Setup an LDAP server

LDAP an abbreviated term for Lightweight Directory Access Protocol enables central user, group, domain with authentication and information storage.
With LDAP, users get the capability to login and authenticate not depending on their physical location, provided they are connected to the network.
This article would help you with installation, configuration of LDAP and the addition of users or groups.
Here, for reference, the LDAP server is situated at Every machine within the network is capable of resolving the host name ldap to And the LDAP server would be managing the domain-name

How to set-up an LDAP server ? #

Certain packages need to be installed onto the server beforing proceeding with the set-up of LDAP server :

# apt-get install slapd ldap-utils migrationtools

You need to give answer to couple of questions and then re-configure slapd in order to have dpkg ask couple of more questions.

#dpkg-reconfigure slapd

Omit OpenLDAP server configuration?  No
DNS domain name:
Name of your organization:InslyHost
Admin Password: *****
Confirm Password: *****
Do you want your database to be removed when slapd is purged? No
Move old database? Yes
Allow LDAPv2 Protocol? No

Here, the domain has been set-up and the admin user as ‘admin’

Use the below command to check whether you are able to access the ldap server :

$ ldapsearch -x -b dc=InslyHost,dc=com

There is a possibility where you get the following error :
ldap_bind: Can’t contact LDAP server (-1)

In that case, you need to check if the server is running, making use of the following command would start it.

# /etc/init.d/slapd start

Doing so would start the server and you can proceed with adding users and groups to the LDAP database.

By making use of the migrationtools, it becomes simpler to import every existing user and groups from the local system to LDAP.

#cd /usr/share/migrationtools/

You must edit the default migrationtool’s configuration file ie. by replacing the below parameters with :

$DEFAULT_BASE = “dc=InslyHost,dc=comd”;

Then proceeding with exporting the values:

# ./ /etc/group ~/group.ldif
# ./ /etc/passwd ~/passwd.ldif

NOTE : This script would not create the Group and People nodes, therefore it needs to be created by creating a file named ~/people_group.ldif and populating it with the following :

dn: ou=People, dc=InslyHost, dc=com
ou: People
objectclass: organizationalUnit

dn: ou=Group, dc=InslyHost, dc=com
ou: Group
objectclass: organizationalUnit

This would convert the users and the groups in an LDAP ldif format. Then, you must proceed with importing them to the LDAP database.

# cd
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/people_group.ldif
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/group.ldif
# ldapadd -x -W -D “cn=admin,dc=InslyHost,dc=com” -f ~/passwd.ldif

Note :

: specifies that an ssl is not been used

W : prompting for password
D : specifies the identification of administrator
f : to specify the file where ldapadd should find the data to add
This concludes the set-up of the LDAP server which is now capable of identifying the users.


Like this post ?

Share on your Social Networking Profile ( Facebook, Twitter & Google+ ) and get a flat 10% Recurring discount on our VPS Hosting and Dedicated Servers.

Email us the shared link at : [email protected] or speak to our live chat operator now, by clicking on the “Live Chat” Scroller on the left-hand side of this page and we will provide you with the discount Coupon right away!

Powered by BetterDocs