LDAP: Difference between revisions
→StartTLS LDAP Encryption
(7 intermediate revisions by the same user not shown) | |||
Line 1:
[[Category:Lab]]
__TOC__
<br />
= Install OpenLDAP Server =
Line 61 ⟶ 62:
*If you use Apache Web Server, it will create a config file:
/etc/apache2/conf-enabled/phpldapadmin.conf
To enable HTTPS, you can obtain and install a free TLS certificate issued from Let’s Encrypt.
Line 70 ⟶ 68:
sudo nano /etc/phpldapadmin/config.php
Since OpenLDAP and phpLDAPadmin are running on the same machine,
$servers->setValue('server','host','127.0.0.1');
Line 296 is commented out by default, which means the standard port 389 will be used
// $servers->setValue('server','port',389);
Line 335 is commented out by default, which means TLS encryption is not enabled
// $servers->setValue('server','tls',false);
$servers->setValue('server','base',array());
By default, anonymous login is enabled, Disable it:
$servers->setValue('login','anon_bind',false);
$config->custom->appearance['hide_template_warning'] = true;
Save and close the file.
= Access WebUI =
*Access web interface at:
http://10.10.10.1/phpldapadmin
Credentials:
cn=admin,dc=testlab,dc=com
Admin password
= Create User =
Source: [https://www.unixmen.com/install-openldap-in-ubuntu-15-10-and-debian-8/ unixmen.com]
Create Objects:
*Create Organizational Unit(OU):
Click on the “+” sign near the line “dc=testavi” and click “Create new entry here” link.
Scroll down and Select “Generic-Organizational Unit”.
Enter the name of the Organizational unit (Ex.sales) and Click “Create Object”.
Finally, click “Commit”.
*Create Group:
Click on the sales OU on the left pane and click on “Create a child entry” link.
In the next window, Select “Generic: Posix Group”.
Enter the name of the group “sales-group” and click Create Object button.
Click Commit to save changes.
*Create User:
Click on the sales-group on the left. Select Create a child entry link button.
In the next window, Select “Generic: User Account”.
Enter the user details such as common name, GID number, last name, Login shell, user password and user id etc.
Then Click “Commit” to save the changes.
Verify with the command:
ldapsearch -x
= StartTLS LDAP Encryption =
{{UC}}
= Testing LDAP server from Ubuntu =
Source: [https://linoxide.com/mail/ldapsearch-command-test-ldap-connection/ linoxide.com],[https://serverfault.com/questions/452935/how-to-test-a-ldap-connection-from-a-client serverfault.com]
Installing LDAP Utilities:
sudo apt-get install ldap-utils
Testing LDAP Server:
<pre>
aman@ubuntu:~$ ldapsearch -x -LLL -h ad.testlab.com -D Aman -w pwd@123 -b"cn=Users,dc=testlab,dc=com" -s sub "(objectClass=user)" givenName
dn: CN=Administrator,CN=Users,DC=testlab,DC=com
dn: CN=Guest,CN=Users,DC=testlab,DC=com
dn: CN=krbtgt,CN=Users,DC=testlab,DC=com
dn: CN=test,CN=Users,DC=testlab,DC=com
givenName: test
dn: CN=Exchange Online-ApplicationAccount,CN=Users,DC=testlab,DC=com
dn: CN=SystemMailbox{1f05a927-7605-455d-8fec-ac7c62c06cd6},CN=Users,DC=testlab
,DC=com
dn: CN=SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c},CN=Users,DC=testlab
,DC=com
dn: CN=SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9},CN=Users,DC=testlab
,DC=com
dn: CN=DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7E09334BB852},CN=Users,
DC=testlab,DC=com
dn: CN=Migration.8f3e7716-2011-43e4-96b1-aba62d229136,CN=Users,DC=testlab,DC=c
om
dn: CN=FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042,CN=Users,DC=testlab
,DC=com
dn: CN=SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9},CN=Users,DC=testlab
,DC=com
dn: CN=Aman,CN=Users,DC=testlab,DC=com
givenName: Aman
dn: CN=test2,CN=Users,DC=testlab,DC=com
givenName: test2
</pre>
<br />
;References
<references/>
<br />
<br />
<br />
{{DISQUS}}
|