We like CentOS very much to be a server operating system, I think we have made that clear; it is a great system, easy to use and maintain, and you can install many specific tools to manage services within a network server. It is also compatible with the RHEL software and repository, providing a good number of applications available.

One of those important applications that can be installed in CentOS 7, oriented to server management is OpenLDAP which is an open LDAP implementation that allows us to access an orderly and distributed directory service to search for diverse information in a network environment, ie a centralized way to store contact information in an organization.

OpenLDAP has four main components:

  • slapd: autonomous LDAP daemon.
  • slurpd: standalone LDAP update replication daemon.
  • LDAP protocol support library routines
  • Utilities tools and customers.

In this tutorial we will install OpenLDAP in cents 7.

Let’s get to work

1.- Upgrading the system and installing openldap packages

As always, the first thing to do is to update the system.

1.- Upgrading the system
1.- Upgrading the system

Now we proceed to install the OpenLDAP packages.

2.- Installing openldap packages
2.- Installing openldap packages

Once the packages have been installed, we must enable and initialize the openLDAP service.

3.- enabling slapd
3.- enabling slapd

2.- Configuring openLDAP server

First we must generate the OpenLDAP root password. That’s why we write:

and we’ll get something like this:

Next, create the openLDAP configuration file so that it can work correctly. We write:

And we place the following content:

From that file you must modify these three parameters at your convenience:

  • olcSuffix: Basically the suffix is your hostname. For your reference, in this tutorial the hostname is osradar.local
  • olcRootDN: This refers to the openLDAP administrator user.
  • olcRootPW: Here is the password generated above. Put yours up.
4.- Editing conf file
4.- Editing conf file

when we finish editing the file, we proceed to “upload” the configuration created to openLDAP with ldapmodify.

5.- ldapmodify
5.- ldapmodify

3.- Configuring the openLDAP Database

Now we proceed to copy the example database and grant it permissions.

6.- Configuring database openldap
6.- Configuring database openldap

And we add the rest of the schemas.

Now we create our file named base.ldif

And within this we add the following:

7.- Creating base file
7.- Creating base file

Now we must write the command to create the directory structure. In doing so we will be asked for the openldap password.

Of course, change the parameters to your own.

8.- building directory structure
8.- building directory structure

4.-Creating openLDAP User

now we proceed to create a user for openLDAP. An easy way to do this is to create a file for the new user, I’ll call it newuser.ldif.

And in it we will copy the following content:

change what you have to change.

9.- Creating new user
9.- Creating new user

Now with the ldapadd command we proceed to create the new user.

10.- Adding the new user
10.- Adding the new user

Now we are going to give the new user a password.

11.- Setting password to new user
11.- Setting password to new user

5.- Finals configurations

We then proceed to add the rules in the firewall so that openLDAP runs smoothly.

12.- Enabling openldap at firewall
12.- Enabling openldap at firewall

6.- Testing the server

We verify that everything is in order:

If the terminal displays the user information, then everything went well.

12 .- Testing the installations
12 .- Testing the installations

And that’s it, we have our OpenLDAP server up and running. We would only have to go and configure each client so that it can be logged into the server. This will depend on each GNU/LINUX distribution the client has.

Please share this article through your social networks.

Spread the love
  • 7
    Shares

PS. If you like this post please share it with your friends on the social networks using the buttons above.Thanks.

LEAVE A REPLY

Please enter your comment!
Please enter your name here