原文链接

OpenLDAP is a free open source Light Weight Directory Access protocol developed by the OpenLDAP project. It is a platform independent protocol, so that it runs on all Linux/Unix like systems, Windows, AIX, Solaris and Android.

In this tutorial i am gonna to show you how to install and configure OpenLDAP server in Ubuntu 12.10 server. Though it is tested on Ubuntu 12.10, it may work on Debian too. In this how-to my testbox details are given below.

Operating System : Ubuntu 12.10 Server
Hostname         : server.unixmen.com
IP Address       : 192.168.1.200

Replace the above values with your own scenario.

Install OpenLDAP in Ubuntu 12.10 server

unixmen@server:~$ sudo apt-get install slapd ldap-utils

During the installtion it will ask the password for LDAP admin account. Enter your admin password here.

enterpassword

Re-enter the password.

reenterpassword

Configure OpenLDAP

Open the “/etc/ldap/ldap.conf” file and find and edit the lines as shown below with your domain name and IP Address.

unixmen@server:~$ sudo vi /etc/ldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE    dc=unixmen,dc=com
URI     ldap://192.168.1.200
#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never
# TLS certificates (needed for GnuTLS)
TLS_CACERT      /etc/ssl/certs/ca-certificates.crt

Run the Configuration assistant.

unixmen@server:~$ sudo dpkg-reconfigure slapd

The following screen should appear. Select “No” and press Enter.

configslapd

Enter the DNS domain name.

enter dns domain

Enter the Organization name(i.e your company name).

organization name

Enter the LDAP admin password(This is a new config, so the password could be different from which you created in the earlier step).

enter password

Re-enter the password.

confirm password

Select the backend database.

Select the backend database.

Select Yes to delete the database automatically when we are planning to remove LDAP server.

Select Yes to delete the database automatically when we are planning to remove LDAP server.

Select Yes to move old database.

Select Yes to move old database.

Select No and Press Enter.

not allow ldapv2 protocol

LDAP server is up and running now.

Test LDAP server

Enter the following command “ldapsearch -x”, then you will have the following result.

unixmen@server:~$ ldapsearch -x
# extended LDIF
#
# LDAPv3
# base <dc=unixmen,dc=com> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# unixmen.com
dn: dc=unixmen,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: unixmen
dc: unixmen

# admin, unixmen.com
dn: cn=admin,dc=unixmen,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

LDAP Server Administration

本博客主要使用LDAP Admin,请参考使用LDAP Admin管理OpenLDAP

phpldapadmin Debian系统中已经移除,可以自行安装,有如下几个注意点:

具体使用参考原文链接

文章目录
  1. 1. Install OpenLDAP in Ubuntu 12.10 server
  2. 2. Configure OpenLDAP
  3. 3. Test LDAP server
  4. 4. LDAP Server Administration