Difference between revisions of "Install and configure OpenLDAP"
| Line 35: | Line 35: | ||
* Base DN (optionnel): keep empty of set dc=yourdomain,dc=com | * Base DN (optionnel): keep empty of set dc=yourdomain,dc=com | ||
| − | = | + | = Create your LDAP tree = |
| − | + | Next step is to define information to store into your LDAP. | |
| − | + | Create a file init.ldif with your organization. For example: | |
<source lang="ini"> | <source lang="ini"> | ||
# Organization | # Organization | ||
| Line 59: | Line 59: | ||
</source> | </source> | ||
| − | + | Execute file using the LDAP admin user: | |
<source lang="bash"> | <source lang="bash"> | ||
ldapadd -f init.ldif -D "cn=Manager,dc=mydomain,dc=com" -w secret | ldapadd -f init.ldif -D "cn=Manager,dc=mydomain,dc=com" -w secret | ||
| + | or | ||
| + | ldapadd -f init.ldif -D "cn=admin,dc=mydomain,dc=com" -w secret | ||
</source> | </source> | ||
Revision as of 12:09, 24 October 2012
|
|
Page waiting for translation. To translate, create an account, go back and clic on "Modify".
Page en attente de traduction. Pour traduire, créez un compte, revenez et cliquez sur "Modifier".
Página a traducir. Para traducirla, cree una cuenta, vuelva a la página y haga clic en "editar".
Pagina da tradurre. Per tradurla, crea un utente, torna indietro e clicca su "modifica".
Seite wartet auf Übersetzung. Um Übersetzung zu erstellen, richte einen Account ein, geh zurück und klicke auf "bearbeiten".
页面等待翻译。若要翻译本页,先创建一个帐户、登录并返回本页后单击“编辑”。Ce chapitre ne concerne pas Dolibarr. Il contient un exemple d'instructions pour installer un annuaire LDAP qui pourra éventuellement être interfacé avec Dolibarr.
Install LDAP server
- With Ubuntu or Debian, install package slapd and ldap.
- With Windows, you can use the install program of OpenLDAP.
Once this is done, you have an empty LDAP server launched as a service.
Setup server
For Ubuntu, see page http://doc.ubuntu-fr.org/openldap-server
Otherwise the DN root, user and password to connect are available into file slapd.conf. Port may also be into this file, if not, it is default port value: 389.
Stop the service
Modify file slapd.conf to use your domain name (replace all dc=my-domain,dc=com by value of your choice).
Modify file slapd.conf also to add includes of schemas you will need to declare your LDAP objects.
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/nis.schema
Restart the service.
Test server
With a LDAP browser like JXplorer, you can try to connect to your LDAP server using the admin LDAP user. Credentials by default are:
- Server: Localhost
- Port: 389
- User: cn=admin,dc=example,dc=com or cn=Manager,dc=example,dc=com
- Password: secret
- Base DN (optionnel): keep empty of set dc=yourdomain,dc=com
Create your LDAP tree
Next step is to define information to store into your LDAP.
Create a file init.ldif with your organization. For example:
# Organization
dn: dc=mydomain,dc=com
objectclass: dcObject
objectclass: organization
dc: mydomain
o: Description of annuary
description: The description of annuary
# Setting up container for Users OU
dn: ou=People,dc=mydomain,dc=com
objectclass: top
objectclass: organizationalUnit
ou: People
# Setting up container for groups
dn: ou=Groups,dc=mydomain,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Groups
Execute file using the LDAP admin user:
ldapadd -f init.ldif -D "cn=Manager,dc=mydomain,dc=com" -w secret
or
ldapadd -f init.ldif -D "cn=admin,dc=mydomain,dc=com" -w secret