LDAP .
LDAP stands for Lightweight
Directory Access Protocol.
Reference.
Google is the best reference for any kind of
problem & also for LDAP :)
LDAP
Installation.
when you are going to
install ldap in your are syetm than you must have extra
packages
installed for ldap.
For
Example. Apache2 , PHP5
Apache
Installation.
apt-get
install apache2
For
server-side, HTML-embedded scripting languag supports u have to install libapache2-mod-php5 & also apache2-utils
it's a utility programs for webservers.
PHP
Installation
apt-get
install php5
and
php5-common for Common files for
packages built from the php and php5-ldap
it's LDAP module for php5.
After
Installion of apache2 and php5 u have to check them either both r working or
not.
Apache
testing.
on the
webbrowser type http://localhost
It will
return u a index.html page but if it's did't it mean there is some problem in
ur apache2.
Php
testing.
you have
to make a php file for cheching php kit it's working or not
Make a
php file name test.php
#] vi
/var/www/test.php
write
some php code or this code is batter for testing
<?php phpinfo(); ?>
Now type
this on webbrowser http://localhost/test.php
phpinfo
method will return u a complete informationa about php thats installed in ur
system.
LDAP
Installation
apt-get
install slapd it's a OpenLDAP server (slapd).
After
installation there is two most important and editable files
/etc/ldap/slapd.con (for server configuration)
/etc/ldap/ldap.con (for client configuration)
when u r
going to edit slapd.conf than first make backup for that file.Now you have to
change little bit in the configuration file opn it in vi or any other editor.
vi
/etc/ldap/slapd.conf
Add
suffix it's base of your directory in database
suffix
"dc=imtiaz,dc=emergen,dc=org"
also u
have to change and add some attributes.
access to
attrs=userPassword
by
dn="cn=admin,dc=imtiaz,dc=emergen,dc=org" write
by anonymous auth
by self write
by * none
The
userPassword by default can be changed
by the entry owning it if they are authenticated.
Others
should not be able to see it, except the admin entry below.a These access lines
apply to database #1 only
or if u
feel difficult to edit this file or u don't want to to that than u can
configure with the
help of
command
dpkg-reconfigure
slapd
Add the
suffic(i.e. dc=imtiaz,dc=emergen,dc=org) and company name (i.e. Emergen
Consulting) and ldap root password. If u select all the option defalut than
batter or i u want to set according to ur requirement than u can read and make
changes :)
If u wana
know about ldap is working or not thats u can check with the builtin command
called
slapdtest
There is a lot of commads they can help u to know about ldap.
Now its time to install phpldapadmin its' web based interface for
administering LDAP servers
u can install with the help of
apt-get install phpldapadmin
else if u have a .gz file
also u can extract that.
when u complete ur installation or extrection than there is one
configuration file called config.php its available in
../phpldapadmin/config/config.php edit that file.
vi ../phpldapadmin/config/config.php
Before > $ldapservers->SetValue($i,'server','name','My LDAP
Server');
After <
$ldapservers->SetValue($i,'server','name','Imtiaz Directory Service');
Before > //
$ldapservers->SetValue($i,'server','host','127.0.0.1');
After <
$ldapservers->SetValue($i,'server','host','localhost');
Bwfore > // $ldapservers->SetValue($i,'server','port','389');
After <
$ldapservers->SetValue($i,'server','port','389');
Before > //
$ldapservers->SetValue($i,'server','base',array(''));
After <
$ldapservers->SetValue($i,'server','base',array('dc=imtiaz,dc=emergen,dc=org'));
Before > //
$ldapservers->SetValue($i,'server','auth_type','cookie');
After <
$ldapservers->SetValue($i,'server','auth_type','session');
Before >#
$ldapservers->SetValue($i,'login','dn','cn=Manager,dc=example,dc=com');
After < $ldapservers->SetValue($i,'login','dn','cn=admin,dc=imtiaz,dc=emergen,dc=org');
Before >
$ldapservers->SetValue($i,'login','pass','secret');
After <
$ldapservers->SetValue($i,'login','pass','emergen');
After change this now it's time to run the phpldapadmin
type this on the web browser
u'll see a phpldapadmin login page on the web browser than login
& use who ever u want to use and create what ever u what to create :)
Login DN : cn=admin,dc=imtiaz.dc=emergen,dc=org
[cn,dc that's u added in
phpldapadmin config.php file]
Password : emergen
[what ever password u was given on phpldapadmin config file.]
Note:- if
ur ladp is not aceepting the login dn or password than it's batter to run
dpkg-reconfigure
slapd.
When u
finished to create groups & also
users than now it's time to check them either they r
completely
created and u can use them, u can check that with the help of ssh but befor
that u have to installed some more packages and also u have to make changes in
some configuration files.
Now
install
apt-get
install libnss-ldap
apt-get
installl libpam-ldap
After
installation u have to make changes in file
vi /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
vi
/etc/pam.d/common-account
account
sufficient pam_unix.so
account
sufficient pam_ldap.so
vi
/etc/pam.d/common-auth
auth sufficient pam_unix.so nullok_secure
auth sufficient pam_ldap.so use_first_pass
vi
/etc/pam.d/common-password
password
sufficient pam_unix.so nullok obscure min=4 max=8 md5
password
sufficient pam_ldap.so use_first_pass debug
vi
/etc/pam.d/common-session
session
required pam_unix.so
session
optional pam_foreground.so
session
sufficient pam_ldap.so
After
editing all these files try to make ssh with ur added user.
if u want
to check ur added user's than u can check with
#] getent
passwd
It'll
show u all the ldap added user's.
#] ssh ishah@localhost
if ur
successful login than ur ldap is working fine
:)
No comments:
Post a Comment