NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

Versions Compared

Old Version 13

changes.mady.by.user Klinger, Carolyn (NIH/NCI) [C]

Saved on

compared with

New Version 14

changes.mady.by.user Klinger, Carolyn (NIH/NCI) [C]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Install OpenLdap on Ubuntu.

    Note

    These instructions are based on Ubuntu 18.04.

  2. In a terminal window, issue the following commands:

    Code Block
    sudo apt-get update
sudo apt-get upgrade

  3. In a terminal window, then issue the following command.

    Code Block
    sudo apt install slapd ldap-utils

  4. Modify the default Directory Information Tree (DIT) suffix by changing the DIT to fit your company's network needs. For example,  dc=<org name>, dc=org. To do so, issue the following command.

    Code Block
    sudo dpkg-reconfigure slapd
  5. Enter the administrator's password.

  6. Add initial data to the LDAP database from a file and create a single entry. In a terminal window, issue the following command.

    Code Block
    vi ldap_data.ldif

    The following information is returned.

    Code Block
    

dn: ou=People,dc=<org name>,dc=org
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=<org name>,dc=org
objectClass: organizationalUnit
ou: Groups

dn: cn=DEPARTMENT,ou=Groups,dc=<org name>,dc=org
objectClass: posixGroup
cn: SUBGROUP
gidNumber: 5000

dn: uid=nciadevtest,ou=People,dc=<org name>,dc=org
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: nciadevtest
sn: Last name
givenName: First name
cn: nciadevtest
displayName: Name
uidNumber: 10000
gidNumber: 5000
userPassword: password
gecos: Whole Name
loginShell: /bin/bash
homeDirectory: USERDIRECTORY
    Note

    In this .ldif file, we created two organizationalUnit values, People and Groups.

  7. Add the entities for these OU values. One entity must be nciadevtest for NBIA. The uid and cn must be this name. NBIA uses cn to as the default authentication. Some software applications use uid to authenticate.

  8. Add the following entities to the LDAP server.

    Code Block
    ldapadd -x -D cn=admin,dc=smab,dc=org -W -f ldap_data.ldif

  9. Use this command to search the existing records. You can use the network loop IP address to test or use the real IP address.

    Code Block
    ldapsearch -x -LLL -h 127.0.0.1 -p 389 -D cn=admin,dc=<org name>,dc=org -w <password>-b dc=<org name>,dc=org 'uid=nciadevtest' cn givenName gidNumber 
Result:
dn: uid=nciadevtest,ou=People,dc=<org name>,dc=org
givenName: First Name
cn: nciadevtest
gidNumber: 5000

ldapsearch -x -LLL -h 69.71.4.10 -p 389 -D cn=admin,dc=<org name>,dc=org -w <password> -b dc=<org name>,dc=org 'cn=nciadevtest' uid givenName gidNumber
Result:
dn: uid=nciadevtest,ou=People,dc=<org name>,dc=org
uid: nciadevtest
givenName: First Name
gidNumber: 5000

  10. Add the records. The LDAP server configuration looks similar to the following.

    Code Block
    Title Value
Base DN <org name>,dc=org
Bind Admin admin,dc=<org name>,dc=org
Bind Password <password>
User name for NBIA nciadevtest

...