This page will present the basic requirements for setting up LDAP for testing in WebGUI
If you are using a distribution with a package managerment system, be sure to get the client and the server packages.
As root, edit /etc/openldap/slapd.conf: Set the suffix, rootdn and rootpw lines.
database bdb
suffix "dc=localhost"
checkpoint 1024 15
rootdn "cn=Manager,dc=localhost"
rootpw secret
The rootdn and rootpw are like an LDAP root account, similar to the root user in MySQL. The username of the root account is the cn, Manager, and dc is the domain. You can set it to something more complex, but you'll have have to type more on the command line.
/usr/sbin/slapd
Before you can add user entries, you must add a root node. All command line based LDAP work is done with LDIF files. Below is shown an example LDIF file for the root node, rootNode.ldif
dn: dc=localhost
objectclass: dcObject
objectclass: organization
o: Example Company
dc: localhost
dn: cn=Manager,dc=localhost
objectclass: organizationalRole
cn: Manager
Now, you use ldapadd to send the file to the server and build the data.
ldapadd -x -D "cn=Manager,dc=localhost" -W -f rootNode.ldif -v
When prompted to by ldapadd, type in the rootpw from the config file.
For each user, build a user.ldif file:
dn: cn=joebob,dc=localhost
objectClass: inetOrgPerson
cn: joebob
sn: joebob
userPassword: joebob
and import it just like you did the rootNode.
In WebGUI, become an Admin and turn on admin mode. From the Admin Bar, choose LDAP Connections. Next, Add an LDAP connection. In the form fill out these fields:
Name: Some name that describes the local LDAP connection
LDAP URL: This is the URL to your server. ________________
LDAP Proxy User DN: This is the "username" for the root user of the LDAP server, the rootdn: cn=Manager,dc=localhost
LDAP Proxy Password: This is the rootpw from the slapd.conf file, "secret".
Username Attribute: this is the field to use to build a LDAP username from a WebGUI username. In our case, it would be "cn".
In WebGUI, become an Admin and turn on admin mode. In the Settings, User tab, set Automatic LDAP Registration to Yes. In the Authentication Tab, set Authentication Method to LDAP, and then set the LDAP Connection to the connection you just made.
At this point, if you try to login to WebGUI with the cn from your user (joebob) and the user's password (joebob), you will be able to log into WebGUI.
Keywords: authentication LDAP