How to Install OpenLDAP server

In this blog post, I would like to share how OpenLDAP can be installed.

Step 1. Download latest openldap version from here

You can use wget.

>wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz

Step 2. Extract and Run configure

>tar -zxvf db-4.8.30.NC.tar.gz
> ./configure --enable-ppolicy –with-tls=openssl

You can also just run the ./configure command. But in above, It is asked to enable password policy overlay and install with TLS. Therefore other options are available and you can see them by ./configure -help.
Step 3. (Optional). If you see following error when running the configuration. It means that you have not install the Berkeley DB.

configure: error: BDB/HDB: BerkeleyDB not available

Therefore you need to install it first. In the installation doc of openldap and README file, It is said that Berkeley DB is required for slapd.

In ubunutu, you can install using following command

>sudo apt-get install libdb4.8-dev

Step 4. After you run the configuration, you need to build using following command

>make depend
>make
>make test
>make install

“make test” is optional but it is better to run it.

Step 5. Configure slapd.conf   (In ubuntu file can be found in  /usr/local/etc/openldap/slapd.conf)

I just change the root DN in the slapd.conf as i wanted.

suffix "dc=soasecurity,dc=org"
rootdn "cn=asela,dc=soasecurity,dc=org"

Default password of the rootdn is set to “secret“, you can change it as well.

Step 6. Start and Stop Server.
Start using following command

>/usr/local/libexec/slapd

To stop, you can find the pid and kill it.

>cat /usr/local/var/run/slapd.pid
>sudo kill -9 {pid}

Step 7. Create root DN entry and some entries.

Create my initial LDIF file as following which is soasecurity.ldif

dn: dc=soasecurity,dc=org
objectclass: dcObject
objectclass: organization
o: soasecurity.org 
dc: soasecurity
dn: ou=Users,dc=soasecurity,dc=org
objectClass: organizationalUnit
ou: Users
dn: ou=Groups,dc=soasecurity,dc=org
objectClass: organizationalUnit
ou: Groups

Then it is added in to the openldap using  ldapadd command.

>ldapadd -x -D "cn=asela,dc=soasecurity,dc=org" -W -f soasecurity.ldif

Also, you can create some user and add it.  LDIF file is following.

dn: cn=john,ou=Users,dc=soasecurity,dc=org
objectClass: person
sn: doe
cn: john
userPassword: johnldap

 

Step 8. Query and Search

>ldapsearch -H ldap://localhost:389 -x -D "cn=asela,dc=soasecurity,dc=org" -W -b "dc=soasecurity,dc=org"

Thanks for reading..