Web Services

Install and Configure Open LDAP on Ubuntu

calendar October 02, 2015
blog-banner

OpenLDAP is an open source implementation of the L ightweight D irectory A ccess P rotocol which is used to access centrally stored information over a network . LDAP Server is mainly used as address book and authentication backend for various services.

This setup is carried out for Open LDAP 2.4.40 on Ubuntu 14.04, using Oracle JDK 7.

Prerequisite : Basic understanding of Open LDAP terms/terminology is required to understand this blog.

Steps to Setup Open LDAP

1. Download Open LDAP version 2.4.40 from its official website by following command :

  • wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz

2. Unzip downloaded file

  • tar zxf openldap-2.4.40.tgz

3. Configure Open LDAP

  • Now Navigate to your unzipped openldap directory by executing “cd openldap” and then Run “ ./configure”
  • command in terminal. Most probably you will get an error as “configure: error : BDB/HDB: BerkeleyDB not available”.
  • To fix this we need to install BerkeleyDB. To install Berkeley DB follow command below:
  • sudo apt-get install libdb-dev

4. Re-run ./configure command after successful installation of Berkeley DB as follows :

  • ./configure
  • Then execute command as follows:
    1. make depend
    2. make

5. Now install software by following command :

  • sudo make install

6. Create Directory for your base dn which will be used to keep BDB files and indices for your domain.

  • sudo mkdir /usr/local/var/openldap-data/your-domain.com

7. OpenLDAP with a BDB backend requires a DB_CONFIG file for configuration and tuning of database. This file exists in /usr/local/etc/openldap/DB_CONFIG.example. Copy this file to your base directory and rename it as DB_CONFIG as follows.

  • sudo cp /usr/local/etc/openldap/DB_CONFIG.example /usr/local/var/openldap-data/your-domain.com/
  • sudo mv /usr/local/var/openldap-data/your-domain.com/DB_CONFIG.example /usr/local/var/openldap-data/
  • your-domain.com/DB_CONFIG

NOTE: You can also change configuration of DB_CONFIG file for optimum performance and tuning of database. In our set up, we have kept default configuration in DB_CONFIG file.

8. Execute “sudo nano /usr/local/etc/openldap/slapd.conf” and Edit slapd.conf file to specify connection information of your LDAP as follows :

# Specify your LDAP connection information here suffix "dc=your-domain,dc=com" rootdn "cn=Manager,dc=your-domain,dc=com" rootpw secret

Then change following line to specify the base directory of your LDAP where the BDB files containing the database and associated indices live. In our setup, our base directory is /usr/local/var/openldap-data/your-domain.comdirectory /usr/local/var/openldap-data/your-domain.com

9. Start LDAP

  • Goto /usr/local/libexec directory, and execute following
    1. sudo ./slapd

10. heck slapd is running or not by following command:

  • ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

This command should return your base dn as follows:

  • dn : namingContexts: dc=your-domain,dc=com

11. Open slapd.conf file by executing “sudo nano /usr/local/etc/openldap/slapd.conf” and add following lines in it to add required schema in LDAP :

  • include  /usr/local/etc/openldap/schema/cosine.schema
  • include   /usr/local/etc/openldap/schema/inetorgperson.schema

12. Then Restart slapd as follows:

  • To stop LDAP use following command:
    • sudo kill -INT `cat /usr/local/var/run/slapd.pid`
  • Then to start LDAP, Goto /usr/local/libexec directory, and execute following
    • sudo ./slapd

13. Now you are able to create Entries in LDAP from Apache Directory Studio.

  • Open Apache directory studio and click on new connection. Enter Hostname=<your-host-name>, port = 389 & click Next.
  • Enter Bind DN or user and Bind password as per your configuration in slapd.conf. file.
  • In our example, it is cn=Manager,dc= your-domain.com,dc=com and secret respectively.
  • Click on Finish.

Add Slapd as System Service

  • If LDAP is installed by util commands then init script for slapd is automatically created at time of installation. But if you have installed slapd by downloading zip file, then you have to to add slapd as system service manually.
  • To Manually add slapd as system service do as follows:

1. First create slapd service file as follows:

  • sudo touch /etc/init.d/slapd
  • cd /etc/init.d
  • sudo nano slapd

2. Download slapd service file attached at the end of this post. Copy contents of that file and paste it in your service file.

