how to configure OPEN LDAP SERVER in centos

network

Step #1. Requirements

compat-openldap.i386 0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E
yum install *openldap* -y
Step #2. Start the service

chkconfig –levels 235 ldap on
service ldap start
Step #3. Create LDAP root user password

# slappasswd

New password:
Re-enter new password:
{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW

Step #4. Update /etc/openldap/slapd.conf for the root password

vi /etc/openldap/slapd.conf

#68 database bdb
#69 suffix “dc=adminmart,dc=com”
#70 rootdn “cn=Manager,dc=adminmart,dc=com”
#71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW

Step #5. Apply Changes

service ldap restart
Step #6. Create scalebuzz users

useradd scalebuzz1
passwd scalebuzz1

Changing password for user scalebuzz1.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

useradd scalebuzz2
passwd scalebuzz2
Changing password for user scalebuzz2.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Step #7. Migrate local users to LDAP

grep root /etc/passwd > /etc/openldap/passwd.root
grep test1 /etc/passwd > /etc/openldap/passwd.test1
grep test2 /etc/passwd > /etc/openldap/passwd.test2

Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file

/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif
/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.scalebuzz1 /etc/openldap/scalebuzz.ldif
/usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.scalebuzz2 /etc/openldap/scalebuzz2.ldif

Step #10. Update root.ldif file for the “Manager” of LDAP Server

vi /etc/openldap/root.ldif

#1 dn: uid=root,ou=People,dc=adminmart,dc=com
#2 uid: root
#3 cn: Manager
#4 objectClass: account
Step #11. Create a domain ldif file (/etc/openldap/adminmart.com.ldif)

[root@ldap ~]# cat /etc/openldap/adminmart.com.ldif

dn: dc=adminmart,dc=com
dc: adminmart
description: LDAP Admin
objectClass: dcObject
objectClass: organizationalUnit
ou: rootobject
dn: ou=People, dc=adminmart,dc=com
ou: People
description: Users of adminmart
objectClass: organizationalUnit
Step #12. Import all users in to the LDAP

Add the Domain ldif file

[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=adminmart,dc=com” -W -f /etc/openldap/adminmart.com.ldif

Enter LDAP Password:
adding new entry “dc=adminmart,dc=com”
adding new entry “ou=People, dc=adminmart,dc=com”
Add the users:

[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=adminmart,dc=com” -W -f /etc/openldap/root.ldif

Enter LDAP Password:
adding new entry “uid=root,ou=People,dc=adminmart,dc=com”
adding new entry “uid=operator,ou=People,dc=adminmart,dc=com”
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=adminmart,dc=com” -W -f /etc/openldap/test1.ldif

Enter LDAP Password:
adding new entry “uid=test1,ou=People,dc=adminmart,dc=com”
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=adminmart,dc=com” -W -f /etc/openldap/test2.ldif

Enter LDAP Password:
adding new entry “uid=test2,ou=People,dc=adminmart,dc=com”

Step #13. Apply Changes

[root@ldap ~]# service ldap restart
Step #14. Test LDAP Server

It prints all the user information:

[root@ldap ~]# ldapsearch -x -b ‘dc=adminmart,dc=com’ ‘(objectclass=*)’

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>