<h3>Step by Step Installation and Configuration OpenLDAP Server</h3>
Software: OS-Cent OS 4.4, openldap 2.2.13-6.4E<br>
Domain name: adminmart.com<br>
System IP: 192.168.1.212<br>
<br>
<b>Note:</b> Use your domain name and IP instead of adminmart<br>
<br>
<h3>Create VPS with OpenLDAP</h3>Create, Install vps with the following information<br>- vpsid : 212<br>- vpsip : 192.168.1.212<br>- vpsname : ldap<br>- vpshostname : ldap<br><br><b>'''Note:</b> Please run these commands on hardware node<br><code> vzctl create 212 --ostemplate centos-4-i386-minimal<br> vzctl set 212 --ipadd 192.168.1.212 --save<br> vzctl set 212 --nameserver 202.88.156.6 --save<br> vzctl set 212 --onboot yes --save<br> vzctl set 212 --userpasswd root:changeme --save<br> vzctl set 212 --''' Use your domain name ldap --save<br> vzctl set 212 --hostname ldap --save<br> vzctl start 212<br> vzyum 212 install *openldap* -y<br></code><h3>Configuration and IP instead of OpenLDAP Server</h3><b>Easy steps for adding users:</b>1. Create unix user<br>2. Create unix user's ldap passwd file<br>3. Convert passwd.file to ldif file<br>4. Add ldap file to LDAP Directory using ldapadd<br><h4>Step #1. Requirements</h4>compat-openldap.i386 0:2.1.30-6.4E<br>openldap-clients.i386 0:2.2.13-6.4E<br>openldap-devel.i386 0:2.2.13-6.4E<br>openldap-servers.i386 0:2.2.13-6.4E<br>openldap-servers-sql.i386 0:2.2.13-6.4E<br><br><br>You can install them using the command:<br><br> yum install *openldap* -y <br>adminmart
<h4>Step == Create container with OpenLDAP ==Create a container with the following settings:* ctid: 212* IP address: 192.168.1.212* name: ldap* hostname: ldap Run these commands on the hardware node: vzctl create 212 --ostemplate centos-4-i386-minimal vzctl set 212 --ipadd 192.168.1.212 --save vzctl set 212 --nameserver 202.88.156.6 --save vzctl set 212 --onboot yes --save vzctl set 212 --userpasswd root:changeme --save vzctl set 212 --name ldap --save vzctl set 212 --hostname ldap --save vzctl start 212 vzyum 212 install *openldap* -y == Configuration of OpenLDAP Server ==Easy steps for adding users:# Create unix user#Create unix user's ldap passwd file# Convert passwd.file to ldif file# Add ldap file to LDAP Directory using ldapadd === Requirements === compat-openldap.i386 0:2.1.30-6.4E openldap-clients.i386 0:2.2.13-6.4E openldap-devel.i386 0:2.2.13-6.4E openldap-servers.i386 0:2. 2.13-6.4E openldap-servers-sql.i386 0:2.2.13-6.4E You can install them using the command: yum install *openldap* -y === Start the service</h4>===<code> [root@ldap ~]# chkconfig --levels 235 ldap on<br>
[root@ldap ~]# service ldap start <br>
</code><h4>Step #3. === Create LDAP root user password</h4>===<code> [root@ldap ~]# slappasswd<br> New password:<br> Re-enter new password:<br> {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW<br>
[root@ldap ~]#
</code>
<h4>Step #4. Update /etc/openldap/slapd.conf for the root password</h4>
<code>
[root@ldap ~]# vi /etc/openldap/slapd.conf<br>
#68 database bdb<br>
#69 suffix "dc=adminmart,dc=com"<br>
#70 rootdn "cn=Manager,dc=adminmart,dc=com"<br>
#71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW</code>
<h4>Step === Update /etc/openldap/slapd.conf for the root password === [root@ldap ~]#5vi /etc/openldap/slapd. conf #68 database bdb #69 suffix "dc=adminmart,dc=com" #70 rootdn "cn=Manager,dc=adminmart,dc=com" #71 rootpw {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW === Apply Changes</h4>===<code>
[root@ldap ~]# service ldap restart
</code>
<h4>Step #6. === Create test users</h4>===<code> [root@ldap ~]# useradd test1<br> [root@ldap ~]# passwd test1<br> Changing password for user test1.<br> New UNIX password:<br> Retype new UNIX password:<br> passwd: all authentication tokens updated successfully.<br> [root@ldap ~]# useradd test2<br> [root@ldap ~]# passwd test2<br> Changing password for user test2.<br> New UNIX password:<br> Retype new UNIX password:<br> passwd: all authentication tokens updated successfully.<br> [root@ldap ~]#<br> </code><br><b>'''Note:</b> ''' Repeat the same for the rest of users <br>.
<h4>Step #7. === Migrate local users to LDAP</h4><code> [root@ldap ~]# grep root /etc/passwd > /etc/openldap/passwd.root<br> [root@ldap ~]# grep test1 /etc/passwd > /etc/openldap/passwd.test1<br> [root@ldap ~]# grep test2 /etc/passwd > /etc/openldap/passwd.test2<br></code><br><b>Note:</b> Repeat the same for the rest of users<br>===
<h4>Step [root@ldap ~]#8. Update default settings on file grep root /etc/usrpasswd > /shareetc/openldap/migration/migrate_commonpasswd.ph</h4>root [root@ldap ~]#71 $DEFAULT_MAIL_DOMAIN = "adminmartgrep test1 /etc/passwd > /etc/openldap/passwd.com";<br>test1 [root@ldap ~]#74 $DEFAULT_BASE = "dc=adminmart,dc=com";<brgrep test2 /etc/passwd >/etc/openldap/passwd.test2
<h4>Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file </h4><code> [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif<br> [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif<br> [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif<br></code><br><b>'''Note:</b> ''' Repeat the same for the rest of users<br>.
<h4>Step #10. Update root.ldif file for the "Manager" of LDAP Server </h4><code> [root@ldap ~]# vi /etc/openldap/root.ldif<br> #1 dn: uid=root,ou=People,dc=adminmart,dc=com<br> #2 uid: root<br> #3 cn: Manager<br> #4 objectClass: account<br><Update default settings on file /code><h4>Step #11. Create a domain ldif file (usr/etcshare/openldap/adminmart.com.ldif)</h4><code> [root@ldap ~]# cat migration/etc/openldap/adminmart.commigrate_common.ldif<br> dn: dc=adminmart,dc=com<br> dc: adminmart<br> description: LDAP Admin<br> objectClass: dcObject<br> objectClass: organizationalUnit<br> ou: rootobject<br> <br> dn: ouph =People, dc=adminmart,dc=com<br> ou: People<br> description: Users of adminmart<br> objectClass: organizationalUnit<br></code> <h4>Step #12. Import all users in to the LDAP</h4><b>Add the Domain ldif file </b><br><br><code>
[root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldif<br> Enter LDAP Password:<br> adding new entry "dc=adminmart,dc=com"<br> adding new entry "ou=People, dc=adminmart,dc=com"<br> [root@ldap ~]#<br></code><br><br><b>Add the Users</b><br><br><code> [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/root.ldif<br> Enter LDAP Password:<br> adding new entry "uid=root,ou=People,dc=adminmart,dc71 $DEFAULT_MAIL_DOMAIN =com"<br> adding new entry "uid=operator,ou=People,dc=adminmart,dc=com"<br> [root@ldap ~]#<br> <br> [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test1.ldif<br> Enter LDAP Password:<br> adding new entry "uid=test1,ou=People,dc=adminmart,dc=com"<br> [root@ldap ~]#<br> <br>; [root@ldap ~]# ldapadd -x -D "cn74 $DEFAULT_BASE =Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test2.ldif<br> Enter LDAP Password:<br> adding new entry "uid=test2,ou=People,dc=adminmart,dc=com"<br> [root@ldap ~]#<br></code><br><b>Note:</b> Repeat the same for the rest of users<br>;
<h4>Step === Convert passwd.file to ldif (LDAP Data Interchange Format) file === [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif [root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif '''Note:''' Repeat the same for the rest of users. === Update root.ldif file for the "Manager" of LDAP Server === [root@ldap ~]# vi /etc/openldap/root.ldif #1 dn: uid=root,ou=People,dc=adminmart,dc=com #2 uid: root #3 cn: Manager #4 objectClass: account === Create a domain ldif file (/etc/openldap/adminmart.com.ldif) === [root@ldap ~]# cat /etc/openldap/adminmart.com.ldif dn: dc=adminmart,dc=com dc: adminmart description: LDAP Admin objectClass: dcObject objectClass: organizationalUnit ou: rootobject dn: ou=People, dc=adminmart,dc=com ou: People description: Users of adminmart objectClass: organizationalUnit === Import all users in to the LDAP === Add the Domain ldif file: [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/adminmart.com.ldif Enter LDAP Password: adding new entry "dc=adminmart,dc=com" adding new entry "ou=People, dc=adminmart,dc=com" [root@ldap ~]# Add the Users: [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/root.ldif Enter LDAP Password: adding new entry "uid=root,ou=People,dc=adminmart,dc=com" adding new entry "uid=operator,ou=People,dc=adminmart,dc=com" [root@ldap ~]# [root@ldap ~]# ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test1.ldif Enter LDAP Password: adding new entry "uid=test1,ou=People,dc=adminmart,dc=com" [root@ldap ~]# [root@ldap ~]#13ldapadd -x -D "cn=Manager,dc=adminmart,dc=com" -W -f /etc/openldap/test2. ldif Enter LDAP Password: adding new entry "uid=test2,ou=People,dc=adminmart,dc=com" [root@ldap ~]# '''Note:''' Repeat the same for the rest of users. === Apply Changes </h4>===<code> [root@ldap ~]# service ldap restart</code> <br> === Test LDAP Server ===
<h4>Step #14. Test LDAP Server</h4>
It prints all the user information<br>
<br><code> [root@ldap ~]# ldapsearch -x -b 'dc=adminmart,dc=com' '(objectclass=*)'</code> <br><br><br><h3>== LDAP Client Configuration</h3>==<code> [root@ldapclient ~]# authconfig </code><br><b> :: [*] Use LDAP [*] Use LDAP Authentication </b><br> <br> [(Both should be checked]<br>) <br><b> :: [ ] Use TLS <br> :: Server: ldap.adminmart.com<br> :: Base DN: dc=adminmart,dc=com<br></b><br><br>
[[Category:HOWTO]]