Setting up Linux as an LDAP

asleck
  • Install Ubuntu Server
  • After installation, update and upgrade all packages
    • sudo apt update && sudo apt upgrade -y
  • Apache2
    • Install Appache2
      • sudo apt install apache2 -y
    • Configure Apache2
      • sudo nano /etc/apache2/conf-enabled/security.conf
        • Comment ServerTokens OS
        • Add line ServerTokens Prod
        • save and exit nano
      • Restart Apache2 Service
        • sudo systemctl restart apache2
    • Check Apache2 server by going to http://<SERVER_IP>/ in a web browser
  • PHP
    • Install PHP
      • sudo apt install php php-cgi libapache2-mod-php php-common php-pear php-mbstring -y
    • Configure PHP
      • Note other versions of PHP may install. please confirm your version. At the time of writing this guide, PHP 8.1.2 installs by default.
      • sudo a2enconf php8.1-cgi
      • sudo nano /etc/php/8.1/apache2/php.ini
        • change date.timezone = America/Chicago
        • save and exit nano
      • Create a PHPInfo Page
        • sudo nano /var/www/html/info.php
          • add the following PHP code
            • <?php phpinfo(); ?>
            • save and exit nano
    • Restart and apply updates for Apache2 Service
      • sudo systemctl restart apache2
      • sudo systemctl reload apache2
    • Check PHP server by going to http://<SERVER_IP>/info.php in a web browser
  • LDAP
    • Install OpenLDAP
      • change system to root
        • sudo su
      • apt install slapd ldap-utils -y
      • when prompted, enter in the password you would like to use for OpenLDAP
    • Configure OpenLDAP
      • change [dc=srv] & [dc=dom] to your domain
      • dpkg-reconfigure slapd
        • select no
        • enter your domain name “example.local”
        • enter your organization name “example.com”
        • enter your LDAP administrator password
        • confirm the administrator password
        • If asked the database to be removed, select no
        • if asked to move old database, select yes
      • run slapcat to check your config
      • sudo nano /etc/ldap/ldap.confadd the following information
        • BASE dc=your-domain,dc=com
        • URI ldap://localhost
      • save and exit nano
    • Let’s test the LDAP
      • ldapsearch -x
      • You should see “result: 0 success” near the bottom of the results
    • ctl-d to exit from SU mode
  • LDAP Account Manager
    • Install LDAP Account Manager
      • sudo apt install ldap-account-manager -y
    • Restart and apply updates for Apache2 Service
      • sudo systemctl restart apache2
      • sudo systemctl reload apache2
    • Access the LDAP Account Manager Server by going to http://<SERVER_IP>/lam in a web browser
    • Goto the LAM Configuration
    • Goto Edit Server Profiles
      • Log in user lam as the username and password
      • On the General Settings Tab change the following
        • Language Settings
          • Default Language English (USA)
          • Time Zone America/Chicago
        • Tool Settings
          • Tree suffix dc=your-domain,dc=com
        • Security Settings
          • List of valid users cn=admin,dc=your-domain,dc=com
        • Profile Password
          • change the lam password to your password
      • On the Account Types Tab change the following
        • Users
          • LDAP suffix ou=People,dc=your-domain,dc=com
        • Groups
          • LDAP suffix ou=group,dc=your-domain,dc=com
      • Click save
  • Webmin
    • Install Webmin
      • Start by updating the system
        • sudo apt update && sudo apt upgrade -y
      • Install software-properties-common and apt-transport-https
        • sudo apt install software-properties-common apt-transport-https -y
      • Add the GPG key
        • wget -qO- https://download.webmin.com/jcameron-key.asc | sudo tee -a /etc/apt/trusted.gpg.d/jcameron-key.asc
      • Add the Webmin Repo
        • sudo add-apt-repository “deb [arch=amd64] http://download.webmin.com/download/repository sarge contrib”
        • If asked to press enter to continue, press enter
        • sudo apt update
      • sudo apt install webmin -y
      • sudo apt install libnet-ldap-perl -y
    • Test the Webmin Service
      • sudo systemctl status webmin
    • Access the webmin GUI
      • https://<SERVER_IP>:10000
    • When accessing the LDAP Server through Webmin, you may get an error trying to browse the database. To correct this, access the OpenLDAP Server Configuration. Then set the New Administrator Password to the one you used to install OpenLDAP and click save. Then click apply configuration and try clicking Browse Database again.

Related Posts

Google Maps API with PHP and MySQL

Posting data from an SQL server to a webpage using the Google Maps API is a lot simpler than you may think. I am going to outline some of the things that I learned in getting this to all work. Prerequsites Database Structure WWW Structure GUI Page Code

Leave a Reply