3. Open slapd service file and check if following paths are properly set or not for your LDAP.

  • SLAPD=/usr/local/libexec/slapd
  • SLAPD_CONF=/usr/local/etc/openldap/slapd.conf

4. Now give necessary permission to service file as follows:

  • sudo chmod +x /etc/init.d/slapd

5. Configure the service in init levels as follows:

  • sudo ln -s /etc/init.d/slapd /etc/rc3.d/S90slapd
  • sudo ln -s /etc/init.d/slapd /etc/rc4.d/S90slapd
  • sudo ln -s /etc/init.d/slapd /etc/rc5.d/S90slapd
  • sudo ln -s /etc/init.d/slapd /etc/rc0.d/K10slapd
  • sudo ln -s /etc/init.d/slapd /etc/rc6.d/K10slapd

6. To enable System Startup links run following command:

  • sudo update-rc.d slapd defaults

7. Restart slapd as follows:

  • sudo service slapd restart

8. Now LDAP is setup as your system service, so use following commands to start and stop and restart LDAP Server.

  • sudo service slapd start
  • sudo service slapd stop
  • sudo service slapd restart

Enable Separate Logging for Open LDAP

1. Execute “sudo nano /etc/rsyslog.d/50-default.conf” and edit following line as follows to enable Open LDAP logging.:

*.*;auth,authpriv,local4.none -/var/log/syslog

Add following line there to enable generation of Open LDAP logs in separate file: local4.* -/var/log/openldap/openldap

2. Create configuration file to manage Open LDAP log rotation by executing “sudo touch /etc/logrotate.d/openldap" and add following configuration in it . You can change this configuration as per your requirements :

/var/log/openldap/openldap

{

# Add extension of date with name of log file

dateext

# Specify format of date appended with name of the log file

dateformat -%Y-%m-%d.log

# Keep 365 days worth of backlogs

rotate 365

# Rotate log files daily

daily

# If the log file is missing, go on to the next one without issuing an error message.

missingok

# Postpone compression of the previous log file until next rotation of logs. This only works when used in combination with

# compress

delaycompress

# Compress old log files

compress

# Lines between postrotate and endscript are executed after the log file is  rotated. Following line stands for gracefully restart 

# of rsyslog service after log rotation.

postrotate

invoke-rc.d rsyslog reload > /dev/null

endscript

}

3. Open /etc/logrotate.conf file and uncomment following line to enable compression of all log files generated by rsyslog service :

  • compress

4. Then restart "rsyslog" and "slapd" service with following commands respectively :

  • sudo service rsyslog restart
  • sudo service slapd restart

Congratulations !! Now you have successfully configured OpenLDAP on Ubuntu.

Download slapd service file from below link :

slapd

Contact us

For Your Business Requirements

Text to Identify Refresh CAPTCHA

Related Blogs

calendar October 11, 2016
How to Access PrestaShop Web Services

Prestashop allows access to shop’s database for external applications through web services in form of a CRUD API. You can access web services of prestashop using webservice key, prestashop allow you to create multiple web service key with different prestashop resource access permission. Generate Prestashop Webservice key Go into your Prestashop Back Office and click on the ADVANCED PARAMETERS ? Webservice Click on Add new webservice key Click the Generate button to generate web service...

views 829 views
related-blog
calendar March 14, 2023
What is an Enterprise Portal and How Digital Transformation can be Achieved Through It

If you’re just beginning to consider implementing enterprise portals in your business, your first question is likely how an enterprise portal can benefit your business. Well, for over 20 years, businesses have claimed to benefit from an enterprise portal to streamline operations and improve collaboration. Fortune 500 organizations to small companies in a neighborhood use enterprise portals. You might wonder- why? So, what do you think- What is an enterprise portal, and do you think it can...

views 743 views
related-blog
calendar May 27, 2022
The 5 Best CSS Frameworks For Front-End Developers In 2022

CSS frameworks have become an essential part of any web developer's toolkit. Whether you are looking to build a website or app from scratch or update it with new styles, they can make life much easier. Plus, they are really easy to use and implement. With such a wide variety of CSS frameworks on the market, it can be tough to determine which one offers the best features for your needs. We've narrowed down the search and put together this list of our favorites—in no particular order—that will...

views 1150 views
related-blog
Background Image Close Button

2 - 4 October 2024

Hall: 10, Booth: #B8 Brussels, Belgium

Learn More Schedule A Meeting

More Question?

Let’s Talk
TUV ISO 9001
Clutch
clutch
liferay
odoo
Our Presence
USA usa-flag

1968 S. Coast Hwy, Suite 523, Laguna Beach, CA 92651

+1 408 914 2737
INDIA india-flag

201, 3rd Eye II, Nr. Panchvati Circle, CG Road, Ahmedabad

+91 7574805354
email[email protected]
Quick Links
  • linkedin
  • facebook
  • twitter
  • instagram
  • youtube

© 2025 SurekhaTechnologies. All rights reserved.