How to install OpenLDAP on Ubuntu 20.04 LTS

How To Install OpenLDAP On Ubuntu 20.04 LTS

On This article we will show you how to install the latest stable of OpenLDAP (version 2.4.55) and phpldapadmin on Linux Ubuntu 20.04 LTS operating system.



Introduction

OpenLDAP is a free, open-source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a lightweight protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services. LDAP is an IETF Standard Track protocol and is specified in “Lightweight Directory Access Protocol (LDAP) Technical Specification Road Map” RFC4510. On this article we will discuss how to install OpenLDAP on Ubuntu 20.04 LTS operating system. We will use OpenLDAP version 2.4.55 which was released on 26 October 2020.

OpenLDAP and phpLDAPadmin Installation On Ubuntu 20.04 LTS

The OpenLDAP installation is quite simple but sometimes it will be annoying too if our environment is not match with OpenLDAP and phpldapadmin requirements. The installation will be consist of several steps as mentioned above :

  1. Prerequisites
  2. Install OpenLDAP
  3. Configure OpenLDAP
  4. Install phpLDAPadmin

Prerequisites

To install OpenLDAP on Ubuntu 20.04 LTS, we need a root or an ordinary account system with sudo privilege. And also PHP 7.4 for phpldapadmin application.

2. Install OpenLDAP

Install OpenLDAP on Ubuntu 20.04 LTS
Install OpenLDAP on Ubuntu 20.04 LTS

Before installation is begin, we have to update our system first, by submitting command line : sudo apt update.

ramansah@ldap:~$ sudo apt update
 Hit:1 http://us.archive.ubuntu.com/ubuntu focal InRelease
 Get:2 http://security.ubuntu.com/ubuntu focal-security InRelease [109 kB]
 Hit:3 http://us.archive.ubuntu.com/ubuntu focal-updates InRelease
 Hit:4 http://us.archive.ubuntu.com/ubuntu focal-backports InRelease
 Get:5 http://security.ubuntu.com/ubuntu focal-security/main i386 Packages [191 kB]
 Get:6 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages [497 kB]
 Get:7 http://security.ubuntu.com/ubuntu focal-security/main amd64 DEP-11 Metadata [24.3 kB]
 Get:8 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages [541 kB]
 Get:9 http://security.ubuntu.com/ubuntu focal-security/universe i386 Packages [426 kB]
 Get:10 http://security.ubuntu.com/ubuntu focal-security/universe amd64 DEP-11 Metadata [57.6 kB]               
 Fetched 1,845 kB in 7s (279 kB/s)                                                                              
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 438 packages can be upgraded. Run 'apt list --upgradable' to see them.
Update Ubuntu 20.04 LTS System
Update Ubuntu 20.04 LTS System

Then we continue to install the OpenLDAP package, by submitting command line : sudo apt -y install slapd ldap-utils.

ramansah@ldap:~$ sudo apt install -y slapd ldap-utils
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 The following additional packages will be installed:
   libldap-2.4-2 libodbc1
 Suggested packages:
   libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal libmyodbc odbc-postgresql tdsodbc unixodbc-bin
 The following NEW packages will be installed:
   ldap-utils libodbc1 slapd
 The following packages will be upgraded:
   libldap-2.4-2
 1 upgraded, 3 newly installed, 0 to remove and 437 not upgraded.
 Need to get 1,708 kB/1,864 kB of archives.
 After this operation, 17.7 MB of additional disk space will be used.
 Get:1 http://us.archive.ubuntu.com/ubuntu focal/main amd64 libodbc1 amd64 2.3.6-0.1build1 [189 kB]
 Get:2 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 slapd amd64 2.4.49+dfsg-2ubuntu1.6 [1,397 kB]
 Get:3 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 ldap-utils amd64 2.4.49+dfsg-2ubuntu1.6 [121 kB]
 Fetched 1,708 kB in 10s (164 kB/s)                                                                             
 Preconfiguring packages …
 (Reading database … 180291 files and directories currently installed.)
 Preparing to unpack …/libldap-2.4-2_2.4.49+dfsg-2ubuntu1.6_amd64.deb …
 Unpacking libldap-2.4-2:amd64 (2.4.49+dfsg-2ubuntu1.6) over (2.4.49+dfsg-2ubuntu1) …
 Selecting previously unselected package libodbc1:amd64.
 Preparing to unpack …/libodbc1_2.3.6-0.1build1_amd64.deb …
 Unpacking libodbc1:amd64 (2.3.6-0.1build1) …
 Selecting previously unselected package slapd.
 Preparing to unpack …/slapd_2.4.49+dfsg-2ubuntu1.6_amd64.deb …
 Unpacking slapd (2.4.49+dfsg-2ubuntu1.6) …
 Selecting previously unselected package ldap-utils.
 Preparing to unpack …/ldap-utils_2.4.49+dfsg-2ubuntu1.6_amd64.deb …
 Unpacking ldap-utils (2.4.49+dfsg-2ubuntu1.6) …
 Setting up libldap-2.4-2:amd64 (2.4.49+dfsg-2ubuntu1.6) …
 Setting up ldap-utils (2.4.49+dfsg-2ubuntu1.6) …
 Setting up libodbc1:amd64 (2.3.6-0.1build1) …
 Setting up slapd (2.4.49+dfsg-2ubuntu1.6) …
   Creating new user openldap… done.
   Creating initial configuration… done.
   Creating LDAP directory… done.
 Processing triggers for ufw (0.36-6) …
 Processing triggers for systemd (245.4-4ubuntu3) …
 Processing triggers for man-db (2.9.1-1) …
 Processing triggers for libc-bin (2.31-0ubuntu9) …
 ramansah@ldap:~$ 
Installing OpenLDAP | sudo apt install -y slapd ldap-utils
Installing OpenLDAP

