i Install LDAP Server on Ubuntu – All things in moderation

Install LDAP Server on Ubuntu

LDAP, or Lightweight Directory Access Protocol, is a protocol for managing related information from a centralized location through the use of a file and directory hierarchy.

It functions in a similar way to a relational database in certain ways, and can be used to organize and store any kind of information. LDAP is commonly used for centralized authentication.

In this guide, we will cover how to install and configure an OpenLDAP server on an Ubuntu 12.04 VPS. We will populate it with some users and groups.

The data model (data and namespace) of LDAP is similar to that of the X.500 OSI directory service, but with lower resource requirements. The associated LDAP API simplifies writing Internet directory service applicationsThe data model (data and namespace) of LDAP is similar to that of the X.500 OSI directory service, but with lower resource requirements. The associated LDAP API simplifies writing Internet directory service applications.

Now, we will install OpenLDAP.

$sudo apt-get update
$sudo apt-get install slapd lap-utils
 

Then we install with username and password of admin LDAP in configuration.
After we finish to install LDAP, we can reconfig it with command:

$sudo dpkg-reconfigure slapd

We can select many options and change each parameter through their questions:

  1. Omit OpenLDAP server configuration? No
  2. DNS domain name?
    • In here we will create path for folder
    • We select domain name: test.com
  3. Organization name?
    We select: test.
  4. Password admin?
    We can the old password that you have just configured or create a new password.

    1. Remove the database when slapd is purged? No
    2. Move old database? Yes
    3. Allow LDAPv2 protocol? No
  5. Database backend to use? HDB

– After that, we need to install PHPldapadmin.
LDAP will manager on interface website with name is PHPldapadmin. It is packet default on Ubuntu.
Install with command:

$sudo apt-get install phpldapadmin

We need to configure some parameters in this config file. Open file  with root permission:

$sudo nano /etc/phpldapadmin/config.php

Find and change some parameters on it:

$servers->setValue('server','host','domain_name_or_IP_address');


We will have to convert it into a format that LDAP can understand by separating each domain name by dots.
These components are giving value to the variable  ” dc “.

If your DNS domain name is “example.demo.com”, the value dc is: “dc=examlpe,dc=demo,dc=com”. Here, we select domain name “test.com”.

$servers->setValue('server','base',array('dc=test,dc=com'));

Next:

$servers->setValue('login','bind_id','cn=admin,dc=test,dc=com');

Delete comment in line have value:

$config->custom->appearance['hide_template_warning'] = true;

Save file.

– We can login on this website:
Domain_name_or_ip_domain/phpldapadmin

Example: Domain name: test..com we will login with path: test.com/phpldapadmin or ip_domain/ phpldapadmin

set up ldap
Click “login”.
Form login:
set up ldap

After successful login, we can see this screen.

set up ldap

– Create Organizational Units, Groups, and Users
1.Create Organizational Units
– Create groups and users
Click “Create new entry here”.
set up ldap

Select: “Generic: Organizational Unit”.
-Create organizational  name

set up ldap

 

We need save this configuration by commit.
set up ldap
After that, we can see our entry now.

set up ldap

We will do the same with a new organization named “users”
After all, we will see:

set up ldap

2. Create Groups:
We will create 3 groups with deferent permission, they are: “admin” , “irc” and “user”. If you want create group in group  organization. You click “Group”. Then, you will select “Create a child entry” in group.

set up ldap
Next, you select “Generic: Posix Group”.
set up ldap

Change group name. Then select “Create Object”
set up ldap

After we finish create 3 groups we will see:
set up ldap

And these information

: set up ldap

3. Create Users

Next, we will create user for groups.  Click  “ou=users”.then click “Create a child entry”.Select “Generic: User Account”.

set up ldap

After that, we fill some information for this user.

set up ldap

Click “Create Object” to finish this step.

– Click “Copy or move this entry” to make another same user.
set up ldap
– Put “cn=….” is a new username. After that, we press “Copy”.
set up ldap

To config uidNumber. We choose “Create  Object”.

4. Add users vào groups

To add user to a group, we click group then choose “Add new attribute”:

set up ldap

Choose “memberUid”

set up ldap

Plus, we can reconfig user information:

set up ldap

 

We can change a member in group by choose “modify group members”

set up ldap

You should now have a basic LDAP server set up with a few users and groups. You can expand this information and add all of the different organizational structures to replicate the structure of your business.
Have a nice day you guys! 🙂

Leave a Reply