Installing and Configuring OpenLDAP on Linux
This guide walks through installing OpenLDAP packages, loading schema files, configuring domain settings, enabling the memberof and refint modules, and installing phpLDAPadmin on a Linux server, providing all necessary commands and LDIF examples.
[root@slave1 bin]# yum -y install openldap openldap-clients openldap-servers
[root@slave1 bin]# chown -R ldap. /var/lib/ldap/DB_CONFIG
[root@slave1 bin]# systemctl start slapd
[root@slave1 bin]# systemctl enable slapd
[root@slave1 bin]# systemctl status slapd
[root@slave1 ~]# more pwdchange.ldif
dn: olcDatabase={0}config,cn=config changetype: modify add: olcRootPW olcRootPW: {SSHA}j5ipRNJU0Rej5xdw/SsnUZUjW/Jy3bQx
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f pwdchange.ldif
2. Import basic schema files
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/collective.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/corba.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/duaconf.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/dyngroup.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/java.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/misc.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/openldap.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/pmi.ldif
[root@slave1 ~]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/ppolicy.ldif
3. Configure domain settings
[root@slave1 ~]# more domain.ldif
dn: olcDatabase={1}monitor,cn=config changetype: modify replace: olcAccess olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.base="cn=admin,dc=hahashen,dc=com" read by * none
dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcSuffix olcSuffix: dc=hahashen,dc=com
dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcRootDN olcRootDN: cn=admin,dc=hahashen,dc=com
dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcRootPW olcRootPW: {SSHA}j5ipRNJU0Rej5xdw/SsnUZUjW/Jy3bQx
dn: olcDatabase={2}hdb,cn=config changetype: modify add: olcAccess olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=hahashen,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=hahashen,dc=com" write by * read
# Execute command to modify configuration
[root@slave1 ~]# ldapmodify -Y EXTERNAL -H ldapi:/// -f domain.ldif
Enable memberof module
Add refint.ldif and refint2.ldif files
[root@slave1 ~]# more refint1.ldif
dn: cn=module{0},cn=config add: olcmoduleload olcmoduleload: refint
[root@slave1 ~]# more refint2.ldif
dn: olcOverlay=refint,olcDatabase={2}hdb,cn=config objectClass: olcConfig objectClass: olcOverlayConfig objectClass: olcRefintConfig objectClass: top olcOverlay: refint olcRefintAttribute: memberof uniqueMember manager owner
Add base.ldif configuration file and apply
4. Install phpLDAPadmin
yum install -y phpldapadmin
Practical DevOps Architecture
Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.