Debian: Set Up OpenLDAP Server: Difference between revisions

(One intermediate revision by the same user not shown)

Line 58:

== Step 3: Configuring the LDAP Clients ==

<code>/etc/ldap/ldap.conf</code> is the configuration file for all OpenLDAP clients. Open this file.

<code>/etc/ldap/ldap.conf</code> is the configuration file for all OpenLDAP clients. Open this file.<syntaxhighlight lang="bash">

sudo nano /etc/ldap/ldap.conf

We need to specify two parameters: the '''base DN''' and the '''URI''' of our OpenLDAP server. Copy and paste the following text at the end of the file. Replace <code>your-domain</code> and <code>com</code> as appropriate.

</syntaxhighlight>We need to specify two parameters: the '''base DN''' and the '''URI''' of our OpenLDAP server. Copy and paste the following text at the end of the file. Replace <code>your-domain</code> and <code>com</code> as appropriate.<syntaxhighlight lang="bash">

BASE dc=your-domain,dc=com

URI ldap://localhost

The first line defines the base DN. It tells the client programs where to start their search in the directory. If you used a subdomain when configuring OpenLDAP server, then you need to add the subdomain here like so

</syntaxhighlight>The first line defines the base DN. It tells the client programs where to start their search in the directory. If you used a subdomain when configuring OpenLDAP server, then you need to add the subdomain here like so<syntaxhighlight lang="bash">

BASE dc=subdomain,dc=your-domain,dc=com

The second line defines the URI of our OpenLDAP server. Since the LDAP server and client are on the same machine, we should set the URI to <code>ldap://localhost</code>. You can add multiple URIs later if the need arises.

</syntaxhighlight>The second line defines the URI of our OpenLDAP server. Since the LDAP server and client are on the same machine, we should set the URI to <code>ldap://localhost</code>. You can add multiple URIs later if the need arises.

Save and close the file.

Line 72:

Now that OpenLDAP server is running and client configuration is done, run the following command to make test connections to the server.

ldapsearch -x

Output:

Output:<syntaxhighlight lang="bash">

# extended LDIF

#

# LDAPv3

# base <dc=linuxbabe,dc=com> (default) with scope subtree

# filter: (objectclass=*)

# requesting: ALL

#

# linuxbabe.com

dn: dc=linuxbabe,dc=com

objectClass: top

objectClass: dcObject

objectClass: organization

o: LinuxBabe

dc: linuxbabe

# admin, linuxbabe.com

dn: cn=admin,dc=linuxbabe,dc=com

objectClass: simpleSecurityObject

objectClass: organizationalRole

cn: admin

description: LDAP administrator

# search result

search: 2

~~'''~~result: 0 Success~~'''~~

result: 0 Success

# numResponses: 3

# numEntries: 2

'''~~Result~~: 0 Success''' indicates that OpenLDAP server is working. If you get the following line, then it’s not working.

</syntaxhighlight>'''sult: 0 Success''' indicates that OpenLDAP server is working. If you get the following line, then it’s not working.

result: 32 No such object

Line 233:

== Source ==

* [https://www.linuxbabe.com/debian/set-up-openldap-server-debian linuxbabe.com]

* [https://www.linuxbabe.com/debian/set-up-openldap-server-debian linuxbabe.com] [https://web.archive.org/web/20240509135259/http://web.archive.org/screenshot/https://www.linuxbabe.com/debian/set-up-openldap-server-debian archived]

[[Category:Linux]]

[[Category:Debian]]

[[Category:Ubuntu]]

