OpenLDAP Installation On Ubuntu

From The World according to Vissie
Jump to navigation Jump to search

Configuring The LDAP Server

To install OpenLDAP type...

sudo apt-get install slapd ldap-utils

configure slapd

sudo dpkg-reconfigure slapd

We want to setup slapd, so you don't want to omit the OpenLDAP configuration. Pick No. For the Database, use BDB

The command "ldapsearch -x -b dc=asetest" will basically dump records in the base DN of dc=asetest without using authentication. You should see basic things such as the admin entry. The LDAP directory is good to go.

ldapsearch -x -b dc=asetest

Look at the config file

/etc/ldap/slapd.conf 

If you changed the config file, you must restart slapd. "sudo /etc/init.d/slapd restart" will restart the process. This step is actually the final step needed to get a working LDAP server. The next step is optional and extremely useful.

sudo /etc/init.d/slapd restart

Install phpLDAPadmin

sudo apt-get install phpldapadmin

You can now navigate to that server's name or IP address and append /phpldapadmin/ and get to the phpLDAPadmin page in a browser.

http://localhost/phpldapadmin

The Login DN is a distinguished name. This is a full typed LDAP entry. Mine would be "cn=admin,dc=asetest". Let's say your server directory wa ldap.aseserver.asetest and the name was admin. The Login DN would be "cn=admin,dc=ldap,dc=aseserver,dc=asetest". The password is your admin password.

Configuring The LDAP Client

LDAP clients are configured using the /etc/openldap/ldap.conf file. You need to make sure that the file refers to the LDAP server's IP address for the domain example.com. The file should look like this:

HOST 192.168.1.100
BASE dc=example,dc=com

Do NOT select TLS, do the rest

env LANG=C authconfig-tui
[*] Use Shadow Passwords
[*] Use MD5 Passwords
[*] Use LDAP                   [ ] Use TLS                 
                      Server: 192.168.1.100
                     Base DN: dc=example,dc=com

When finished, look at the /etc/nsswitch.conf file and make sure it has references to LDAP. Note: In some Linux versions, the authconfig-tui command is replaced with the authconfig command.


References

http://www.aselabs.com/articles.php?id=246 http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch31_:_Centralized_Logins_Using_LDAP_and_RADIUS http://ubuntuforums.org/showthread.php?t=640760