Install and Configure OpenLDAP Server on Ubuntu 20.04
In this blog post you’ll get to figure out how to Install and configure OpenLDAP Server on Ubuntu 20.04 LTS. OpenLDAP is a free and open source execution of the Lightweight Directory Access Protocol created by the OpenLDAP Project and delivered under OpenLDAP Public License.
Set Hostname for Ubuntu
Before beginning of installation, we need to set up hostname for Ubuntu server
[sourcecode language="plain"]$ sudo hostnamectl set-hostname ldap.domain.com[/sourcecode]
Add IP to the file /etc/hosts
[sourcecode language="plain"]$ vim /etc/hosts[/sourcecode]
192.168.1.110 ldap.domain.com ldap
Replace domain.com with your hostname or legitimate domain name
Install OpenLDAP Server on Ubuntu
[sourcecode language="plain"]$ sudo apt update $ apt -y slapd ldap-utils[/sourcecode]
During installation, you will be provoked to set LDAP administrator password.
Affirm the password and proceed.
Affirm your installation while using the command
[sourcecode language="plain"]$ cat slapcat[/sourcecode]
Add base dn for users and groups
[sourcecode language="plain"]$ vim basedn.ldif dn: ou=people,dc=domain,dc=com objectClass: organizationalUnit ou: people dn: ou=groups,dc=domain,dc=com objectClass: organizationalUnit ou: groups [/sourcecode]
Replace domain and com with your own domain
Now you can add file by beneath command
[sourcecode language="plain"]$ ldapadd -x -D cn=admin,dc=domain,dc=com -W -f basedn.ldif Enter LDAP Password: adding new entry “ou=people,dc=domain,dc=com” adding new entry “ou=groups,dc=domain,dc=com” [/sourcecode]
Add User Accounts and Groups
Generate password for user account
[sourcecode language="plain"]$ slappasswd New password: Re-enter new password: {SSHA}Zn4/E5fOrakzaiFY/armlicenseGulHoffmann3x0d [/sourcecode]
Create ldif file for users
[sourcecode language="plain"]$ vim ldapusers.ldif dn: uid=username,ou=people,dc=domain,dc=com objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount cn: username sn: Wiz userPassword: {SSHA}Zn4/E5fOrakzaiFY/armlicenseGulHoffmann3x0d loginShell: /bin/bash uidNumber: 1000 gidNumber: 1000 homeDirectory: /home/username [/sourcecode]
Replace username with original username to add
dc=domain,dc=com with your domain
cn and sn with username
{SSHA}Zn4/E5fOrakzaiFY/armlicenseGulHoffmann3x0d with your hash password
Add account by below command
[sourcecode language="plain"]$ ldapadd -x -D cn=admin,dc=domain,dc=com -W -f ldapusers.ldif Enter LDAP Password: adding new entry “uid=username,ou=people,dc=domain,dc=com” [/sourcecode]
The same can be done to groups and create ldif file:
[sourcecode language="plain"]$ vim ldapgroups.ldif dn: cn=username,ou=groups,dc=domain,dc=com objectClass: posixGroup cn: username gidNumber: 1000 memberUid: username [/sourcecode]
Add Group
[sourcecode language="plain"]$ ldapadd -x -D cn=admin,dc=domain,dc=com -W -f ldapgroups.ldif Enter LDAP Password: adding new entry “cn=username,ou=people,dc=domain,dc=com” [/sourcecode]