environnement 'default'. | ||
756 | |||
757 | {{code language="shell"}} | ||
758 | # Lancer mariadb | ||
759 | sudo mariadb -u root -p | ||
760 | |||
761 | # Créer toutes les bases de données nécessaires domaine_module | ||
762 | CREATE DATABASE default_ddaudit; | ||
763 | CREATE DATABASE default_comment; | ||
764 | CREATE DATABASE default_ddentry; | ||
765 | |||
766 | # Créer un user pour chaque base de données domaine_user_module | ||
767 | CREATE USER 'default_user_ddaudit'@'localhost' IDENTIFIED BY 'mynewpassword'; | ||
768 | CREATE USER 'default_user_comment'@'localhost' IDENTIFIED BY 'mynewpassword'; | ||
769 | CREATE USER 'default_user_ddentry'@'localhost' IDENTIFIED BY 'mynewpassword'; | ||
770 | |||
771 | # Attribuer les droits aux utilisateurs sur les bonnes bases | ||
772 | GRANT ALL PRIVILEGES ON default_comment.* TO 'default_user_comment'@'localhost'; | ||
773 | GRANT ALL PRIVILEGES ON default_ddaudit.* TO 'default_user_ddaudit'@'localhost'; | ||
774 | GRANT ALL PRIVILEGES ON default_ddentry.* TO 'default_user_ddentry'@'localhost'; | ||
775 | {{/code}} | ||
776 | |||
777 | == Configuration côté Digdash == | ||
778 | |||
779 | (% style="line-height:1.2; text-align:justify; margin-top:13px; margin-bottom:13px" %) | ||
780 | === (% style="color:#36525b; font-family:~"Open Sans~",sans-serif; font-size:11pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Aller dans Configuration -> Paramètres serveur -> Commentaires et renseigner ici l’URL, l’utilisateur et le mot de passe.(%%) === | ||
781 | |||
782 | |||
783 | (% style="line-height:1.2; text-indent:0.15354330708661657pt; text-align:justify" %) | ||
784 | (% style="color:#36525b; font-family:~"Open Sans~",sans-serif; font-size:11pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Cette solution permet de sécuriser l’accès à la base de données de commentaires. | ||
785 | |||
786 | |||
787 | (% style="text-align:center" %) | ||
788 | [[image:https://lh6.googleusercontent.com/sHRfXlPRTLTxdOGOHrPyBVt4F0HOd2Crn-OM8bOShsC1k8CifQmUyk2wM3kG1xUwD1m-9HPDE64pgcG8FkE6q-5dZ5A_LfxqKxieE5tSTsq7cKrdBwf-SN2_0gdGGuCVVQJCQnClNV3rb0sfUTWkttOKHA7V5fiCCalwJcnDhDSRUbI7AlthzOZzByamUQ||height="105" width="709"]] | ||
789 | |||
790 | |||
791 | (% style="line-height:1.2; text-indent:0.15354330708661657pt; text-align:justify" %) | ||
792 | (% style="color:#36525b; font-family:~"Open Sans~",sans-serif; font-size:11pt; font-style:normal; font-variant:normal; font-weight:400; text-decoration:none; white-space:pre-wrap" %)Faire la même manipulation pour la base de données : Données d’audit. | ||
793 | |||
794 | |||
795 | |||
796 | = NGINX (Optionnel) = | ||
797 | |||
798 | Nous utilisons Nginx comme reverse proxy | ||
799 | |||
800 | == Installation == | ||
801 | |||
802 | {{code language="shell"}} | ||
803 | sudo apt install nginx | ||
804 | {{/code}} | ||
805 | |||
806 | === Activation du lancement automatique du service au démarrage === | ||
807 | |||
808 | {{code language="shell"}} | ||
809 | sudo systemctl enable nginx | ||
810 | {{/code}} | ||
811 | |||
812 | == Configuration == | ||
813 | |||
