install ldap server in ubuntu

How to Configure LDAP Server in Ubuntu

Team Fedingo

LDAP (Lightweight Directory Access Protocol) is an authentication protocol that allows you to easily control and manage user authentication and directory access on your system or network. In this article, we will learn how to configure LDAP Server in Ubuntu. We will use OpenLDAP for our purpose. It is a free and open-source LDAP implementation.


How to Configure LDAP Server in Ubuntu

Here are the steps to configure LDAP Server in Ubuntu.


1. Set Hostname for LDAP Server

First we need to set the hostname for LDAP server. Open terminal and run the following command for this purpose. Replace ldap.example.com with your LDAP server’s subdomain name.

$ sudo hostnamectl set-hostname ldap.example.com

Add the FQDN and IP address to /etc/hosts. Replace 54.43.32.21 with the IP address of your LDAP server.

54.43.32.21 ldap.example.com


2. Install OpenLDAP Server in Ubuntu

Install OpenLDAP and its utilities with the following command.

$ sudo apt update
$ sudo apt -y install slapd ldap-utils

During installation, you will be prompted to enter admin password. Enter the desired password and press Ok.

Next, you will be asked to confirm the password.

Once installation is complete, you can verify it by running the following command.

$ sudo slapcat

The above command will display the details of LDAP server installation.


3. Add Base db for Users & Groups

We will create basedn.ldif file following contents. Replace example and com with your domain name and extension.

$ vim basedn.ldif
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups

Save and close the file. Next, run the following command to add the above file to LDAP server.

$ ldapadd -x -D cn=admin,dc=example,dc=com -W -f basedn.ldif
Enter LDAP Password:
adding new entry "ou=people,dc=example,dc=com"
adding new entry "ou=groups,dc=example,dc=com"


4. Add User Accounts & Groups

Run the following to generate password for user accounts. You will be asked to enter & re-enter the password for user.

$ sudo slappasswd
New password: 
Re-enter new password: 
<hashed_password>

It will also display a hashed alphanumeric password. Keep it handy for the next step.

Create the following file to add users to LDAP Server, and add the contents as shown. Replace <hashed_password> with the hashed password you have saved above. Also replace test_user & demo_user with your desired usernames. Replace example and com with your domain and extension.

$ vim ldapusers.ldif
dn: uid=computingforgeeks,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: test_user
sn: demo_user
userPassword: <hashed_password>
loginShell: /bin/bash
uidNumber: 2000
gidNumber: 2000
homeDirectory: /home/test_user

Once you have done editing the file, save & close it. Run the following command to add the above user file to LDAP server.

$ ldapadd -x -D cn=admin,dc=example,dc=com -W -f ldapusers.ldif 
Enter LDAP Password: 
adding new entry "uid=test_user,ou=people,dc=example,dc=com"

Similarly, create another file to create group. Replace test_group with your group name.

$ vim ldapgroups.ldif
dn: cn=computingforgeeks,ou=groups,dc=example,dc=com
objectClass: posixGroup
cn: test_group
gidNumber: 2000
memberUid: test_group

Save and close the file. Run the following command to add the group to LDAP server.

$ ldapadd -x -D cn=admin,dc=example,dc=com -W -f ldapgroups.ldif
Enter LDAP Password: 
 adding new entry "cn=test_user,ou=groups,dc=example,dc=com"


5. Install LDAP Account Manager (Optional)

You can also install LDAP Account Manager to easily manage user accounts & groups. It provides a web interface that you can easily use via web browser.


6. Install LDAP Client

You will also need to install LDAP clients on your network’s machines so they can communicate with your LDAP server for authentication & directory access.

Here is our detailed article about installing LDAP client in Ubuntu.

In this article, we have learnt how to install LDAP server in Ubuntu.

Also read:

How to Install SSL Certificate in Raspberry Pi
How to Disable Lighttpd Access Log
How to Install HTTP Server in Raspberry Pi
How to Configure DNS Nameserver in Ubuntu
How to Configure LDAP Client for Ubuntu

Related posts:

How to Check if Directory Exists in Shell Script
How to Kill Process Running on Specific Port
Bash Script to Run Commands on Remote Server
How to Add Route in Linux
How to Combine JSON Files to CSV in Python
How to Downgrade Software in Ubuntu
How to Remove Docker Images, Containers & Volumes
How to Fix Permission Denied Error While Running Shell Script

Leave a Reply

Your email address will not be published. Required fields are marked *