How to Configure LDAP Server
Step 1: Introduction
LDAP stands for Lightweight Directory Access Protocol. It is a lightweight client-server protocol for accessing directory services. LDAP runs over TCP/IP or other connection oriented transfer services.
Step 2: Installation
Use the following command to install LDAP or you may download and install the service manually from http://www.openldap.org
# yum install *openldap* -y
Step 3: Start ldap service
# chkconfig --levels 235 ldap on # service ldap start
Step 4: Create LDAP root user password
# slappasswd New password: Re-enter new password: {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW
Step 5: Configuration
Update /etc/openldap/slapd.conf for the root password
# vi /etc/openldap/slapd.conf #68 database bdb #69 suffix "dc=adminmart,dc=com" #70 rootdn "cn=Manager,dc=adminmart,dc=com" #71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW
Step 6: Restart Service
# service ldap restart
Step 7: Create Local Users
# useradd test1 # passwd test1 Changing password for user test1. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully. # useradd test2 # passwd test2 Changing password for user test2. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully.
Step 8: Migrate local users to LDAP
# grep root /etc/passwd > /etc/openldap/passwd.root # grep test1 /etc/passwd > /etc/openldap/passwd.test1 # grep test2 /etc/passwd > /etc/openldap/passwd.test2
Step 9: Default Configuration
Update default settings on file /usr/share/openldap/migration/migrate_common.ph
#71 $DEFAULT_MAIL_DOMAIN = "adminmart.com"; #74 $DEFAULT_BASE = "dc=adminmart,dc=com";
Step 10: Convert passwd.file to ldif
Convert passwd.file to ldif (LDAP Data Interchange Format) file
# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif # /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif # /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif
Step 11: Update root.ldif
Update root.ldif file for the “Manager” of LDAP Server
# vi /etc/openldap/root.ldif #1 dn: uid=root,ou=People,dc=adminmart,dc=com #2 uid: root #3 cn: Manager #4 objectClass: account
Step 12: Create a domain ldif file
Create a domain ldif file (/etc/openldap/adminmart.com.ldif) using cat command
# cat /etc/openldap/adminmart.com.ldif dn: dc=adminmart,dc=com dc: adminmart description: LDAP Admin objectClass: dcObject objectClass: organizationalUnit ou: rootobject dn: ou=People, dc=adminmart,dc=com ou: People description: Users of adminmart objectClass: organizationalUnit
Step 13: Import all users in to the LDAP
Import all users in to the LDAP
Add the Domain ldif file
# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldif Enter LDAP Password: adding new entry "dc=adminmart,dc=com" adding new entry "ou=People, dc=adminmart,dc=com"
Add the users:
# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/root.ldif Enter LDAP Password: adding new entry "uid=root,ou=People,dc=adminmart,dc=com" adding new entry "uid=operator,ou=People,dc=adminmart,dc=com" # ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test1.ldif Enter LDAP Password: adding new entry "uid=test1,ou=People,dc=adminmart,dc=com" # ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test2.ldif Enter LDAP Password: adding new entry "uid=test2,ou=People,dc=adminmart,dc=com"
Step 14: Restart ldap service
# service ldap restart
Step 14: Test LDAP Server
It prints all the user information:
# ldapsearch -x -b 'dc=adminmart,dc=com' '(objectclass=*)'
Heya i am for the first time here. I found this board and I find It really useful & it helped me out much.
I hope to give something back and aid others like you helped me.