Tuesday, October 6, 2009

Easy Open LDAP Server installation with webmin

This installation was performed for Centos 5.3
1- Install webmin
Grab the RPM from www.webmin.com

#wget http://prdownloads.sourceforge.net/webadmin/webmin-1.490-1.noarch.rpm
#rpm -ivh webmin*

2- Access webmin https://IP:10000/

3- Make sure LDAP Server module is installed
If it is not, Go Un-used Modules and select LDAP server
Install LDAP
This is the same that the following:
#yum install openldap-servers openldap-clients

4- Open file /etc/openldap/slapd.conf

Add restrictions

# ACL for LDAP . User only can read and change his own password.
access to attrs=userpassword
by self write
by anonymous auth
by * none

# Anyone can use LDAP but they require authetication
access to *
by self write
by users read
by anonymous read
by * none

Then define the domain you want to use dc=subdomain,dc=domain,dc=com

Change suffix dc=subdomain,dc=domain,dc=com
and select the rootdn cn=Manager,dc=subdomain,dc=domain,dc=com

Save file

Then we need to create password for rootdn

#slappasswd
New password:
Re-enter new password:
{SSHA}Lpjn5+zYw5iOIbWdldZs1

Copy the password
Edit /etc/openldap/slapd.conf
look for rootpw

rootpw {SSHA}Lpjn5+zYw5iOIbWdld


5- Make sure /var/lib/ldap is empty

Copy

# cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

6- START LDAP

# /etc/init.d/ldap start
Checking configuration files for slapd: config file testing succeeded
[ OK ]
Starting slapd: [ OK ]

6- GO webmin, LDAP Server Module
In Module Config add the rootdn as login and the password(no encrypted)

7- Create the ROOT. Webmin will ask you to create the root (Hit the button)

8- Now we need the OU for users and Groups

Create a file base.ldif and paste this

dn: ou=People,dc=subdomain,dc=domain,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit
description: Parent object of all UNIX accounts


dn: ou=Groups,dc=subdomain,dc=domain,dc=com
ou: Groups
objectClass: top
objectClass: organizationalUnit
description: Parent object of all UNIX groups


Save

Then run the following command to add

# ldapadd -x -h 127.0.0.1 -W -D "cn=Manager,dc=subdomain,dc=domain,dc=com" -f base.ldif -c
Enter LDAP Password:
adding new entry "ou=People,dc=subdomain,dc=domain,dc=com"

adding new entry "ou=Groups,dc=subdomain,dc=domain,dc=com"

9- Go Webmin and configure the LDAP Users and Groups
Add the rootdn, passwd, Base users, and Base Groups

Then you can add Users and Groups


10- Backup LDAP

ldapsearch -x -LLL -z 0 -D 'cn=Manager,dc=subdomain,dc=domain,dc=com' -b "dc=subdomain,dc=domain,dc=com" -w password -h localhost >backup.ldif

Then Save backup.ldif
Posted by at

2 comments:

Subscribe to: Post Comments (Atom)