Linux Guide/LDAP authentication in Linux

From Wikibooks, open books for an open world
< Linux Guide
Jump to navigation Jump to search

Tested on Fedora Core 4 only


1. Install following RPMs 

  openldap-2.2.23-5.i386.rpm
  openldap-clients-2.2.23-5.i386.rpm
  openldap-servers-2.2.23-5.i386.rpm

2. Configure and Start OpenLDAP 

  Edit file /etc/openldap/slapd.conf and change 3 settings
  1. suffix  "dc=example,dc=com"
  2. rootdn  "cn=manager,dc=example,dc=com"
  3. rootpw  yourrootpassword
  
  To Start OpenLDAP run command  service ldap start

3. Use Migration Script to create ldif files from /etc/passwd and /etc/group

Go to directory /usr/share/openldap/migration

edit migrate_common.ph and change 2 settings 

  1. $DEFAULT_MAIL_DOMAIN = "example.com";
  2. $DEFAULT_BASE = "dc=example,dc=com";

Create 3 ldif files in /root directory with following commands 

  ./migrate_group.pl /etc/group /root/group.ldif
  ./migrate_passwd.pl /etc/passwd /root/passwd.ldif
  ./migrate_base.pl > /root/base.ldif

4. Import ldif files into OpenLDAP 

   ldapadd -cx -D "cn=manager,dc=example,dc=com" -w yourrootpassword -f /root/base.ldif
   ldapadd -cx -D "cn=manager,dc=example,dc=com" -w yourrootpassword -f /root/passwd.ldif
   ldapadd -cx -D "cn=manager,dc=example,dc=com" -w yourrootpassword -f /root/group.ldif

5. Use authconfig to configure Linux for ldap authentication 

   as root, run command authconfig
   on first screen, select Use LDAP  and Use LDAP Authentication
   On Next screen, Type Server: 127.0.0.1 Base DN: dc=example,dc=com

-Swapnil (Friday, December 09, 2005) Email- swapnil_durgade@yahoo.com

Retrieved from "https://en.wikibooks.org/w/index.php?title=Linux_Guide/LDAP_authentication_in_Linux&oldid=1120258"