389DS LDAP:
The enterprise-class Open Source LDAP server for Linux. LDAP is a protocol for representing objects in a network database. Commonly LDAP servers are used to store identities, groups and organization data.
Installation
You can install 389ds on Ubuntu with the below command
sudo apt-get install 389-ds
Server Configuration
Create a 389ds_ldap.inf file which we will be using to create LDAP server
# ldap.inf
[general]
config_version = 2
[slapd]
self_sign_cert = False
instance_name = 389ds_ldap
port = 389
# root_dn (str)
# Description: Sets the Distinquished Name (DN) of the administrator account for this instance.
# Default value: cn=Directory Manager
root_dn = cn=Manager
# root_password (str)
# Description: Sets the password of the account specified in the "root_dn" parameter. You can either set this parameter
# to a plain text password dscreate hashes during the installation or to a "{algorithm}hash" string generated by the pwdhash utility.
# Note that setting a plain text password can be a security risk if unprivileged users can read this INF file!
# Default value: Directory_Manager_Password
root_password = #389ds_ldap
[backend-userroot]
sample_entries = yes
suffix = dc=openstack,dc=org
Use dscreate command to create the ldap server
sudo dscreate -v from-file 389ds_ldap.inf
User Creation
Initially we have to create a organization unit. You can create ou by adding this 389ds_ou.ldif
dn: ou=people,dc=openstack,dc=org
dc: people
objectClass: dcObject
objectClass: organizationalUnit
ou: people
Use below command for adding ou to this ldap database
ldapadd -x -h localhost -p 389 -w "#389ds_ldap" -D "cn=Manager" -f 389ds_ou.ldif
Create users for 389DS LDAP server. Initially we have to create 389ds_user1.ldif
dn: uid=389ds_user1,ou=people,dc=openstack,dc=org
uid: 389ds_user1
objectClass: top
objectClass: nsPerson
objectClass: nsAccount
objectClass: nsOrgPerson
objectClass: posixAccount
#objectClass: openstackEntry
uidNumber: 2000
gidNumber: 1500
displayName: 389ds_user1
homeDirectory: /home/389ds_user1
cn: 389ds_user1
userPassword: 389ds_user_pwd
Add user with following command
ldapadd -x -h localhost -p 389 -w "#389ds_ldap" -D "cn=Manager" -f 389ds_user.ldif
You can check with ldapsearch command of the user is added to the database or not
ldapsearch -x -h localhost -p 389 -w "#389ds_ldap" -b "dc=openstack,dc=org"