In this article we will learn how to install and configure open LDAP server with CentOS 7.  LDAP provides a standard language that server and client use to communicate with each other. It is the lighter version of Directory Access Protocol used by international organization for X.500 standardization. It can support million of entries with a standard hardware configuration.

Prerequisites to Configure LDAP

Server Platform – CentOS 7 machine.

IP address for our server will be 192.51.16.16.

Hostname of server will be ldap.jt.com.

Installation steps for LDAP server

Configure LDAP server using following steps

1. Update system and define hostname

Update system

2. Install required openldap packages using yum

Define Hostname for server

Run command to Start ldap service

Enable service to run on boot time

Make sure that port 389 is permitted

Sample output

9

Generate ldap password

Generate password and copy it

3. Edit Open LDAP configuration files

Open directory

Edit olc database file first

Provide your domain credentials below, replace with your settings. Look for olcRootPW:  syntax and paste ldap password value there.

Edit olcDatabase\=\{1\}monitor.ldif file.

Define your domain value

Test your settings and ignore any checksum error generated, a message for successful testing will be generated.

2

4. Configure open LDAP database

Copy sample database file to /var/lib/ldap

Change ownership for the file

5. Add LDAP schemes

Change director to /etc/openldap/slapd.d/cn\=config/

Add Schemes

6. Create base objects using migrationtools

To create base objects we  require migration tools, let us install them first

Change directory to /usr/share/migrationtools/

Have a look

3

Edit migrate_common.ph

Define domain credentials, edit line number 71 and 74.

Save and exit, create base.ldif file, save this file to /root/ directory, use migration_base.pl to generate the .ldif file.

Grep /etc/passwd to /root directory, save file as ‘passwd’  in /root

Grep /etc/group as /root/user

Migrate /root/passwd file to users.ldif

users.ldif file will look something like

6

Migrate /root/groups file to /root/groups.ldif

# ./migrate_group.pl /root/group /root/groups.ldif

Groups.ldif will look like

7

At this stage we have three .ldif files in /root/ folder i.e. base.ldif, users.ldif and groups.ldif, have a look.

# ls /root

4

7. Import system user to LDAP database

Import all three .ldif file to LDAP using following commands, give password and press enter

 

Sample output

8

8. Run configuration test

Users ad groups are migrated to LDAP, let us check whether things are done correctly or not ,

Sample output

The Success message indicates that server is configured successfully.

Conclusion

We have created a functional LDAP service, which can be used in various directory services.

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here