OpenLDAP, an acronym for Open Lightweight Directory Access Protocol, is a highly efficient, command-line-based tool designed for IT administrators. It enables the creation and management of an LDAP directory, which is essentially a specialized database that excels in read, browse, and search operations

Before embarking on the installation journey, ensure that you have the following:

• A server running Fedora 39.
• A fresh OS installation is recommended to avoid potential conflict scenarios.
• Access to terminal for command execution. Fedora 39 provides the Terminal application, easily accessible from your Applications menu.
• Network connectivity for downloading OpenLDAP packages.
• A non-root sudo user or access to the root user. It’s safer to operate as a non-root sudo user to avoid inadvertent system damage.

The Installation Process

Step 1: System Update

Start by updating your system packages. This is crucial to keep your software and libraries up-to-date, thereby mitigating compatibility issues. Open the terminal and execute the following commands:

sudo dnf clean all
sudo dnf update
sudo dnf install httpd php gcc glibc gd gd-devel wget tar make

Step 2: OpenLDAP Installation

To install the OpenLDAP package, use the following command:

sudo dnf install openldap-servers openldap-clients

Once the installation completes, start the OpenLDAP service using:

sudo systemctl start slapd

To ensure that the OpenLDAP service starts automatically at boot, enable it using:

sudo systemctl enable slapd

Step 3: Server Configuration

After successful installation, the next step is to configure OpenLDAP, which includes setting up the root password, editing the configuration file, and creating test users.

To set the root password, use the slappasswd command:

slappasswd

Enter your desired password when prompted. This command generates a hashed password. Note this down for subsequent usage.

Next, open the main configuration file:

sudo nano /etc/openldap/slapd.d/cn=config.ldif

Locate the line starting with olcRootPW and replace its value with the hashed password generated earlier.

To create test users, an LDIF file is necessary. An LDIF (LDAP Data Interchange Format) file is a plain-text format for LDAP entries. For instance, to create a user named ” Shapehost “, follow the template below:

dn: uid=Shapehost,ou=users,dc=example,dc=com
objectClass: top
objectClass: account
objectClass: Account
objectClass: Account
cn: Shapehost
uid: Shapehost
uidNumber:10000
gidNumber:10000
homeDirectory:/home/Shapehost
userPassword:{CLEARTEXT}password
loginShell:/bin/bash
gecos: Test User

Save this content as Shapehost.ldif and add it to the LDAP directory using the ldapadd command:

ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f Shapehost.ldif

Step 4: Client Configuration

Following server setup, the next task is to configure the LDAP client. It involves installing the necessary packages and editing the LDAP configuration file.

Install the required packages using:

sudo dnf install nss-pam-ldapd

Next, open the LDAP configuration file:

sudo nano /etc/nslcd.conf

Modify the file to match your LDAP server settings as shown below:

uid nslcd
gid ldap
uri ldap://localhost/
base dc=example,dc=com

If you are looking for reliable, efficient, and secure cloud hosting solutions for your VPS requirements, check out Shape.host’s Linux SSD VPS services. With a wide range of scalable solutions and dependable expert support, Shape.host can empower your business to reach new heights.

Christian Wells