plainblack.com
Username Password
search
Bookmark and Share
Subscribe

Basic LDAP setup

 

This page will present the basic requirements for setting up LDAP for testing in WebGUI

Install OpenLDAP

If you are using a distribution with a package managerment system, be sure to get the client and the server packages.

Configure OPENLDAP

As root, edit /etc/openldap/slapd.conf:  Set the suffix, rootdn and rootpw lines.

database    bdb
suffix      "dc=localhost"
checkpoint  1024 15
rootdn "cn=Manager,dc=localhost"
rootpw      secret

The rootdn and rootpw are like an LDAP root account, similar to the root user in MySQL.  The username of the root account is the cn, Manager, and dc is the domain.  You can set it to something more complex, but you'll have have to type more on the command line.

Start the LDAP server

/usr/sbin/slapd

Build the root ldap node

Before you can add user entries, you must add a root node.  All command line based LDAP work is done with LDIF files.  Below is shown an example LDIF file for the root node, rootNode.ldif

dn: dc=localhost
objectclass: dcObject
objectclass: organization
o: Example Company
dc: localhost
dn: cn=Manager,dc=localhost
objectclass: organizationalRole
cn: Manager

Now, you use ldapadd to send the file to the server and build the data.

ldapadd -x -D "cn=Manager,dc=localhost" -W -f rootNode.ldif -v


When prompted to by ldapadd, type in the rootpw from the config file.

Add LDAP Users

For each user, build a user.ldif file:

dn: cn=joebob,dc=localhost
objectClass: inetOrgPerson
cn: joebob
sn: joebob
userPassword: joebob

and import it just like you did the rootNode.

Add an LDAP Connection in WebGUI

In WebGUI, become an Admin and turn on admin mode.  From the Admin Bar, choose LDAP Connections.  Next, Add an LDAP connection.  In the form fill out these fields:

Name: Some name that describes the local LDAP connection

LDAP URL: This is the URL to your server. ________________

LDAP Proxy User DN: This is the "username" for the root user of the LDAP server, the rootdn: cn=Manager,dc=localhost

LDAP Proxy Password: This is the rootpw from the slapd.conf file, "secret".

Username Attribute: this is the field to use to build a LDAP username from a WebGUI username.  In our case, it would be "cn".

Set up WebGUI Authentication

In WebGUI, become an Admin and turn on admin mode.  In the Settings, User tab, set Automatic LDAP Registration to Yes.  In the Authentication Tab, set Authentication Method to LDAP, and then set the LDAP Connection to the connection you just made.

At this point, if you try to login to WebGUI with the cn from your user (joebob) and the user's password (joebob), you will be able to log into WebGUI.

 


 

Keywords: authentication LDAP

Search | Most Popular | Recent Changes | Wiki Home
© 2018 Plain Black Corporation | All Rights Reserved