Friday, January 18, 2013

Installing OpenLDAP on Linux

Description: A guide to install and configure OpenLDAP on Oracle Linux 6 (64-bit). This can be applied to Linux in general. Several clients may be used to access your data such Apache Directory Studio and the command-line.

Obtaining the Software
http://www.openldap.org/software/download/
OpenLDAP 2.4.33

Prerequisites
#Install Required Packages
Login as root user
yum install gcc 
yum install cyrus-sasl* 
yum install openssl*

#Installing Oracle Berkeley DB
Oracle Berkeley 4.8 is used in this guide. You may use a later version of Oracle Berkeley if you wish to do so. Adjust according to the version you are using.

http://www.oracle.com/technetwork/products/berkeleydb/downloads/index-082944.html
Berkeley DB 5.1.29.NC.tar.gz , without encryption (32M)
Berkeley DB 4.8.30NC.tar.gz , without encryption (22M)

Unpack the downloaded bits. A "db-4.8.30.NC" directory should have been created.
tar -xvf db-4.8.30.NC.tar.gz

Login as root user and execute the following commands:
cd db-4.8.30.NC/build_unix
../dist/configure
make
make install

Installing OpenLDAP
Unpack the OpenLDAP bits. A "openldap-2.4.33" directory should have been created.
tar -xvf openldap-2.4.33.tgz

Login as root user and execute the following commands. Note "make test" may take up to 30 to 45 minutes. You can skip the "make test" command, but it is highly recommended.
CPPFLAGS="-I/usr/local/BerkeleyDB.4.8/include"
LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.4.8/lib -R/usr/local/BerkeleyDB.4.8/lib"
LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.8/lib"
export CPPFLAGS LD_LIBRARY_PATH LDFLAGS
./configure
make depend
make
make test
make install

Important Notes
You can found the "slapd.conf" file in the "/usr/local/etc/openldap/" directory. Here are the default settings you may want to change:
database bdb
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw secret
directory /usr/local/var/openldap-data

#To start SLAPD
su root
/usr/local/libexec/slapd

#Validate Installation and Configuration 
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

#Accessing OpenLDAP Through a Client
http://directory.apache.org/studio/downloads.html
Unpack "ApacheDirectoryStudio-linux-x86_64-2.0.0.v20120224.tar.gz".
tar -xvf ApacheDirectoryStudio-linux-x86_64-2.0.0.v20120224.tar.gz

To start Apache Directory Studio:
cd ApacheDirectoryStudio-linux-x86_64-2.0.0.v20120224
./ApacheDirectoryStudio

Adding OpenLDAP connection:
Hostname: localhost
Port: 389
Encryption method: No encryption
Provider: Apache Directory LDAP Client API
Bind DN or user: cn=Manager,dc=my-domain,dc=com
Bind password: secret

#Adding initial entries
Create a file called "example.ldif"
dn: dc=my-domain,dc=com
objectclass: dcObject
objectclass: organization
o: people
dc: my-domain

dn: cn=Manager,dc=my-domain,dc=com
objectclass: organizationalRole
cn: Manager

Execute command to add entries to your directory:
ldapadd -x -D "cn=Manager,dc=my-domain,dc=com" -W -f example.ldif

Execute command to search for the entries you've just added:
ldapsearch -x -b 'dc=my-domain,dc=com' '(objectclass=*)'
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)