Linux NetMag  
  Home Articles Archive Help Contakt  

enhanced search enhanced search


TOC


Software
 

  Applikationen
 Mail: Sylpheed
 Spacechart

  Spiele
 UnrealTournament
 Docking Station


Hardware
 
 USB Scanner
 Digital cameras


Network
 
 Firewall
 Vbox remote
 LDAP-Server
 Samba PDC Server


Know-How
 

  Distributionen


Other
 
 Mailing-Liste
 Guestbook
 list of articles
 Support us!
 back to main page


 
 NetMag #7
 NetMag #6
 NetMag #5
 NetMag #4
 NetMag #3
 NetMag #2
 NetMag #1

Printer
printer-version



Zurück
zum Inhaltsverzeichnis



Edit Article
(Members only)

Published at 24.3.2001
Author: Thomas Kroll
Translator: Andy Ziegler
Support Us!

Installation of a LDAP server

LDAP ?!

LDAP and its uses explained.


LDAP stands for Lightweight Directory Access Protocol.

With OpenLDAP you can save information in a tree structure and make these accessible to others. For example, you can create a complete address- and e-mail- tree, or you set up the complete structure of a company with OpenLDAP.

In this HOWTO we will describe the installation of an OpenLDAP server using SuSE Linux 7.0.

Why write this HOWTO? We had to set up an LDAP server and in the Internet found the existing HOWTOs to be too complex, so we had to fight with LDAP on our own.

The Installation

Installing OpenLDAP is quite easy. Select both the packages openldap.rpm

and ldaplib.rpm

which are placed in the sub-group "n" .
Now you have to change a few configuration files. Go to "/etc/openldap" and edit the file ldap.conf

We explain this configuration by using our file as an example:

/etc/openldap/ldap.conf

 ##########/etc/openldap/ldap.conf#########
 
 # More details in the man page ldap.conf(5)
 # This file should be globally readable
 
 # here you specify the LDAP server: host name and IP address
 host 127.0.0.1
 
 # starting a search this is the first point in your directory 
 # tree of the database.
 
 base  o=testnet.de
 
 # that is all
 
 ############################################


Next you have to edit the file sladp.conf.

/etc/openldap/slapd.conf

 ######### /etc/openldap/slapd.conf ###########
 
 # this file must not be globally readable
 
 # slapd.at.conf <-- here you find a description of the attributes
 # slapd.oc.conf <-- here you find a description of the object classes

 include         /etc/openldap/slapd.at.conf
 include         /etc/openldap/slapd.oc.conf
 schemacheck     off

 pidfile         /var/run/slapd.pid
 argsfile        /var/run/slapd.args

 # settings for the LDAP database
 # here you specify the database which has to be used 
 
 database        ldbm
 
 # Suffix / root directory. this is the highest entry in the 
 # LDAP directory
 suffix          "o=testnet.de"
 
 # Here the LDAP database is saved
 directory       /var/lib/ldap

 # the administrator's name of this directory
 rootdn          "cn=Manager, o=testnet.de"


 # here you specify the administrator's password
 rootpw          secret
 ############################################


Now the OpenLDAP server can be started.

Therefore you enter:

/sbin/init.d/ldap start

and the server should run!

Creation of a database

The creation of a database is very complex because you must know the whole structure beforehand.

In this part we try to describe the set-up of a database using ours and explain how to add data and container objects.

First you have to create a new directory "ldif" in /etc/openldap:

>> cd /etc/openldap
>> mkdir ldif
>> cd ldif

Here you create your database using any editor. We call it datenbank.ldif .

datenbank.ldif

dn: o=testnet.de
o: testnet.de
objectclass: top
objectclass: organization

dn: ou=linux, o=testnet.de
ou: linux
objectclass: organizationalUnit

dn: uid=tover, ou=linux, o=testnet.de
uid: tover
cn: Tom Over
sn: Over
givenname: Tom
objectclass: person
userpassword: clearpass
mailacceptinggeneralid: overmindtom@gmx.net
ou: linux

dn: uid=tslider, ou=linux, o=testnet.de
uid: tslider
cn: The Slider
sn: Slider
givenname: The
objectclass: person
userpassword: clearpass
mailacceptinggeneralid: slider_e-mai@gmx.de
ou: linux


Now the first database is set-up and has to be added to the LDAP server!

This works with the command:

>> ldapadd -D "cn=Manager, o=testnet.de" -w secret < /etc/openldap/ldif
/datenbank.ldif 

Tthe program should copy that command.

To be sure that it worked you simply try the command:

>> ldapsearch uid=tover

Now you should get all data to this "uid" .

Adding more data sets

Adding more data sets requires an additional file. We call it new.ldif.

new.ldif

dn: uid=mmuster, ou=linux, o=testnet.de
uid: mmuster
cn: Max Maxample
sn: Maxample
givenname: Max
objectclass: person
userpassword: clearpass
mailacceptinggeneralid: mmaxample@testnet.de
ou: linux


This data can be added using the command ldapadd:

>> ldapadd -D "cn=Manager, o=testnet.de" -w secret < /etc/openldap/ldif
/new.ldif 

Adding more container objects:

Similar steps would be necessary if you tried to add another container object. Once again, you create a file which is called container.ldif.

container.ldif

dn: ou=abt2, o=testnet.de
ou: abt2
objectclass: organizationalUnit

dn: uid=hwurst, ou=abt2, o=testnet.de
uid: hwurst
cn: Hans Wurst
sn: Wurst
givenname: Hans
objectclass: person
userpassword: clearpass
mailacceptinggeneralid: hwurst@testnet.de
ou: abt2


You add this container object using the command ldapadd:

>> ldapadd -D "cn=Manager, o=testnet.de" -w secret < /etc/openldap/ldif
/container.ldif 

Now in this container the user with the id hwurst exists. We hope the syntax becomes clear to you by following these examples.

(Another way of administration is by using the tool kldap, although we won't describe this now! )

Access the data with Netscape

You can access the LDAP server using the address book of Netscape. We describe how this works.

Open Netscape and click on :

 Communicator
   > Address Book

Chose File and create a new Directory. Here you fill in the corresponding fields:

Now you can search the data with "Search For...".

That should be all! We hope we made it easier for you to set up an LDAP server.


Comments & Questions:
(add comment)

Other issues of Linux NetMag:  #1 | #2 | #3 | #4 | #5 | Main ]

Supported by
BerliOS Logo