Set up an LDAP server on Fedora

Jack Wallen
Aug 25, 2010
Updated • Nov 28, 2012
Network
|
6

LDAP (Lightweight Directory Access Protocol) is one of the more complicated setups for a Linux machine. LDAP is to Linux what Active Directory is to Window. And if you have a lot of users on a network, which log into various machines, you will want something like LDAP in order to retain all of their information on a single, stored location.

But because LDAP is fairly complex, it is not often used except by those who have the lengthy period of time it takes to understand the task of getting an LDAP server up and running. That doesn't need to be the case, if you happen to have a Fedora server lying around. There is a tool, 389 Directory Server, that helps you to get this up and running quickly and easily.  In this article I am going to show you how to install and set up the 389 Directory Server.

Installation

The installation of 389 DS is simple. Just follow these steps:

  1. Open up a terminal window.
  2. Su to the root user.
  3. Issue the command yum install fedora-ds.
  4. Accept all of the dependencies.
  5. Wait for the installation to finish.

Now you are ready to begin. The configuration of 389 is done via command line. Once that is complete you can then manage your LDAP server with a nice GUI tool.

Configuration

Figure 1

The configuration takes place in the terminal window. To begin the process issue the command (as root) setup-ds-admin.pl. This will begin a process that will take about 14 steps. Each step looks similar to that in Figure 1.

The steps for the setup are:

1. Agree to license.

2. Set up warning alert.

3. Choose type of installation.

4. Configure fully qualified domain name for name.

5. Server user name.

6. Do you want to register this software with an existing configuration directory server?

7. Administrator ID.

8. Administration domain.

9. Server network port.

10. Directory server identifier (name).

11. Valid DN for your directory suffix.

12. Directory Manager DN.

13. Administration network port.

14. Save configuration and set up server.

The final step is basically writing your configurations to the config script and then starting the server. Once you have completed these steps, the hard part is over! Don't worry about not understanding any of the above explanations, as each step is clearly explained on its own screen (as shown in Figure 1).

Now that your setup is complete, you are ready to fire up the GUI admin tool.

The admin tool

Figure 2

The administration tool is started (as the root user) with the command 389-console. When you login to the admin tool you will need to use your admin username and password you created during the setup and the URL (including port number) you created (see Figure 2).

Figure 3

Once you have successfully logged in you will now be in the 389 Directory Server Management Console (see Figure 3). It is from within this console that you actually take care of all of the LDAP management (we'll save that for another article).

Final thoughts

If you've ever tried to set up LDAP manually then you know it can be a real pain. With tools like 389 Directory Server, this process has become exponentially easier. Give this a try and see if you have better luck setting up your LDAP server.

Advertisement

Previous Post: «
Next Post: «

Comments

  1. JUANPA said on October 1, 2010 at 9:56 pm
    Reply

    Hi!

    With samba its will run ! any idea? give me a light!

  2. JUANPA said on September 20, 2010 at 11:25 pm
    Reply

    Hi!

    One cuestion. What client can use for Microsoft user?

    tks

  3. walter said on August 26, 2010 at 9:16 pm
    Reply

    how about steps for ssl config and replication to at least one more server?

    1. Pieter said on September 7, 2010 at 4:32 pm
      Reply

      Have you read the deployment guide? Available here: http://www.redhat.com/docs/manuals/dir-server/8.1/deploy/index.html

  4. M Awada said on August 25, 2010 at 2:04 pm
    Reply

    Great tool, i just saw it yesterday while am searching for MS AD alternative. But i should install LikeWise Open on the client in order to join the domain ?
    Or is there any built-in app or a trick ?

    1. Pieter said on September 7, 2010 at 4:30 pm
      Reply

      Google for Samba, Kerberos and joining a Windows AD domain. Here’s one article that explains how to do it: http://www.enterprisenetworkingplanet.com/netos/article.php/3487081/Join-Samba-3-to-Your–Active-Directory-Domain.htm

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.