OpenLDAP
- PeterF (Deactivated)
Overview
This page provides an overview on how to setup OpenLDAP to work as the authentication mechanism with Noojee Admin.
First read the LDAP Authentication guide for Noojee Admin to setup Noojee Admin to authentication against OpenLDAP.
SLAPD
Ubuntu provides a standard package for OpenLDAP.
The following explains how to install it ready for Noojee Admin
Start by installing the OpenLDAP server:
When prompted for the 'DNS domain name', enter the companies domain name (e.g. noojee.com.au)
When prompted for the 'Organisation name' enter the company name e.g. Noojee Telephony Solutions
sudo apt-get install slapd
Instal the OpenLDAP administration tools
sudo apt-get install ldap-utils
Test if OpenLDAP is running correctly:
sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config
This should output 10-15 entries.
Open LDAP configuration
Now generate a encrypted pasword for the following ldif file.
$ slappasswd
New password:
Re-enter password:
{SSHA}d2BamRTgBuhC6SxC0vFGWol31ki8iq5m
This example shows the output ({SSH}....) of encrypting the password. The output will vary.
Prepare a schema file as for your domain. There is a sample one in WEB-INF/conf. 'noojee.com.au.ldif.example'.
Replace each of the references to the noojee.com.au domain with your own domain. e.g. DC=noojee,DC=com,DC=au
You also need to replace the password in you the ldif file with the encrypted version of the password generated above.
LDAP can only access files under /var/lib/ldap due to apparmor
Add the schema to the LDAP server by running:
sudo mkdir /var/lib/ldap/noojee sudo chown openldap:openldap /var/lib/ldap/noojee sudo ldapadd -Y EXTERNAL -H ldapi:/// -f noojee.com.au.ldif sudo service slapd restart
Your LDAP server is ready to populate.
For testing you can also populate the LDAP directory using the sample populate.ldif by running the following command:
sudo ldapadd -x -W -D 'cn=admin,dc=noojee,dc=com,dc=au' -f populate.ldif