While the instllation, we will be prompted to enter the Administrartor password. Just supply the password with we have defined. After the installation was completed done, we could verify it by submitting the command line : sudo slapcat, as follow :

ramansah@ldap:~$ sudo slapcat
 dn: dc=ldap,dc=otodiginet,dc=com
 objectClass: top
 objectClass: dcObject
 objectClass: organization
 o: otodiginet.com
 dc: otodiginet
 structuralObjectClass: organization
 entryUUID: b5e3a422-063b-103b-856e-95b2cd3d9800
 creatorsName: cn=admin,dc=otodiginet,dc=com
 createTimestamp: 20210218134822Z
 entryCSN: 20210218134822.535975Z#000000#000#000000
 modifiersName: cn=admin,dc=otodiginet,dc=com
 modifyTimestamp: 20210218134822Z
 dn: cn=admin,cn=admin,dc=otodiginet,dc=com
 objectClass: simpleSecurityObject
 objectClass: organizationalRole
 cn: admin
 description: LDAP administrator
 userPassword:: e1NTSEF9dGdIZmdNSUxSb1luY2MxaGRHSU9OaWxBUlBSYnVwNXU=
 structuralObjectClass: organizationalRole
 entryUUID: b5e3f54e-063b-103b-856f-95b2cd3d9800
 creatorsName: cn=admin,dc=otodiginet,dc=com
 createTimestamp: 20210218134822Z
 entryCSN: 20210218134822.538132Z#000000#000#000000
 modifiersName: cn=admin,dc=ldap,dc=otodiginet,dc=com
 modifyTimestamp: 20210218134822Z

After running script above, we have already OpenLDAP installed on the system. Then we will reconfigure it.

Configure OpenLDAP

To reconfigure our LDAP, we will use the command line : dpkg-reconfigure slapd. By default, the SLAPD installer did not allow us to change the domain information settings. It just auto-populates the DIT with sample data based on our server domain name. On this section below we will reconfigure our OpenLDAP.

ramansah@ldap:~$ sudo dpkg-reconfigure slapd
 [sudo] password for ramansah: 
   Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.49+dfsg-2ubuntu1.6… done.
   Moving old database directory to /var/backups:
 directory unknown… done.
 Creating initial configuration… done.
 Creating LDAP directory… done. 

While the dpkg-reconfigure slapd is running we will be prompted the domain information settings, then we have to fill the informations setting which were asked.

Install and Configure phpLDAPadmin

After all the stages were passed, and no problems were encountered, the SLAPD reconfiguration was completed successfully. We will verify it by submitting command line : sudo systemctl status slapd.

ramansah@ldap:~$ sudo systemctl status slapd
 ● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
      Loaded: loaded (/etc/init.d/slapd; generated)
     Drop-In: /usr/lib/systemd/system/slapd.service.d
              └─slapd-remain-after-exit.conf
      Active: active (running) since Thu 2021-02-18 05:48:23 PST; 52s ago
        Docs: man:systemd-sysv-generator(8)
     Process: 2954 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
       Tasks: 3 (limit: 9451)
      Memory: 4.7M
      CGroup: /system.slice/slapd.service
              └─2961 /usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd>
SLapd service
SLapd service

We will test the OpenLDAP instance by running the following command:

ramansah@ldap:~$ ldapwhoami -H ldap:// -x
 anonymous

Install phpLDAPadmin

To simplify the management and settings of LDAP in our place, reliable tools are needed to meet these needs. phpLDAPadmin is a good tool which is suitable for these requirement. On this section we will show you how to install phpLDAPadmin on Ubuntu 20.0t LTS.

