NIH | National Cancer Institute | NCI Wiki  

Versions Compared

Old Version 3

changes.mady.by.user Klinger, Carolyn (NIH/NCI) [C]

Saved on

compared with

New Version 4

changes.mady.by.user Klinger, Carolyn (NIH/NCI) [C]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The information on this page represents the experience of an NBIA user and is provided as a case study that you may find useful. It is not meant to apply to all users.

...

  1. Install OpenLdap on Ubuntu.

    Note

    These instructions are based on Ubuntu 18.04.

  2. In a terminal window, issue the following commands:

    Code Block
    sudo apt-get update
sudo apt-get upgrade

  3. In a terminal window, then issue the following command.

    Code Block
    sudo apt install slapd ldap-utils

  4. Modify the default Directory Information Tree (DIT) suffix by changing the DIT to fit your company's network needs. For example,  dc=smab,dc=org. To do so, issue the following command.

    Code Block
    sudo dpkg-reconfigure slapd
  5. Enter the administrator's password.

  6. Add initial data to the LDAP database from a file and create a single entry. In a terminal window, issue the following command.

    Code Block
    vi ldap_data.ldif

dn: ou=People,dc=smab,dc=org
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=smab,dc=org
objectClass: organizationalUnit
ou: Groups

dn: cn=DEPARTMENT,ou=Groups,dc=smab,dc=org
objectClass: posixGroup
cn: SUBGROUP
gidNumber: 5000

dn: uid=nciadevtest,ou=People,dc=smab,dc=org
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: nciadevtest
sn: Last name
givenName: First name
cn: nciadevtest
displayName: Name
uidNumber: 10000
gidNumber: 5000
userPassword: password
gecos: Whole Name
loginShell: /bin/bash
homeDirectory: USERDIRECTORY
    Note

    In this .ldif file, we created

    2 organizationalUnit . One is People, the other is

    two organizationalUnit values, People and Groups.

  7. Also add Add the entities for these OU values. One entity is must be nciadevtest for the NBIA. The uid and cn must be this name. Because NBIA use uses cn to do as the default authentication be default. Some software applications use uid to do the authenticationauthenticate.

  8. Add the following entities to the LDAP server

    :

    .

    Code Block
    ldapadd -x -D cn=admin,dc=smab,dc=org -W -f ldap_data.ldif

  9. After adding these entities, we can use Use this command to search the exist recordexisting records. You can use the network loop IP address to test or use the real IP address.

    Code Block
    ldapsearch -x -LLL -h 127.0.0.1 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'uid=nciadevtest' cn givenName gidNumber 
Result:
dn: uid=nciadevtest,ou=People,dc=smab,dc=org
givenName: First XIAOHUIName
cn: nciadevtest
gidNumber: 5000

ldapsearch -x -LLL -h 69.71.4.10 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'cn=nciadevtest' uid givenName gidNumber
Result:
dn: uid=nciadevtest,ou=People,dc=smab,dc=org
uid: nciadevtest
givenName: XIAOHUIFirst Name
gidNumber: 5000

  10. Final configuration. After we install the openldap and add the records. We got the Add the records. The LDAP server configuration belowlooks similar to the following.

    Code Block
    Title Value
Base DN smab,dc=org
Bind Admin admin,dc=smab,dc=org
Bind Password Smab123456
User name for NBIA nciadevtest

...