LDAP Installation
1. Install OpenLDAP
Update the system and install the required packages.
During installation Ubuntu may ask for the LDAP admin password.
If the wizard does not appear, run it manually:
Recommended configuration
| Setting | Value |
|---|---|
| DNS domain name | example.com |
| Organization | Example |
| Admin password | choose strong password |
| Database backend | MDB |
| Remove database when purged | No |
| Move old database | Yes |
After configuration your base DN becomes:
Admin DN becomes:
2. Test LDAP locally
Run:
If LDAP works, you should see output containing:
3. Enable TLS for LDAP
Create a directory for certificates.
Generate a self-signed certificate.
sudo openssl req -new -x509 -nodes -days 3650 \
-out /etc/ldap/certs/ldap.crt \
-keyout /etc/ldap/certs/ldap.key
Set permissions:
Configure OpenLDAP to use TLS
Create a file:
Add:
dn: cn=config
changetype: modify
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/certs/ldap.crt
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/certs/ldap.key
Apply it:
Restart LDAP:
4. Import Sample LDIF (OU + test user)
Create a file:
Add this:
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people
dn: uid=testuser,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
sn: User
givenName: Test
cn: Test User
uid: testuser
mail: testuser@example.com
userPassword: testpassword
Import it:
Enter the admin password.
5. Verify the user exists
Run:
Expected output should include:
6. Test login bind
Enter password:
If successful you will see: