Set up an LDAP server on Fedora - gHacks Tech News

Set up an LDAP server on Fedora

LDAP (Lightweight Directory Access Protocol) is one of the more complicated setups for a Linux machine. LDAP is to Linux what Active Directory is to Window. And if you have a lot of users on a network, which log into various machines, you will want something like LDAP in order to retain all of their information on a single, stored location.

But because LDAP is fairly complex, it is not often used except by those who have the lengthy period of time it takes to understand the task of getting an LDAP server up and running. That doesn't need to be the case, if you happen to have a Fedora server lying around. There is a tool, 389 Directory Server, that helps you to get this up and running quickly and easily.  In this article I am going to show you how to install and set up the 389 Directory Server.

Installation

The installation of 389 DS is simple. Just follow these steps:

  1. Open up a terminal window.
  2. Su to the root user.
  3. Issue the command yum install fedora-ds.
  4. Accept all of the dependencies.
  5. Wait for the installation to finish.

Now you are ready to begin. The configuration of 389 is done via command line. Once that is complete you can then manage your LDAP server with a nice GUI tool.

Configuration

Figure 1

The configuration takes place in the terminal window. To begin the process issue the command (as root) setup-ds-admin.pl. This will begin a process that will take about 14 steps. Each step looks similar to that in Figure 1.

The steps for the setup are:

1. Agree to license.

2. Set up warning alert.

3. Choose type of installation.

4. Configure fully qualified domain name for name.

5. Server user name.

6. Do you want to register this software with an existing configuration directory server?

7. Administrator ID.

8. Administration domain.

9. Server network port.

10. Directory server identifier (name).

11. Valid DN for your directory suffix.

12. Directory Manager DN.

13. Administration network port.

14. Save configuration and set up server.

The final step is basically writing your configurations to the config script and then starting the server. Once you have completed these steps, the hard part is over! Don't worry about not understanding any of the above explanations, as each step is clearly explained on its own screen (as shown in Figure 1).

Now that your setup is complete, you are ready to fire up the GUI admin tool.

The admin tool

Figure 2

The administration tool is started (as the root user) with the command 389-console. When you login to the admin tool you will need to use your admin username and password you created during the setup and the URL (including port number) you created (see Figure 2).

Figure 3

Once you have successfully logged in you will now be in the 389 Directory Server Management Console (see Figure 3). It is from within this console that you actually take care of all of the LDAP management (we'll save that for another article).

Final thoughts

If you've ever tried to set up LDAP manually then you know it can be a real pain. With tools like 389 Directory Server, this process has become exponentially easier. Give this a try and see if you have better luck setting up your LDAP server.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. M Awada said on August 25, 2010 at 2:04 pm
    Reply

    Great tool, i just saw it yesterday while am searching for MS AD alternative. But i should install LikeWise Open on the client in order to join the domain ?
    Or is there any built-in app or a trick ?

    1. Pieter said on September 7, 2010 at 4:30 pm
      Reply

      Google for Samba, Kerberos and joining a Windows AD domain. Here’s one article that explains how to do it: http://www.enterprisenetworkingplanet.com/netos/article.php/3487081/Join-Samba-3-to-Your–Active-Directory-Domain.htm

  2. walter said on August 26, 2010 at 9:16 pm
    Reply

    how about steps for ssl config and replication to at least one more server?

    1. Pieter said on September 7, 2010 at 4:32 pm
      Reply

      Have you read the deployment guide? Available here: http://www.redhat.com/docs/manuals/dir-server/8.1/deploy/index.html

  3. JUANPA said on September 20, 2010 at 11:25 pm
    Reply

    Hi!

    One cuestion. What client can use for Microsoft user?

    tks

  4. JUANPA said on October 1, 2010 at 9:56 pm
    Reply

    Hi!

    With samba its will run ! any idea? give me a light!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.