Nginx作为LDAP转发代理,怎么做？

jqjz2hbq 于 2023-10-17 发布在 Nginx

关注(0)|答案(1)|浏览(258)

我需要一个用于LDAP服务的转发TCP代理db.debian.org：389。这是公共LDAP。我用Nginx做的。
下面是Nginx的配置：

stream {
    server {
        listen     389;
        proxy_pass db.debian.org:389;
    }
}

Nginx在localhost上打开TCP端口389

nc -zv localhost 389

Connection to localhost (127.0.0.1) 389 port [tcp/*] succeeded!

但是LDAP服务在localhost上不起作用：389

ldapsearch -x -H ldap://localhost -x -b 'gid=slyon,ou=users,dc=debian,dc=org' -v -d8

ldap_initialize( ldap://localhost:389/??base )
ber_get_next failed, errno=0.
ldap_result: Can't contact LDAP server (-1)

为什么？如何代理LDAP请求？

nginx

来源：https://stackoverflow.com/questions/77135497/nginx-as-ldap-forward-proxy-how

1条答案

按热度按时间

j2cgzkjk1#

整个Nginx配置必须包含以下部分：http{}、stream{}和events{}处于同一水平。
文件nginx.conf必须在/etc/nginx/nginx.conf中
它应该看起来像（这是无特权的Nginx）

worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /tmp/nginx.pid;

events {
    worker_connections  1024;
}

http {
    proxy_temp_path /tmp/proxy_temp;
    client_body_temp_path /tmp/client_temp;
    fastcgi_temp_path /tmp/fastcgi_temp;
    uwsgi_temp_path /tmp/uwsgi_temp;
    scgi_temp_path /tmp/scgi_temp;

    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '{"time": "$time_iso8601",...}';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       8080;

        location / {
            root   /usr/share/nginx/html;
            index  index.html;
        }
    }
}

stream {
    log_format  upstream_log  '{"time": "$time_iso8601",...}';

    server {
        listen     389;
        proxy_pass db.debian.org:389;
        access_log /var/log/nginx/access.log upstream_log;
    }
}

赞(0）回复(0）举报 2023-10-17

我来回答

Nginx作为LDAP转发代理,怎么做？

1条答案

相关问题

热门标签

最新问答