The installation is quite easy, by submitting command line : sudo apt install phpldapadmin from the console. The phpLDAPadmin requires Apache2 web server running on our system and PHP 7.4 installed. As a note for phpLDAPadmin installation, I have tried to use PHP version 8.0 and PHP version 7.2, and the installation got stuck. It is better if we are using PHP version 7.4.

ramansah@ldap:~$ sudo apt install phpldapadmin
 Reading package lists… Done
 Building dependency tree       
 Reading state information… Done
 The following additional packages will be installed:
   php-ldap php7.4-ldap
 The following NEW packages will be installed:
   php-ldap php7.4-ldap phpldapadmin
 0 upgraded, 3 newly installed, 0 to remove and 437 not upgraded.
 Need to get 751 kB of archives.
 After this operation, 4,830 kB of additional disk space will be used.
 Do you want to continue? [Y/n] Y
 Get:1 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 php7.4-ldap amd64 7.4.3-4ubuntu2.4 [29.7 kB]
 Get:2 http://us.archive.ubuntu.com/ubuntu focal/main amd64 php-ldap all 2:7.4+75 [2,004 B]
 Get:3 http://us.archive.ubuntu.com/ubuntu focal/universe amd64 phpldapadmin all 1.2.2-6.3 [719 kB]
 Fetched 751 kB in 5s (140 kB/s)       
 Preconfiguring packages …
 Selecting previously unselected package php7.4-ldap.
 (Reading database … 181767 files and directories currently installed.)
 Preparing to unpack …/php7.4-ldap_7.4.3-4ubuntu2.4_amd64.deb …
 Unpacking php7.4-ldap (7.4.3-4ubuntu2.4) …
 Selecting previously unselected package php-ldap.
 Preparing to unpack …/php-ldap_2%3a7.4+75_all.deb …
 Unpacking php-ldap (2:7.4+75) …
 Selecting previously unselected package phpldapadmin.
 Preparing to unpack …/phpldapadmin_1.2.2-6.3_all.deb …
 Unpacking phpldapadmin (1.2.2-6.3) …
 Setting up php7.4-ldap (7.4.3-4ubuntu2.4) …
 Creating config file /etc/php/7.4/mods-available/ldap.ini with new version
 Setting up phpldapadmin (1.2.2-6.3) …
 Creating config file /etc/phpldapadmin/config.php with new version
 apache2_invoke: Enable configuration phpldapadmin.conf
 Setting up php-ldap (2:7.4+75) …
 Processing triggers for php7.4-fpm (7.4.3-4ubuntu2.4) …
 NOTICE: Not enabling PHP 7.4 FPM by default.
 NOTICE: To enable PHP 7.4 FPM in Apache2 do:
 NOTICE: a2enmod proxy_fcgi setenvif
 NOTICE: a2enconf php7.4-fpm
 NOTICE: You are seeing this message because you have apache2 package installed.
 Processing triggers for libapache2-mod-php7.4 (7.4.3-4ubuntu2.4) …
 Processing triggers for php7.4-cli (7.4.3-4ubuntu2.4) …

The main setting to be edited is located on /etc/phpldapadmin/config.php file. We had edited the parameters as suitbale wit our system.

$servers = new Datastore();
 /* $servers->NewServer('ldap_pla') must be called before each new LDAP server
    declaration. */
 $servers->newServer('ldap_pla');
 /* A convenient name that will appear in the tree viewer and throughout
    phpLDAPadmin to identify this LDAP server to users. */
 $servers->setValue('server','name','LDAP Otodiginet Server');
 /* Examples:
    'ldap.example.com',
    'ldaps://ldap.example.com/',
    'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
            (Unix socket at /usr/local/var/run/ldap) */
 $servers->setValue('server','host','127.0.0.1');
 /* The port your LDAP server listens on (no quotes). 389 is standard. */
 // $servers->setValue('server','port',389);
 /* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
    auto-detect it for you. */
 $servers->setValue('server','base',array('dc=ldap,dc=otodiginet,dc=com'));

After all setting are commited, then we will access it via web browser, which was located on http://ipaddress_or_hostname/phpldapadmin. On our example here, we have used http://ldap.otodiginet.com/phpldapdmin.

phpLDAPadmin
phpLDAPadmin dashboard
Login to OpenLDAP
Login to OpenLDAP
OpenLDAP web portal
phpLDAPadmin

Conclusion

On this article we have shown you how to install OpenLDAP on Ubuntu 20.04 LTS successfully. For more detail about OpenLDAP application, can be found in openldap.org.

Share this article via :

Leave a Reply

Your email address will not be published. Required fields are marked *