Hello Steemians,
this is part #2 of my series about LDAP on Ubuntu / Debian.
Today we'll install and configure the LDAP server itself.
First we need to install the server and a utility package for communicating with the server in the command line by executing:
sudo apt install slapd ldap-utils
The installation will ask us to enter a admin password, but as we will reconfigure it later anyway, we can just skip through that.
Then we need to reconfigure slapd: sudo dpkg-reconfigure slapd
We then answer the prompts like this:
- Omit OpenLDAP server configuration?
- No (This would skip the configuration)
- DNS domain name:
- sub.example.net (The domain of the LDAP server)
- Organization name:
- torrid (Just a name for the LDAP top level entry)
- Administrator password:
- secret (The new admin password)
- Database backend:
- MDB (The other two are deprecated)
- Do you want the database to be removed when slapd is purged?
- No (You probably don't want to lose all your users if someone removes slapd for some reason.)
- Move old database?
- Yes (Like it says, it may fail otherwise)
Next we need to configure the ldap command line client.
To do that we edit /etc/ldap/ldap.conf and change it to contain the following:
BASE dc=sub,dc=example,dc=net
URI ldap://localhost
URI tells the client where to look for our ldap server by default, and as we are on that machine, we just use localhost.
BASE set's the default search base of the client. Here we need to enter the LDAP base.
Now we can test the LDAP server with the following command:
ldapsearch -x -W -D cn=admin,dc=sub,dc=example,dc=net
The arguments -x -W mean, that we want to use simple authentication and want to be prompted for the password.
With the argument -D we specify the user we want to authenticate with. Here we are using the admin of our Server.
The result of this should look something like this:
# extended LDIF
#
# LDAPv3
# base <dc=sub,dc=example,dc=net> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# sub.example.net
dn: dc=sub,dc=example,dc=net
objectClass: top
objectClass: dcObject
objectClass: organization
o: torrid
dc: sub
# admin, sub.example.net
dn: cn=admin,dc=sub,dc=example,dc=net
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9enZ6RWxCM2RmMWM4R3NTZC9Ld1FXOHdLQ0pFQWhnaFI=
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
I hope this post was helpful
Torrid Spectra
Congratulations @torrid! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOPDownvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @torrid! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
Click here to view your Board
If you no longer want to receive notifications, reply to this comment with the word
STOPDownvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @torrid! You received a personal award!
Click here to view your Board
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @torrid! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit