Home Wiki > SDB:LDAP server
Sign up | Login

SDB:LDAP server

tagline: From openSUSE

This text has been tested with openSUSE 10.2 and 10.3

There are some advantages in using OpenSUSE's Yast2 for the basic installation. You will then get a basic working setup with the LDAP schemas needed for normal operation.
There is quite a lot of information in chapter 27 of the openSUSE 10.3 Reference.
http://www.novell.com/documentation/opensuse103/

Installing the SW

  • Use your packet manager to add the "yast2-ldap-server" module.
  • Restart Yast and go to Network Services and start the LDAP server module.
  • Choose to start the LDAP server and choose Configure.
  • Select "Database" and then "Add"
  • Select a Base-DN in the form of "dc=example,dc=com" or "dc=test,dc=example,dc=com". This would normally mimic your network domain like example.com or test.example.com. Or use dc=local if you are not on the internet.
  • choose a password and then "OK"

Your server should now be ready to rock and roll!

Testing your ldap server

You must be able to (re)start your ldap server. Test it like this:

  • stop your ldap server
/etc/init.d/ldap stop
  • start your ldap server
/etc/init.d/ldap start
  • verify your ldap server is running
/etc/init.d/ldap status
The response to this command should be running

Your ldap server must be reachable via network. To check this, run

nmap localhost
The response to this command should contain a line
389/tcp  open  ldap

Connecting

To test if your database is properly set up, enter

slapcat

You should receive a response like

dn: dc=example,dc=com
dc: example
o: example
objectClass: organization
objectClass: dcObject
structuralObjectClass: organization
entryUUID: 7ab95c2e-0c8f-102d-9e51-5b50a42d05ab
creatorsName: cn=Administrator,dc=example,dc=com
createTimestamp: 20080901163340Z
entryCSN: 20080901163340Z#000000#00#000000
modifiersName: cn=Administrator,dc=example,dc=com
modifyTimestamp: 20080901163340Z

Adding an OU

This example assumes you chose dc=example,dc=com as base DN. To add an organizational unit, first stop your ldap service:

/etc/init.d/ldap stop

Then create a file and add its content to your directory:

cat >orgunit<<EOF
dn: ou=orgunit1,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: orgunit1
description: Test orgUnit
EOF
slapadd -v -l orgunit

You should receive a response like

added: "ou=orgunit1,dc=example,dc=com" (00000002)

Adding a person

This example assumes you have added orgunit1 as described above. We add a person to our directory:

cat >person<<EOF
dn: cn=James Attah,ou=orgunit1,dc=Amaglobal,dc=local
objectclass: top
objectclass: person
objectclass: organizationalPerson
sn: James
cn: James Attah
EOF
slapadd -v -l person

Using an application

You can now test your ldap server using e.g. kaddressbook. Search for "John" and you will find John Johnson.

Going forward

To use your ldap server for user authentication see: Howto setup client and server for user authentication in a small network

See Also