814 | Créer le fichier de configuration portant le nom de votre machine ou de votre environnement (ici documentation) | ||
815 | |||
816 | Dans le dossier /etc/nginx | ||
817 | |||
818 | {{code language="shell"}} | ||
819 | # Créer le fichier de conf | ||
820 | sudo nano /etc/nginx/sites-available/001-digdash.conf | ||
821 | {{/code}} | ||
822 | |||
823 | {{code language="shell"}} | ||
824 | # Ajouter ce contenu à l'intérieur : | ||
825 | upstream backend_tomcat{ | ||
826 | least_conn; | ||
827 | server localhost:8080 fail_timeout=0; | ||
828 | } | ||
829 | |||
830 | |||
831 | server { | ||
832 | listen [::]:80; | ||
833 | listen 80; | ||
834 | server_name *.mondomaine.com; | ||
835 | |||
836 | # Redirect all non-https requests | ||
837 | rewrite ^ https://$host$request_uri? permanent; | ||
838 | |||
839 | error_log /var/log/nginx/digdash.com.error_log warn; | ||
840 | access_log /var/log/nginx/digdash.com.access.log; | ||
841 | } | ||
842 | |||
843 | server { | ||
844 | listen [::]:443 ssl http2 default_server; | ||
845 | listen 443 ssl http2 default_server; | ||
846 | server_name *.mondomaine.com; | ||
847 | |||
848 | client_max_body_size 4G; | ||
849 | proxy_read_timeout 300; | ||
850 | proxy_connect_timeout 300; | ||
851 | proxy_send_timeout 300; | ||
852 | |||
853 | error_log /var/log/nginx/digdash.com.error_log warn; | ||
854 | access_log /var/log/nginx/digdash.com.access.log; | ||
855 | |||
856 | # Certificate(s) and private key | ||
857 | ssl_certificate_key /emplacement/de/la/clé/macle.key; | ||
858 | ssl_certificate /emplacement/du/certificat/moncertif.crt; | ||
859 | |||
860 | #DigDash Management SSL | ||
861 | include digdash_ssl_params; | ||
862 | |||
863 | location / { | ||
864 | include proxy_params; | ||
865 | proxy_intercept_errors on; | ||
866 | proxy_pass http://backend_tomcat; | ||
867 | proxy_cookie_path ~^/(.+)$ "/$1; HTTPOnly; Secure;samesite=none;"; | ||
868 | } | ||
869 | } | ||
870 | {{/code}} | ||
871 | |||
872 | Puis créer un lien symbolique dans site enabled | ||
873 | |||
874 | {{code language="shell"}} | ||
875 | sudo ln -s /etc/nginx/sites-available/001-digdash.conf /etc/nginx/sites-enabled/001-digdash.conf | ||
876 | {{/code}} | ||
877 | |||
878 | Créer le fichier digdash_ssl_params contenant la politique de securité. | ||
879 | |||
880 | {{code language="shell"}} | ||
881 | sudo nano digdash_ssl_params | ||
882 | {{/code}} | ||
883 | |||
884 | {{code language="shell"}} | ||
885 | # Or, generate random dhparam | ||
886 | # openssl dhparam 4096 -out /etc/ssl/dhparam.pem | ||
887 | #ssl_dhparam /etc/ssl/dhparam.pem; | ||
888 | |||
889 | ssl_protocols TLSv1.3 TLSv1.2; | ||
890 | |||
891 | ssl_prefer_server_ciphers on; | ||
892 | ssl_ecdh_curve secp521r1:secp384r1; | ||
893 | ssl_ciphers EECDH+AESGCM:EECDH+AES256; | ||
894 | |||
895 | ssl_session_cache shared:TLS:2m; | ||
896 | ssl_buffer_size 4k; | ||
897 | |||
898 | # OCSP stapling | ||
899 | ssl_stapling on; | ||
900 | ssl_stapling_verify on; | ||
901 | resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001]; # Cloudflare | ||
902 | |||
903 | # Set HSTS to 365 days | ||
904 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload' always; | ||
905 | {{/code}} |