Lightweight Directory Access Protocol is a special protocol used for the management of a related information via a centralized location with the aid of directory hierarchy and a file. To centralize authentication, LDAP should be used.
In this tutorial, we will show you how to install and configure OpenLDAP server on a Linux VPS. We will sample it with some groups and users.
How To Install LDAP
The OpenLDAP server is in Linux default repositories located under the package “slapd“, so it can be easily installed with apt-get. Some addit:onal utilities will also be installed as we move on.
sudo apt-get update
sudo apt-get install slapd ldap-utils
You will be notified to enter and confirm your administrator password for LDAP administrator account.
After the installation has been completed, it is important that we reconfigure the LDAP package. The following code will bring up the package configuration tool
sudo dpkg-reconfigure slapd
A series of question on how you want to configure the package will be asked
- Omit OpenLDAP server configuration?No
- DNS domain name?
- A base structure will be created in you directory path.
- There are no specific rules on how to configure this. If you have a specific domain name on your server, you can use it, otherwise, you can use something else.
- In this article, we will call itcom
- Organization name?
- Again, it’s your choice
- We will useexample in this guide.
- Administrator password?
- You can choose a new password or you the one we used during installation
- Database backend to use?HDB
- Remove the database when slapd is purged?No
- Move old database?Yes
- Allow LDAPv2 protocol?No
LDAP will be administered using a web browser called PHPldapadmin. You can also find it in Ubuntu’s default repositories.
Go ahead and Install it with this line of code:
sudo apt-get install phpldapadmin
All the php dependencies and web server will be installed.
Some values need to be configured in the web interface configuration.
Using root privileges open the root file:
sudo nano /etc/phpldapadmin/config.php
Modify the following searched section.
The red value stands for how you will be referencing your server, either by domain name or IP address
For the next section, you will need to use the same value we used when we were asked for the DNS domain name when configuring “slapd”
Covert it to an acceptable LPAD format by separating every domain component. Anything separated by a dot (,) are domain component.
These components will be given as values to the “dc” attribute.
For example, If the DNS domain name you entered was “berry.lalala.com”, LDAP would need to see “dc=berry,dc=lalala,dc=com”. Edit this entry to reflect the name been selected by you (ours is “mytest.com” as you recall):
The modify the next value we will be using the same domain components that was used during the setup of our last entry. Add this line after the “cn=admin” in the entry below:
$servers->setValue (‘login’,’bind_id’,’cn=admin, dc=mytest,dc=com’);
There is a section where you need to search for the “hidetemplatewarning” attribute. We want to set this value to “true” to help hust avoid some disturbing warnings that are not useful.
$config->custom->appearance [‘hide_template_warning’] = true;
Save the file and close it.
Log Into the Web Interface
You can go to your IP address or domain name to have access, followed by “/phpldapadmin” in your web browser:
Click on the “login” link on the left side.
You will receive a prompt. Your login domain name should be in the login box if you installed and configured it very well. In our case, this would be “cn=admin,dc=mytest,dc=com”.
The screenshot will look like this:
Enter the password you chose during the configuration of “slapd”.
The interface you will be presented with will look like this:
If you click the plus sign where the arrow is facing, the admin login we used will be made visible to you.