The information on this page represents the experience of an NBIA user. It is not meant to apply to all users.

Install OpenLdap

1. Install OpenLdap on Ubuntu.

   This is

   Note
   These instructions are based on

   ubuntu

   Ubuntu 18.04

   .

2. In

   To take care of the update/upgrade, open

   a terminal window

   and

   , issue the following commands:

   Code Block
   sudo apt-get update

   
   

   sudo apt-get upgrade

3. In a terminal window, then issue the following command.

   Code Block
   sudo apt install slapd

   Once that finishes, you're ready to install OpenLDAP. For this, go back to the terminal window and issue the command:
   sudo apt install slapd

   ldap-utils

4. After the installation completes, you may want to modify the

   Modify the default Directory Information Tree (DIT) suffix

   . Let's go ahead and do that. We'll change our DIT to

   by changing the DIT to fit your company's network needs. For example,  dc=smab,dc=org

   . You can change yours to fit your company network needs

   . To do

   this

   so,

   run

   issue the following command

   :

   .

   Code Block
   sudo dpkg-reconfigure slapd

5. Enter the administrator's password.

6. Now we're going to add Add initial data to the LDAP database . We'll do this from a file and create a single entry. From your In a terminal window, issue the following command:.

   Code Block

   vi ldap_data.ldif dn: ou=People,dc=smab,dc=org objectClass: organizationalUnit ou: People dn: ou=Groups,dc=smab,dc=org objectClass: organizationalUnit ou: Groups dn: cn=DEPARTMENT,ou=Groups,dc=smab,dc=org objectClass: posixGroup cn: SUBGROUP gidNumber: 5000 dn: uid=nciadevtest,ou=People,dc=smab,dc=org objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: nciadevtest sn: Last name givenName: First name cn: nciadevtest displayName: Name uidNumber: 10000 gidNumber: 5000 userPassword: password gecos: Whole Name loginShell: /bin/bash homeDirectory: USERDIRECTORY

   In this .ldif file, we created 2 organizationalUnit . One is People, the other is Groups.
   Also add the entities for these OU. One entity is nciadevtest for the NBIA. The uid and cn must be this name. Because NBIA use cn to do the authentication be default. Some software use uid to do the authentication.

   
   

7. Add the entities to LDAP server:
   ldapadd -x -D cn=admin,dc=smab,dc=org -W -f ldap_data.ldif
   

8. After adding these entities, we can use this command to search the exist record. You can use the network loop IP address to test or use the real IP address.
   

   Code Block

   ldapsearch -x -LLL -h 127.0.0.1 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'uid=nciadevtest' cn givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org givenName: XIAOHUI cn: nciadevtest gidNumber: 5000 ldapsearch -x -LLL -h 69.71.4.10 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'cn=nciadevtest' uid givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org uid: nciadevtest givenName: XIAOHUI gidNumber: 5000

9. Final configuration. After we install the openldap and add the records. We got the LDAP server configuration below.

   Code Block
   Title Value Base DN smab,dc=org Bind Admin admin,dc=smab,dc=org Bind Password Smab123456 User name for NBIA nciadevtest

...