BestHub
search
Sign in
Operations 5 min read

Step-by-Step Installation of OpenLDAP Server and phpLDAPadmin on CentOS

This guide walks through disabling SELinux and the firewall, installing and configuring OpenLDAP server, setting up the phpLDAPadmin web console, adjusting Apache and phpLDAPadmin settings, and verifying the LDAP service on a CentOS system.

DevOps Cloud Academy
DevOps Cloud Academy
DevOps Cloud Academy
Step-by-Step Installation of OpenLDAP Server and phpLDAPadmin on CentOS

1. Install LDAP

Reference documentation: https://www.cnblogs.com/mascot1/p/10498392.html

1.1 Prerequisites

# Disable SELinux
vim /etc/sysconfig/selinux   # SELINUX=disabled
setenforce 0 

# Stop and disable firewall
systemctl stop firewalld
systemctl disable firewalld

1.2 Install LDAP

# Install LDAP tools
yum install -y openldap-servers openldap-clients migrationtools
slappasswd   # Follow prompts to generate and save the hashed password

# Configure database cache
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown -R ldap:ldap /var/lib/ldap/

# Test configuration file
slaptest -u   # Should output "configfile testing succeeded"

# Start LDAP service
systemctl start slapd.service
systemctl enable slapd.service

# Import schema templates
ls /etc/openldap/schema/*.ldif | xargs -I {} sudo ldapadd -Y EXTERNAL -H ldapi:/// -f {}

2. Install LDAP Console

2.1 Prerequisites

# Install Apache
yum -y install httpd

# Modify Apache configuration to allow .htaccess overrides
vim /etc/httpd/conf/httpd.conf   # Ensure "AllowOverride all" is set

# Start and enable Apache, then test
systemctl start httpd
systemctl enable httpd
curl 127.0.0.1

2.2 Install phpLDAPadmin

# Add EPEL repository (example configuration)
cat /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7Server/x86_64/
enabled=1
gpgcheck=0

# Install phpLDAPadmin
yum install phpldapadmin

2.3 Modify Configuration Files

# Edit phpLDAPadmin config
vim /etc/phpldapadmin/config.php
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array('dc=my-domain,dc=com'));
$servers->setValue('login','auth_type','session');
$servers->setValue('login','attr','dn');

# Comment out duplicate line if present
# $servers->setValue('login','attr','dn');

# Adjust Apache virtual host for phpLDAPadmin
vim /etc/httpd/conf.d/phpldapadmin.conf
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs
# Apache 2.4
    Require local
    Require ip 192.168.0
# Apache 2.2
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
    Allow from ::1
# Create base LDIF file
vim /etc/openldap/base.ldif

dn: dc=my-domain,dc=com
o: ldap
objectclass: dcObject
objectclass: organization
    dc: my-domain

2.4 Access Test

# Restart Apache to apply changes
service restart httpd

# Open a browser and navigate to the phpLDAPadmin interface
http://192.168.0.41/phpldapadmin

For the full source and further details, refer to the original GitHub document.

LinuxSystem AdministrationCentOSLDAPOpenLDAPphpLDAPadmin
DevOps Cloud Academy
Written by

DevOps Cloud Academy

Exploring industry DevOps practices and technical expertise.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment