LDAP Server Install LDAP Server Installation and Configuration The LDAP server can be a little tricky when

you set it up so be careful to watch file locations and spelling so that you do not cause yourself more trouble than you need. Set up a basic LDAP that is working correctly before you start with a secure method of communication, like TLS. Lesson 4 / Lesson 6 Install with yum yum install openldap-servers The clients package is not needed on the server if that is all it will do is be a server. Note: The nss_ldap package, installed by default, contains libnss_ldap and pam_ldap, both which you will need for the client. The pam_ldap will help with integration of LDAP and email, SSH, FTP, Samba, etc. Configuration of LDAP Whenever you need to create passwords use the slappasswd application which will create an encrypted password for you. Create your user and then add the password to the LDAP user. Create a root Password: slappasswd New password: Re-enter new password: {SSHA}qFOeJuRxMW6PBy+xSLhkyzdYKAUFcbfj For linuxtrained, if you needed to create a new password for admin user you would use slappasswd and then copy the password that was created and insert it in your /etc/openldap/slapd.conf. # rootdn directive for specifying a superuser on the database. This is needed # for syncrepl. rootdn "cn=admin,dc=linux,dc=local" rootpw {SSHA}k1wLLf+cCUArjAt2BuFGe6OYdSiayIZd Preparation for Starting Before starting LDAP you must set your database type for Database #1, the suffix for your domain, set your rootdn, rootdn password and the directory location for you files. Note that linuxtrained.net is the domain that is used here. Edit /etc/openldap/slapd.conf and make the necessary changes. database suffix rootdn rootpw bdb "dc=linuxt,dc=local" "cn=admin,dc=linuxt,dc=local" {SSHA}k1wLLf+cCUArjAt2BuFGe6OYdSiayIZd

directory

"/var/lib/ldap"

Before you can add your init.ltif you need to remove the old directories if you had old entries. # rm -rf /var/lib/ldap/*

Create a /var/lib/ldap/DB_CONFIG file with these settings: set_cachesize 0 15000000 1 set_lg_regionmax 262144 set_lg_bsize 2097152 set_flags DB_LOG_AUTOREMOVE

Configure your init.ltif Here are the three files you will need to add to get a basic setup. init.ldif dn: dc=linux,dc=local dc: linux objectClass:dcObject objectClass: organizationalUnit ou: Linux Dot Local dn: ou=People,dc=linux,dc=local ou: People objectClass: organizationalUnit usrs.ldif dn: uid=joe,ou=people,dc=linux,dc=local objectClass: inetOrgPerson cn: Joe Smith sn: Smith uid: joe userPassword: linux99 telephoneNumber: 123-222-0033

homePhone: 124-131-2256 mail: joe@somewhere.netjoe@somewhere.net description: This is a test of LDAP. admin.ldif dn: cn=admin,ou=people,dc=linux,dc=local objectclass: person cn: admin sn: admin userPassword: linux99 Here is the init.ltif File Add the init.ltif file to LDAP system # slapadd -l init.ldif # slapadd -l users.ldif # slapadd -l admin.ldif Note that this program must be run as root, however, the server, due to security concerns, runs as the ldap user. Therefore, once you add an ldif file you must change the ownership of the /var/lib/ldap directory. Change Permissions chown -R ldap:ldap /var/lib/ldap/ Now Start LDAP service ldap start Copyright by CyberMontana Inc. Cannot be reproduced without written permission. Box 1262 Trout Creek, MT 59874

Choose Your Path

Linux Tips
Sign up for tips in your email

This week: The Apache Web Server

Name:
þÿ

Email:
þÿ

Desktop
Execute .run files on Ubuntu 10.04 Add Software Repository to Ubuntu Ubuntu 10.04 Window Button Location Update Manager Basics HTML5 On Ubuntu 10.04

WINDOWS-TO-LINUX
Conditions Case Statement While Loop For Loop Flow Control

LINUX ADMIN
Fix GRUB Config GRUB Error Mesages GRUB Protection GRUB Commands Configure GRUB

Connect With Us