Tuesday, November 8, 2011

How to install LDAP Server

Lightweight Directory Access Protocol (LDAP) is a network protocol for accessing and manipulating information stored in a directory.
Services built on the LDAP protocol are used to serve a wide range of information. The protocol is well-suited to serving information that must be highly available and accessible, but does not change frequently. 
Common applications include:
  1. Centralization of user and group information as part of Single Sign On (SSO).
  2. Authenticate users in a web application.
  3. Create a shared address directory for mail agents.
  4. Authenticate users locally.

Well, I use LDAP to authenticate users in a web application for my work's project.

To install OpenLDAP on Ubuntu, type the next command in terminal or watch this video

  1. sudo apt-get install slapd ldap-utils;
  2. type your root's password;
  3. type 'y';
After the installation is completed, type "ldapsearch -Y EXTERNAL -H ldapi:// -b cn=config". This command should return 10-15 entries and is a good check to make sure the installation is basically functional.
In video, you can see 11 entries what means the installation is basically functional and also can follow the next steps:

  1. Type command "dpkg-reconfigure slapd";
  2. Choose 'No';
  3. Type any DNS domain name (e.g. sunsetsoftware.net);
  4. Type organization's name (e.g. Sunset Software);
  5. Type administrator's password of DNS domain name inserted on step #3;
  6. Confirm password inserted on step #5;
  7. Choose 'BDB' the database backend to use;
  8. Choose 'No';
  9. Choose 'Yes';
  10. Choose 'No';
  11. Type command "ldapsearch -x -b dc=sunsetsoftware,dc=net"
Now, you have to create a file ldif to populating database. I created a file called "xpto.ldif" and content is:

dn: ou=Group,dc=sunsetsoftware,dc=net
ou: Group
objectClass: organizationalUnit

Exit and save the file ldif on somewhere as you wish. Then, type the next command on terminal:
  • ldapadd -x -W -D "cn=admin,dc=sunsetsoftware,dc=net" -f /home/peter/Documents/xpto.ldif
  • Enter your ldap's password;
And, voilá! Congratulations! You already added new entry to tree dc=sunsetsoftware,dc=net. You can confirm or add more entries. 

1 comment:

  1. ldapadd -x -W -D "cn=manager,dc=sunsetsoftware,dc=net" -f /home/peter/Documents/xpto.ldif