LDAP, or Lightweight Directory Access Protocol, is a protocol for managing related information from a centralized location through the use of a file and directory hierarchy.
It functions in a similar way to a relational database in certain ways, and can be used to organize and store any kind of information. LDAP is commonly used for centralized authentication.
In this guide, we will cover how to install and configure an OpenLDAP server on an Ubuntu 12.04 VPS. We will populate it with some users and groups.
The data model (data and namespace) of LDAP is similar to that of the X.500 OSI directory service, but with lower resource requirements. The associated LDAP API simplifies writing Internet directory service applicationsThe data model (data and namespace) of LDAP is similar to that of the X.500 OSI directory service, but with lower resource requirements. The associated LDAP API simplifies writing Internet directory service applications.
Now, we will install OpenLDAP.
$sudo apt-get update $sudo apt-get install slapd lap-utils
Then we install with username and password of admin LDAP in configuration.
After we finish to install LDAP, we can reconfig it with command:
$sudo dpkg-reconfigure slapd
We can select many options and change each parameter through their questions:
- Omit OpenLDAP server configuration? No
- DNS domain name?
- In here we will create path for folder
- We select domain name: test.com
- Organization name?
We select: test.
- Password admin?
We can the old password that you have just configured or create a new password.
- Remove the database when slapd is purged? No
- Move old database? Yes
- Allow LDAPv2 protocol? No
- Database backend to use? HDB
– After that, we need to install PHPldapadmin.
LDAP will manager on interface website with name is PHPldapadmin. It is packet default on Ubuntu.
Install with command:
$sudo apt-get install phpldapadmin
We need to configure some parameters in this config file. Open file with root permission:
$sudo nano /etc/phpldapadmin/config.php
Find and change some parameters on it:
We will have to convert it into a format that LDAP can understand by separating each domain name by dots.
These components are giving value to the variable ” dc “.
If your DNS domain name is “example.demo.com”, the value dc is: “dc=examlpe,dc=demo,dc=com”. Here, we select domain name “test.com”.
Delete comment in line have value:
$config->custom->appearance['hide_template_warning'] = true;
– We can login on this website:
Example: Domain name: test..com we will login with path: test.com/phpldapadmin or ip_domain/ phpldapadmin
After successful login, we can see this screen.
– Create Organizational Units, Groups, and Users
1.Create Organizational Units
– Create groups and users
Click “Create new entry here”.
Select: “Generic: Organizational Unit”.
-Create organizational name
We need save this configuration by commit.
After that, we can see our entry now.
We will do the same with a new organization named “users”
After all, we will see:
2. Create Groups:
We will create 3 groups with deferent permission, they are: “admin” , “irc” and “user”. If you want create group in group organization. You click “Group”. Then, you will select “Create a child entry” in group.
Next, you select “Generic: Posix Group”.
Change group name. Then select “Create Object”
After we finish create 3 groups we will see:
And these information
3. Create Users
Next, we will create user for groups. Click “ou=users”.then click “Create a child entry”.Select “Generic: User Account”.
After that, we fill some information for this user.
Click “Create Object” to finish this step.
– Click “Copy or move this entry” to make another same user.
– Put “cn=….” is a new username. After that, we press “Copy”.
To config uidNumber. We choose “Create Object”.
4. Add users vào groups
To add user to a group, we click group then choose “Add new attribute”:
Plus, we can reconfig user information:
We can change a member in group by choose “modify group members”
You should now have a basic LDAP server set up with a few users and groups. You can expand this information and add all of the different organizational structures to replicate the structure of your business.
Have a nice day you guys! 🙂