sysadmin

Manage an OpenLDAP based directory

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. LAM was designed to make LDAP management as easy as possible for the user. It abstracts from the technical details of LDAP and allows persons without technical background to manage LDAP entries. If needed, power users may still directly edit LDAP entries via the integrated LDAP browser.

Install LAM

Configure LAM

Once installed, you can access the gui manager on

Missing php extensions

In case you run onto the errors below:

install the missing php extensions:

Update LAM settings

Connect to LAM, then go to LAM Configuration then Edit server profiles

the default password for LAM is lam. Do not forget to change it.

Under General Settings

Update Tree suffix with the values you put when installing slapd:

Under Security Settings

Change:

to:

Connect under admin user

LAM can create the suffixes you defined. Click create.

Create a group

Under Groups, clickNew Group :

Save the group information.

Create users Under Users, click New User :

You can visualize the structure of your directory by clicking Tree view:

sysadmin

Setup OpenLDAP on Debian Stretch

OpenLDAP is an Open Source LDAP implementation available for most platforms and Linux distributions. Its main component are:

  • slapd- stand-alone LDAP daemon (server)
  • libraries implementing the LDAP protocol, and
  • utilities, tools, and sample clients.

Install slapd

Start by making sure your distro is up-to-date:

then install slapd and ldap-utils:

During the installation, you will need to give a password for the administration account:

Configure slapd

In order to configure slapd you need to run:

On the first screen, select No:

Next, you will need to give the domain name you wish to use within the LDAP directory.

this will create a directory as follows:

  • Give the organization name (here codeplumbers) then you will be prompted for the admin password again. Type the password you setup earlier.
  • Select the database format that will be used internally by slapd. I selected the default: MDB.

Finally, select wether you want the local database to be kept or delereed when slapd is uninstalled. I selected no. Slapd is now installed.

Test the installation

To verify your installation you can use the following command:

output:

(the database is either empty or you need to use ldapsearch with authentication)