We shall now start to install and configure LDAP on the Ubuntu server:
-
We will first update the package list on the server from Ubuntu's repositories to get information about the latest versions of all the packages and their dependencies:
sudo apt-get update
-
Now, run the command to install the slapd package and some associated utilities, and ldap-utils to install the LDAP server:
- During the installation process, when prompted, enter and confirm an administrator password, which will be used for the administrator account of LDAP. Configure a password of your choice and proceed with the installation process.
- Once the package is installed, we will reconfigure the LDAP package as per our requirements. To do so, type this command:
Sudo dpkg-reconfigure slapd
This will start a series of questions regarding configuring the software. We need to choose the options one by one as per our requirements.
- The first question asked is Omit OpenLDAP server configuration? Select No and continue:
- Next, enter the domain name. An already existing domain name on the server can be used, or a new one can be created. We will use example.com here:
- Next, enter the Organization name:
-
- Next, configure the administrator password for LDAP. Use the same as configured during the installation process, or change it to something else in this step.
- Next, set Database backend to use. Select MDB and continue:
- Now, you will be asked if you wish to remove the database when slapd is purged. Select No here.
- Next, select Yes to move the old database and allow the configuration process to create a new database:
- When asked Allow LDAPv2 protocol? choose No, as the latest version is LDAPv3, and LDAPv2 is obsolete now:
- At this point, the configuration process is done and LDAP is running:
- Let's now open the firewall port for LDAP so that external users can use it:
- We will now install the PHPldapadmin package, which will help in administering LDAP through the web interface:
sudo apt-get install phpldapadmin
Once the installation completes, edit the configuration file of PHPldapadmin to configure a few values:
Sudo nano /etc/phpldapadmin/config.php
- Now, search for the given section and modify it to reflect the domain name or the IP address of the Ubuntu server:
$servers->setValue('server','host','domain_name_or_IP_address');
- Next, edit the following entry and insert the domain name that we gave when we reconfigured slapd:
$servers->setValue('server','base',array('dc=example,dc=com'));
Give the domain name as values to the dc attribute in the previous line. Since our domain name was example.com, the value in the previous line will be entered as dc=example, dc=com.
- Next, find the following line and again enter the domain name as the dc attribute. For the cn attribute, the value will be admin only:
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
- Now, search for the section that reads as follows, and first uncomment the line, then set the value to true:
$config->custom->appearance['hide_template_warning'] = true;
After making all these changes, save and close the file.
- When the configuration of PHPldapadmin is complete, open a browser in the other system, which has the desktop version of Ubuntu. In the address bar of the browser, type the domain name or the IP address of the server, followed by /phpldapadmin:
domain_name_or_IP_address/phpldapadmin
- Once the PHPldapadmin page opens, on the left-hand side we find the login link. Click on it and you will get a login prompt:
The login screen will have the correct Login DN details if PHPldapadmin was configured correctly:
This is cn=admin,dc=example,dc=com in our case.
- Once you enter the administrator password correctly, the admin interface will be shown:
- On the admin interface, on the left-hand side where you see the domain components (dc=example,dc=co), click on the plus sign next to it. It will show the admin login being used:
- Our basic LDAP server is now set up and running.