Close Menu
    Ubuntu 22.04

    How to Install OpenLDAP on Ubuntu 22.04 or later version.

    Rajesh ShivamBy Updated:No Comments3 Mins Read

    OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol (LDAP). It is widely used for centralized authentication, user management, and storing directory information in enterprise environments. Installing and configuring OpenLDAP on Ubuntu 22.04 and later versions allows administrators to manage users, groups, and access controls efficiently.

    This guide provides clear and detailed instructions to install OpenLDAP, configure the directory structure, and verify the installation, ensuring a smooth setup for both beginners and experienced users.

    To install OpenLDAP on Ubuntu 22.04 or later, follow these detailed steps:

    Prerequisites

    • Ubuntu 22.04 or later
    • Root or sudo privileges
    • Basic knowledge of terminal commands

    ⚙️ Step 1: Update the System

    Before installing, ensure your system packages are updated using:

    sudo apt update
sudo apt upgrade -y

    🛠 Step 2: Install OpenLDAP Server and Utilities on Ubuntu 22.04

    Install the required packages using the following command:

    sudo apt install slapd ldap-utils -y
    • slapd → OpenLDAP Server
    • ldap-utils → Command-line tools for LDAP management

    📦 Step 3: Configure OpenLDAP

    After installation, the slapd package will prompt for initial configuration.

    1. Set Administrator Password: Provide a strong password for the admin user.
    2. Database Suffix: It is the domain name, for example:
      • For example.com, enter: dc=example,dc=com
    3. Confirm or Modify Database Configuration: Select defaults unless customization is needed.

    If the configuration prompt doesn’t appear, run it manually using:

    sudo dpkg-reconfigure slapd

    📁 Step 4: Verify Installation

    Check if the LDAP server is running:

    sudo systemctl status slapd
    • If it’s inactive, start it using: sudo systemctl start slapd

    Enable it to start on boot:

    sudo systemctl enable slapd

    🔎 Step 5: Test LDAP Server

    Use the following command to check if your LDAP server is responding:

    ldapsearch -x -b dc=example,dc=com -D "cn=admin,dc=example,dc=com" -W
    • -x → Simple authentication
    • -b → Base DN
    • -D → Bind DN (Admin Distinguished Name)
    • -W → Prompt for the admin password

    🧑‍💼 Step 6: Create LDAP Entries

    1. Create a file called base.ldif:
    sudo nano base.ldif
    1. Add the following content (replace example.com with your domain):
    dn: dc=example,dc=com
objectClass: top
objectClass: domain
dc: example

dn: cn=admin,dc=example,dc=com
objectClass: organizationalRole
cn: admin
    1. Import the file using:
    sudo ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f base.ldif
    • Enter your admin password when prompted.

    📊 Step 7: Add Organizational Units and Users

    Create an organization.ldif file:

    sudo nano organization.ldif

    Add this content:

    dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups

    Import the file:

    sudo ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f organization.ldif

    🚀 Final Tips

    • Confirm all configurations using ldapsearch.
    • Secure the LDAP server using firewalls (ufw) or configure SSL/TLS for encrypted connections.
    sudo ufw allow ldap
sudo ufw reload

    That’s it! You’ve successfully installed and configured OpenLDAP on Ubuntu 22.04 or later. If you have any further questions or issues, feel free to ask.

    Share.

    Rajesh Shivam is a seasoned professional with expertise in AWS and Linux System Administration. With over 10 years of freelancing experience, he brings a wealth of knowledge to the table. Rajesh has a strong passion for technology and stays connected with the latest happenings in the field. His dedication and expertise make him a trusted resource for all things tech-related.

    Related Posts

    Add A Comment
    Leave A Reply