Linux, Windows, Virtualization, OpenSource & Blogging

Install and Configure OpenLDAP on Ubuntu 16.04 / Debian 8

2

Setup LDAP base DN:

Generate base.ldif file for your domain.

$ vi base.ldif

dn: ou=People,dc=itzgeek,dc=local
objectClass: organizationalUnit
ou: People

dn: ou=Group,dc=itzgeek,dc=local
objectClass: organizationalUnit
ou: Group

Build the directory structure.

$ ldapadd -x -W -D "cn=admin,dc=itzgeek,dc=local" -f base.ldif
The ldapadd command will prompt you for the password of admin (LDAP root user).

Output:

Enter LDAP Password:
adding new entry "ou=People,dc=itzgeek,dc=local"

adding new entry "ou=Group,dc=itzgeek,dc=local"

Add LDAP Accounts:

Let’s create an LDIF (LDAP Data Interchange Format)  file for a new user “ldapuser”.

$ vi ldapuser.ldif

Paste the below lines into above LDIF file.

dn: uid=ldapuser,ou=People,dc=itzgeek,dc=local
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: ldapuser
uid: ldapuser
uidNumber: 9999
gidNumber: 100
homeDirectory: /home/ldapuser
loginShell: /bin/bash
gecos: Test LdapUser
userPassword: {crypt}x
shadowLastChange: 17058
shadowMin: 0
shadowMax: 99999
shadowWarning: 7

Use the ldapadd command to create a new user “ldapuser” in OpenLDAP directory.

$ ldapadd -x -W -D "cn=admin,dc=itzgeek,dc=local" -f ldapuser.ldif

Enter LDAP Password:
adding new entry "uid=ldapuser,ou=People,dc=itzgeek,dc=local"

Assign a password to the user.

$ ldappasswd -s password123 -W -D "cn=admin,dc=itzgeek,dc=local" -x "uid=ldapuser,ou=People,dc=itzgeek,dc=local"

Where,

-s specify the password for the username

-x username for which the password is changed

-D Distinguished name to authenticate to the LDAP server.

Verify LDAP entries.

ldapsearch -x cn=ldapuser -b dc=itzgeek,dc=local

Output:

# extended LDIF
#
# LDAPv3
# base <dc=itzgeek,dc=local> with scope subtree
# filter: cn=ldapuser
# requesting: ALL
#

# ldapuser, People, itzgeek.local
dn: uid=ldapuser,ou=People,dc=itzgeek,dc=local
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: ldapuser
uid: ldapuser
uidNumber: 9999
gidNumber: 100
homeDirectory: /home/ldapuser
loginShell: /bin/bash
gecos: Test LdapUser
shadowLastChange: 17058
shadowMin: 0
shadowMax: 99999
shadowWarning: 7

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

To delete an entry from LDAP (Optional).

$ ldapdelete -W -D "cn=admin,dc=itzgeek,dc=local" "uid=ldapuser,ou=People,dc=itzgeek,dc=local"

POSTS YOU MAY LIKE -:)

You might also like
  • Bruno Forcier

    Hi, if I want to make a master/slave LDAP environment, can I follow the your CentOS instructions for that?

    Thanks

Install and Configure OpenLDAP on Ubuntu 16.04 / Debian 8

2