Page 4 of 4 FirstFirst ... 234
Results 31 to 34 of 34

Thread: OpenLDAP Nightmare ubuntu 10.04 and 10.10

  1. #31
    Join Date
    Jan 2009
    Ubuntu 9.10 Karmic Koala

    Re: OpenLDAP Nightmare ubuntu 10.04 and 10.10

    I found your post by doing some preliminary research before setting up an LDAP on an existing Ubuntu server running 10.04. Should I even attempt it, or should I go a different route? Also, please comment back in this post when you post your comprehensive how-to. Finally, I read the entire thread, but I think I might have overlooked the part where you ask luvshines what type of beer he/she prefers

  2. #32
    Join Date
    Jul 2010

    Re: OpenLDAP Nightmare ubuntu 10.04 and 10.10

    I read this with a similar feeling of anger and disillusion, after only spending 3 hours, never mind 3 weeks.

    After many searches on google, I however came up with this Gem which just works (for me anyway)

    Make sure you edit the first few lines of the script, and you're good to go. I can't believe I've just fixed this in 5 minutes! Congrats to the guy who made that blog post because it's saved me loads of time. I'm installing it on Ubunutu 10.10 if that makes any difference.


  3. #33
    Join Date
    Sep 2010
    Indian Capital City
    Ubuntu 14.04 Trusty Tahr

    Re: OpenLDAP Nightmare ubuntu 10.04 and 10.10

    Haven't tried the new style configuration, but this is what I did to stick to the old style slapd.conf configuration, which was as easy as breathing
    # My /etc/default/slapd contents
    cat /etc/default/slapd | egrep -v "^#|^$"
    # I think I also did
    mkdir -p /var/run/slapd
    # Added these to /etc/init.d/slapd (because of a bug)
    # At the end of start_slapd {} function
    pidof /usr/sbin/slapd > "$SLAPD_PIDFILE"
    # At the end of stop_slapd {} function
    rm -f $SLAPD_PIDFILE
    # Copied samba.schema (comes with samba package) in /etc/ldap/schema
    # /etc/ldap/slapd.conf contents
    cat /etc/ldap/slapd.conf | egrep -v "^#|^$"
    include		/etc/ldap/schema/core.schema
    include		/etc/ldap/schema/cosine.schema
    include		/etc/ldap/schema/inetorgperson.schema
    include		/etc/ldap/schema/nis.schema
    include	        /etc/ldap/schema/samba.schema
    allow bind_v2
    moduleload back_bdb
    database	bdb
    suffix		dc=luvshines,dc=com
    rootdn		cn=manager,dc=luvshines,dc=com
    rootpw		secret
    index objectClass                       eq,pres
    index ou,cn,mail,surname,givenname      eq,pres,sub
    index uidNumber,gidNumber,loginShell    eq,pres
    index uid,memberUid                     eq,pres,sub
    index nisMapName,nisMapEntry            eq,pres,sub
    And that was it, got a working LDAP server

    Then you'll have to add some users and basic configuration(you can change this as per your need)

    First defined some basic tree structure
    # Create a file manager.ldif
    dn: dc=luvshines,dc=com
    objectclass: dcObject
    objectclass: organization
    o: ExampleCo
    dc: luvshines
    dn: cn=Manager,dc=luvshines,dc=com
    cn: Manager
    objectclass: organizationalRole
    dn: ou=People,dc=luvshines,dc=com
    ou: People
    objectClass: top
    objectClass: organizationalUnit
    dn: ou=Group,dc=luvshines,dc=com
    ou: Group
    objectClass: top
    objectClass: organizationalUnit
    Issued the command
    ldapadd -x -D cn=manager,dc=luvshines,dc=com -w secret -f manager.ldif
    Then added some users, created another file, testuser.ldif
    dn: cn=testgroup,ou=Group,dc=luvshines,dc=com
    objectClass: posixGroup
    objectClass: top
    cn: testgroup
    userPassword: testgroup
    gidNumber: 1000
    dn: uid=testuser,ou=People,dc=luvshines,dc=com
    cn: Test User
    uid: testuser
    objectClass: account
    objectClass: posixAccount
    objectClass: top
    objectClass: shadowAccount
    objectClass: sambaSamAccount
    userpassword: testpassword
    uidNumber: 1100
    gidNumber: 1000
    homeDirectory: /home
    sambaSID: S-1-0-1100
    sambaNTPassword: 82E6D500C194BA5B9716495691FB7DD6
    loginShell: /bin/bash
    sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
    sambaAcctFlags: [U          ]
    sambaPwdLastSet: 1263386096
    Again issued the command
    ldapadd -x -D cn=manager,dc=luvshines,dc=com -w secret -f testuser.ldif
    I generated the Samba stuff from script given here. I put in some fake SID, you can configure it as per your need

    The above ldif created a group testgroup and a user testuser with Samba password as 'test01' and userpassword as 'testpassword'

    Don't know if this helps neone or not, but I find it real simple to configure and use
    This doesn't have any ACL stuff nor includes any SSL/TLS stuff. You can add it as you proceed/learn. Also, I see no point in running into security considerations unless you really know what you are doing and why you are doing it. So learn it and then use it
    Last edited by luvshines; November 17th, 2010 at 04:41 PM.
    When you have eliminated the impossible, whatever remains, however improbable, must be the truth !!
    Mark it [SOLVED] if the issue has been resolved

  4. #34
    Join Date
    Aug 2010

    Re: OpenLDAP Nightmare ubuntu 10.04 and 10.10

    Has anyone got filtering aka host based authentication to work after the install?

    Here's my link:

Page 4 of 4 FirstFirst ... 234

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts