LDAP, Ubuntu

Ubuntu: LDAP – Install, Configure & Test

by nasrulhazim.m

I’m using Ubuntu 12.04

LDAP: Install & Configure

  1. sudo apt-get install slapd ldap-utils
    1. Enter password: [SetY0urP@$$wOrD]
  2. dpkg-reconfigure slapd
    1. Omit OpenLDAP server configuration? No
    2. DNS domain name? domain.com | IP Address
    3. Organization name? My Organization
    4. Administrator password? Use the password during installation | Choose new one
    5. Database backend to use? HDB
    6. Remove the database when slapd is purged? No
    7. Move old database? Yes
    8. Allow LDAPv2 protocol? No
  3. joe /etc/phpldapadmin/config.php (i’m using joe text editor, you may use the default text editor such vi)
    $servers->setValue('server','host','domain.com | IP Address');
$servers->setValue('server','base',array('dc=domain,dc=com'));
$servers->setValue('login','bind_id','cn=admin,dc=domain,dc=com');
$config->custom->appearance['hide_template_warning'] = true;

LDAP: Install PHPLDAPAdmin

  1. apt-get install libpam-ldap nscd | pkg-reconfigure ldap-auth-config
    1. LDAP server Uniform Resource Identifier: ldap://**Domain-Name-OR-IP-Address** ( Change the initial string from “ldapi:///” to “ldap://” before inputing your server’s information )
    2. Distinguished name of the search base: ( This should match the value you put in your LDAP server’s/etc/phpldapadmin/config.php file. )
    3. LDAP version to use: 3
    4. Make local root Database admin: Yes
    5. Does the LDAP database require login? No
    6. LDAP account for root: This should also match the value in your /etc/phpldapadmin/config.php
    7. LDAP root account password: LDAP-Root-Password
  2. joe /etc/nsswitch.conf – add ldap before compat for each passwd, group, shadow
  3. joe /etc/pam.d/common-session – add at the bottom: session required pam_mkhomedir.so skel=/etc/skel umask=0022
  4. /etc/init.d/nscd restart
  5. Access to PHPLDAPAdmin: http://domain.com/phpldapadmin

LDAP: Setting up LDAP Groups & Users

  1. Go to http://domain.com/phpldapadmin
  2. Login DN: cn=admin,dc=domain,dc=com
  3. Login Password: Password configured during slapd configuration
  4. To do:
    1. Create an Generic: Organization Units named Users
    2. Create a Generic: Posix Group named groups
    3. Create one or more Generic: User Account (make sure it’s under ou=users)
    4. (Optional) Add users to groups by clicking a group & Add New Attribute. Select memberUid and click on Update Object at the bottom.

LDAP: Test LDAP

ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); 

$ldapconn = ldap_connect("domain.com")
    or die("Could not connect to LDAP server.");

$person = 'cn=username,ou=users,dc=domain,dc=com';
$password = 'password';

if ($ldapconn) {

    $ldapbind = ldap_bind($ldapconn, $person, $password);

    if ($ldapbind) {

    	$ldaptree = "ou=users,dc=domain,dc=com";
		$justthese = array("ou", "sn", "givenname");

		$result = ldap_search($ldapconn,$ldaptree,"givenName=$person",$justthese) or die ("Error in search query: ".ldap_error($ldapconn));

		$no = ldap_count_entries($ldapconn, $result);
		
		echo 'Count Entries: ' . $no . '<br>';

		$info = ldap_get_entries($ldapconn, $result);
		
		for ($i=0; $i<$info["count"]; $i++) 
		{
			echo $info[$i]['givenname'][0] . ' (' . $info[$i]['mail'][0] . ')';
			echo '<hr>';
		}

    } else {
        echo "LDAP bind ".$user." failed...";
    }

}

Reference: Installing LDAP on Ubuntu 12.04

One thought on “Ubuntu: LDAP – Install, Configure & Test

Leave a Reply

Your email address will not be published. Required fields are marked *

4 + 3 =

You may like

Laranix: Just like Laragon

May 13, 2016

SVN: Editor & Ignore List

April 20, 2014