LDAP an abbreviated term for Lightweight Directory Access Protocol enables central user, group, domain with authentication and information storage.
With LDAP, users get the capability to login and authenticate not depending on their physical location, provided they are connected to the network.
This article would help you with installation, configuration of LDAP and the addition of users or groups.
Here, for reference, the LDAP server is situated at 213.175.xxx.x. Every machine within the network is capable of resolving the host name ldap to 213.175.xxx.x. And the LDAP server would be managing the domain-name InslyHost.com.
How to set-up an LDAP server ? #
Certain packages need to be installed onto the server beforing proceeding with the set-up of LDAP server :
# apt-get install slapd ldap-utils migrationtools
You need to give answer to couple of questions and then re-configure slapd in order to have dpkg ask couple of more questions.
Omit OpenLDAP server configuration? No
DNS domain name: InslyHost.com
Name of your organization:InslyHost
Admin Password: *****
Confirm Password: *****
Do you want your database to be removed when slapd is purged? No
Move old database? Yes
Allow LDAPv2 Protocol? No
Here, the domain has been set-up and the admin user as ‘admin’
Use the below command to check whether you are able to access the ldap server :
$ ldapsearch -x -b dc=InslyHost,dc=com
There is a possibility where you get the following error :
ldap_bind: Can’t contact LDAP server (-1)
In that case, you need to check if the server is running, making use of the following command would start it.
# /etc/init.d/slapd start
Doing so would start the server and you can proceed with adding users and groups to the LDAP database.
By making use of the migrationtools, it becomes simpler to import every existing user and groups from the local system to LDAP.
You must edit the default migrationtool’s configuration file ie. migrate_common.ph by replacing the below parameters with :
$DEFAULT_MAIL_DOMAIN = “InslyHost.com”;
$DEFAULT_BASE = “dc=InslyHost,dc=comd”;
Then proceeding with exporting the values:
# ./migrate_group.pl /etc/group ~/group.ldif
# ./migrate_passwd.pl /etc/passwd ~/passwd.ldif
NOTE : This script would not create the Group and People nodes, therefore it needs to be created by creating a file named ~/people_group.ldif and populating it with the following :
dn: ou=People, dc=InslyHost, dc=com
dn: ou=Group, dc=InslyHost, dc=com
This would convert the users and the groups in an LDAP ldif format. Then, you must proceed with importing them to the LDAP database.
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/people_group.ldif
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/group.ldif
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/passwd.ldif
x : specifies that an ssl is not been used
W : prompting for password
D : specifies the identification of administrator
f : to specify the file where ldapadd should find the data to add
This concludes the set-up of the LDAP server which is now capable of identifying the users.
Like this post ?
Share on your Social Networking Profile ( Facebook, Twitter & Google+ ) and get a flat 10% Recurring discount on our VPS Hosting and Dedicated Servers.
Email us the shared link at : [email protected]nslyHost.com or speak to our live chat operator now, by clicking on the “Live Chat” Scroller on the left-hand side of this page and we will provide you with the discount Coupon right away!