Page History
The information on this page represents the experience of an NBIA user. It is not meant to apply to all users.
Panel | |
---|---|
|
Install OpenLdap
Install OpenLdap on Ubuntu.
This is
ubuntuNote These instructions are based on
Ubuntu 18.04
.
In
To take care of the update/upgrade, opena terminal window
and, issue the following commands:
Code Block sudo apt-get update
sudo apt-get upgrade
In a terminal window, then issue the following command.
Once that finishes, you're ready to install OpenLDAP. For this, go back to the terminal window and issue the command:Code Block sudo apt install slapd
sudo apt install slapdldap-utils
- After the installation completes, you may want to modify the
Modify the default Directory Information Tree (DIT) suffix
. Let's go ahead and do that. We'll change our DIT toby changing the DIT to fit your company's network needs. For example,
. You can change yours to fit your company network needsdc=smab,dc=org
. To do
thisso,
runissue the following command
:.
Code Block sudo dpkg-reconfigure slapd
- Enter the administrator's password.
Now we're going to add Add initial data to the LDAP database . We'll do this from a file and create a single entry. From your In a terminal window, issue the following command:.
Code Block vi ldap_data.ldif dn: ou=People,dc=smab,dc=org objectClass: organizationalUnit ou: People dn: ou=Groups,dc=smab,dc=org objectClass: organizationalUnit ou: Groups dn: cn=DEPARTMENT,ou=Groups,dc=smab,dc=org objectClass: posixGroup cn: SUBGROUP gidNumber: 5000 dn: uid=nciadevtest,ou=People,dc=smab,dc=org objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: nciadevtest sn: Last name givenName: First name cn: nciadevtest displayName: Name uidNumber: 10000 gidNumber: 5000 userPassword: password gecos: Whole Name loginShell: /bin/bash homeDirectory: USERDIRECTORY
In this .ldif file, we created 2 organizationalUnit . One is People, the other is Groups.
Also add the entities for these OU. One entity is nciadevtest for the NBIA. The uid and cn must be this name. Because NBIA use cn to do the authentication be default. Some software use uid to do the authentication.- Add the entities to LDAP server:
ldapadd -x -D cn=admin,dc=smab,dc=org -W -f ldap_data.ldif After adding these entities, we can use this command to search the exist record. You can use the network loop IP address to test or use the real IP address.
Code Block ldapsearch -x -LLL -h 127.0.0.1 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'uid=nciadevtest' cn givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org givenName: XIAOHUI cn: nciadevtest gidNumber: 5000 ldapsearch -x -LLL -h 69.71.4.10 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'cn=nciadevtest' uid givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org uid: nciadevtest givenName: XIAOHUI gidNumber: 5000
Final configuration. After we install the openldap and add the records. We got the LDAP server configuration below.
Code Block Title Value Base DN smab,dc=org Bind Admin admin,dc=smab,dc=org Bind Password Smab123456 User name for NBIA nciadevtest
...