6 Doing it
Start with installing the necessary packages:
aptitude install slapd ldap-utils libldap2
You will be prompted to answer some questions:
- Omit OpenLDAP server configuration?
Choose “No” so a basic configuration will be done.
- DNS domain name:
This is up to you. This automatically constructs the root entry of the LDAP tree. To be consistent in this
module, we should specify test.org.
- Organization name:
This is just the common name of the organization, I’d use test for testing purposes.
- Administrator password:
The password of the LDAP administrator, remember it!
- Database backend to use:
Use the default of HDB.
- Do you want the database to be removed when slapd is purged? Use the default.
- Allow LDAPv2 protocol? Use the default.
Next, edit “/etc/ldap/ldap.conf”. This file should be shared by all LDAP clients:
BASE dc=test,dc=org
URI ldap://10.0.2.20
The first line simply helps to save some typing because it assumes all entries have the common ending of
dc=test,dc=org. The second line tells an LDAP client where to find the LDAP server. In this case, we specify an IP address.
It can be a host name as long as it can be resolved.
We are almost ready! Now edit “/etc/ldap/slapd.conf” and locate the line that says “index objectClass eq”, and
append the following line as a new line and save the file:
index uid eq
Now we are ready to restart the LDAP server. Execute the following commands:
/etc/init.d/slapd stop # stop the server
slapindex # reindex the tree, you will get a warning, ignore it
chown openldap:openldap /var/lib/ldap/* # fix the ownership now
/etc/init.d/slapd start # restart the server