Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

OpenLDAP Server in container

4,609 bytes added, 19:10, 10 February 2007
New page: <h3>Step by Step Installation and Configuration OpenLDAP Server</h3> Software: OS-Cent OS 4.4, openldap 2.2.13-6.4E System name: ldap.adminmart.com Domain name: adminmart.com System IP: 1...
<h3>Step by Step Installation and Configuration OpenLDAP Server</h3>

Software: OS-Cent OS 4.4, openldap 2.2.13-6.4E
System name: ldap.adminmart.com
Domain name: adminmart.com
System IP: 192.168.1.212

Note: Use your domain name and IP instead of adminmart

Easy steps for adding users:
1. Create unix user
2. Create unix user's ldap passwd file
3. Convert passwd.file to ldif file
4. Add ldap file to LDAP Directory using ldapadd

Step #1. Requirements

compat-openldap.i386 0:2.1.30-6.4E
openldap-clients.i386 0:2.2.13-6.4E
openldap-devel.i386 0:2.2.13-6.4E
openldap-servers.i386 0:2.2.13-6.4E
openldap-servers-sql.i386 0:2.2.13-6.4E


You can install them using the command:

yum install *openldap* -y


Step #2. Start the service

<code>[root@ldap ~]# chkconfig --levels 235 ldap on
[root@ldap ~]# service ldap start
</code>
Step #3. Create LDAP root user password

<code>[root@ldap ~]# slappasswd
New password:
Re-enter new password:
{SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW
[root@ldap ~]#</code>
Step #4. Update /etc/openldap/slapd.conf for the root password

<code>[root@ldap ~]# vi /etc/openldap/slapd.conf
#68 database bdb
#69 suffix "dc=adminmart,dc=com"
#70 rootdn "cn=Manager,dc=adminmart,dc=com"
#71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW</code>
Step #5. Apply Changes

<code>[root@ldap ~]# service ldap restart</code>
Step #6. Create test users

<code>[root@ldap ~]# useradd test1
[root@ldap ~]# passwd test1
Changing password for user test1.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@ldap ~]# useradd test2
[root@ldap ~]# passwd test2
Changing password for user test2.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@ldap ~]#
</code>
Note: Repeat the same for the rest of users
Step #7. Migrate local users to LDAP

<code>[root@ldap ~]# grep root /etc/passwd > /etc/openldap/passwd.root
[root@ldap ~]# grep test1 /etc/passwd > /etc/openldap/passwd.test1
[root@ldap ~]# grep test2 /etc/passwd > /etc/openldap/passwd.test2
</code>
Note: Repeat the same for the rest of users
Step #8. Update default settings on file /usr/share/openldap/migration/migrate_common.ph

#71 $DEFAULT_MAIL_DOMAIN = "adminmart.com";
#74 $DEFAULT_BASE = "dc=adminmart,dc=com";
Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file

<code>[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif
[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif
[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif
</code>
Note: Repeat the same for the rest of users
Step #10. Update root.ldif file for the "Manager" of LDAP Server

[root@ldap ~]# vi /etc/openldap/root.ldif
#1 dn: uid=root,ou=People,dc=adminmart,dc=com
#2 uid: root
#3 cn: Manager
#4 objectClass: account

Step #11. Create a domain ldif file (/etc/openldap/adminmart.com.ldif)

[root@ldap ~]# cat /etc/openldap/adminmart.com.ldif
dn: dc=adminmart,dc=com
dc: adminmart
description: LDAP Admin
objectClass: dcObject
objectClass: organizationalUnit
ou: rootobject

dn: ou=People, dc=adminmart,dc=com
ou: People
description: Users of adminmart
objectClass: organizationalUnit

Step #12. Import all users in to the LDAP

Add the Domain ldif file

<code>[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldif
Enter LDAP Password:
adding new entry "dc=adminmart,dc=com"
adding new entry "ou=People, dc=adminmart,dc=com"
[root@ldap ~]#
</code>

Add the Users

<code>[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/root.ldif
Enter LDAP Password:
adding new entry "uid=root,ou=People,dc=adminmart,dc=com"
adding new entry "uid=operator,ou=People,dc=adminmart,dc=com"
[root@ldap ~]#

[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test1.ldif
Enter LDAP Password:
adding new entry "uid=test1,ou=People,dc=adminmart,dc=com"
[root@ldap ~]#

[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test2.ldif
Enter LDAP Password:
adding new entry "uid=test2,ou=People,dc=adminmart,dc=com"
[root@ldap ~]#

</code>
Note: Repeat the same for the rest of users

Step #13. Apply Changes

<code>[root@ldap ~]# service ldap restart</code>

Step #14. Test LDAP Server
It prints all the user information

<code>[root@ldap ~]# ldapsearch -x -b 'dc=adminmart,dc=com' '(objectclass=*)'</code>



[[Category:HOWTO]]
4
edits