Step 1: Install OpenLDAP
Install OpenLDAP and LDAP utilities:
apt -y install slapd ldap-utilsStep 2: Configure LDAP
Export LDAP database configuration:
slapcat > ldap_conf.ldifCreate a directory to store LDAP configuration files:
mkdir ldap_conf
cd ldap_confCreate a base DN file (basedn.ldif) with organizational units:
nano basedn.ldifdn: ou=people,dc=domain,dc=com
objectClass: organizationalUnit
ou: people
dn: ou=groups,dc=domain,dc=com
objectClass: organizationalUnit
ou: groupsStep 3: Add User to LDAP
Create an LDIF file (username.ldif) to add a user:
nano username.ldifdn: uid=username,ou=people,dc=domain,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: userFirstName userLaststName
givenName: userFirstName
sn: userLaststName
mail: userFirstName.userLaststName@domain.com
userPassword: {SSHA}genEratedencRyptedp@ssw0rd
loginShell: /bin/bash
homeDirectory: /home/username
uidNumber: 3010
gidNumber: 3010Add the base DN and user to LDAP:
ldapadd -x -D cn=admin,dc=domain,dc=com -W -f basedn.ldif
ldapadd -x -D cn=admin,dc=domain,dc=com -W -f username.ldifStep 4: Configure Authentication in Applications
Configure LDAP authentication in the application’s settings, providing the LDAP server address (localhost), base DN (dc=domain,dc=com), and bind DN (cn=admin,dc=domain,dc=com). Adjust these settings according to your LDAP configuration.
Step 5: Test LDAP Authentication
Test LDAP authentication by logging in with the LDAP user credentials.
Summary
You have successfully set up LDAP authentication for your application. LDAP provides centralized authentication and authorization services, allowing users to log in with a single set of credentials across multiple applications and services. Ensure that your LDAP server is properly secured and maintained to protect user data and credentials.