@@ Line 58: / Line 58: @@
 == Step 3: Configuring the LDAP Clients ==
-<code>/etc/ldap/ldap.conf</code> is the configuration file for all OpenLDAP clients. Open this file.
+<code>/etc/ldap/ldap.conf</code> is the configuration file for all OpenLDAP clients. Open this file.<syntaxhighlight lang="bash">
- sudo nano /etc/ldap/ldap.conf
+sudo nano /etc/ldap/ldap.conf
-We need to specify two parameters: the '''base DN''' and the '''URI''' of our OpenLDAP server. Copy and paste the following text at the end of the file. Replace <code>your-domain</code> and <code>com</code> as appropriate.
+</syntaxhighlight>We need to specify two parameters: the '''base DN''' and the '''URI''' of our OpenLDAP server. Copy and paste the following text at the end of the file. Replace <code>your-domain</code> and <code>com</code> as appropriate.<syntaxhighlight lang="bash">
- BASE     dc=your-domain,dc=com
+BASE     dc=your-domain,dc=com
- URI      ldap://localhost
+URI      ldap://localhost
-The first line defines the base DN. It tells the client programs where to start their search in the directory. If you used a subdomain when configuring OpenLDAP server, then you need to add the subdomain here like so
+</syntaxhighlight>The first line defines the base DN. It tells the client programs where to start their search in the directory. If you used a subdomain when configuring OpenLDAP server, then you need to add the subdomain here like so<syntaxhighlight lang="bash">
- BASE      dc=subdomain,dc=your-domain,dc=com
+BASE      dc=subdomain,dc=your-domain,dc=com
-The second line defines the URI of our OpenLDAP server. Since the LDAP server and client are on the same machine, we should set the URI to <code>ldap://localhost</code>. You can add multiple URIs later if the need arises.
+</syntaxhighlight>The second line defines the URI of our OpenLDAP server. Since the LDAP server and client are on the same machine, we should set the URI to <code>ldap://localhost</code>. You can add multiple URIs later if the need arises.
 Save and close the file.
@@ Line 72: / Line 72: @@
 Now that OpenLDAP server is running and client configuration is done, run the following command to make test connections to the server.
   ldapsearch -x
-Output:
+Output:<syntaxhighlight lang="bash">
- # extended LDIF
+# extended LDIF
- #
+#
- # LDAPv3
+# LDAPv3
- # base <dc=linuxbabe,dc=com> (default) with scope subtree
+# base <dc=linuxbabe,dc=com> (default) with scope subtree
- # filter: (objectclass=*)
+# filter: (objectclass=*)
- # requesting: ALL
+# requesting: ALL
- #
+#
- # linuxbabe.com
+# linuxbabe.com
- dn: dc=linuxbabe,dc=com
+dn: dc=linuxbabe,dc=com
- objectClass: top
+objectClass: top
- objectClass: dcObject
+objectClass: dcObject
- objectClass: organization
+objectClass: organization
- o: LinuxBabe
+o: LinuxBabe
- dc: linuxbabe
+dc: linuxbabe
- # admin, linuxbabe.com
+# admin, linuxbabe.com
- dn: cn=admin,dc=linuxbabe,dc=com
+dn: cn=admin,dc=linuxbabe,dc=com
- objectClass: simpleSecurityObject
+objectClass: simpleSecurityObject
- objectClass: organizationalRole
+objectClass: organizationalRole
- cn: admin
+cn: admin
- description: LDAP administrator
+description: LDAP administrator
- # search result
+# search result
- search: 2
+search: 2
- '''result: 0 Success'''
+result: 0 Success
- # numResponses: 3
+# numResponses: 3
- # numEntries: 2
+# numEntries: 2
-'''Result: 0 Success''' indicates that OpenLDAP server is working. If you get the following line, then it’s not working.
+</syntaxhighlight>'''sult: 0 Success''' indicates that OpenLDAP server is working. If you get the following line, then it’s not working.
   result: 32 No such object
@@ Line 233: / Line 233: @@
 == Source ==
-* [https://www.linuxbabe.com/debian/set-up-openldap-server-debian linuxbabe.com]
+* [https://www.linuxbabe.com/debian/set-up-openldap-server-debian linuxbabe.com] [https://web.archive.org/web/20240509135259/http://web.archive.org/screenshot/https://www.linuxbabe.com/debian/set-up-openldap-server-debian archived]
 [[Category:Linux]]
 [[Category:Debian]]
 [[Category:Ubuntu]]