Page History
The information on this page represents the experience of an NBIA user and is provided as a case study that you may find useful. It is not meant to apply to all users.
...
Install OpenLdap on Ubuntu.
Note These instructions are based on Ubuntu 18.04.
In a terminal window, issue the following commands:
Code Block sudo apt-get update sudo apt-get upgrade
In a terminal window, then issue the following command.
Code Block sudo apt install slapd ldap-utils
Modify the default Directory Information Tree (DIT) suffix by changing the DIT to fit your company's network needs. For example,
dc=smab,dc=org
. To do so, issue the following command.Code Block sudo dpkg-reconfigure slapd
- Enter the administrator's password.
Add initial data to the LDAP database from a file and create a single entry. In a terminal window, issue the following command.
Code Block vi ldap_data.ldif dn: ou=People,dc=smab,dc=org objectClass: organizationalUnit ou: People dn: ou=Groups,dc=smab,dc=org objectClass: organizationalUnit ou: Groups dn: cn=DEPARTMENT,ou=Groups,dc=smab,dc=org objectClass: posixGroup cn: SUBGROUP gidNumber: 5000 dn: uid=nciadevtest,ou=People,dc=smab,dc=org objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: nciadevtest sn: Last name givenName: First name cn: nciadevtest displayName: Name uidNumber: 10000 gidNumber: 5000 userPassword: password gecos: Whole Name loginShell: /bin/bash homeDirectory: USERDIRECTORY
2 organizationalUnit . One is People, the other isNote In this .ldif file, we created
two organizationalUnit values, People and Groups.
Also add Add the entities for these OU values. One entity is must be nciadevtest for the NBIA. The uid and cn must be this name. Because NBIA use uses cn to do as the default authentication be default. Some software applications use uid to do the authenticationauthenticate.
Add the following entities to the LDAP server
:.
Code Block ldapadd -x -D cn=admin,dc=smab,dc=org -W -f ldap_data.ldif
After adding these entities, we can use Use this command to search the exist recordexisting records. You can use the network loop IP address to test or use the real IP address.
Code Block ldapsearch -x -LLL -h 127.0.0.1 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'uid=nciadevtest' cn givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org givenName: First XIAOHUIName cn: nciadevtest gidNumber: 5000 ldapsearch -x -LLL -h 69.71.4.10 -p 389 -D cn=admin,dc=smab,dc=org -w smab123456 -b dc=smab,dc=org 'cn=nciadevtest' uid givenName gidNumber Result: dn: uid=nciadevtest,ou=People,dc=smab,dc=org uid: nciadevtest givenName: XIAOHUIFirst Name gidNumber: 5000
Final configuration. After we install the openldap and add the records. We got the Add the records. The LDAP server configuration belowlooks similar to the following.
Code Block Title Value Base DN smab,dc=org Bind Admin admin,dc=smab,dc=org Bind Password Smab123456 User name for NBIA nciadevtest
...