0% found this document useful (0 votes)

53 views

Oleh: Idris Winarno

This document provides instructions for configuring LDAP on a server. It describes how to install and configure the LDAP server software slapd, configure the LDAP client libraries libnss-ldap and libpam-ldap, migrate existing user and group data into the LDAP database, secure the LDAP server with SSL/TLS encryption, and integrate LDAP with Apache web server authentication. The key steps include installing LDAP packages, configuring slapd.conf, migrating user data using migration tools, adding SSL certificates, and modifying Apache configuration to use LDAP authentication.

Uploaded by

and1delc

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

53 views

Oleh: Idris Winarno

Uploaded by

and1delc

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 21

LDAP

Oleh:
Idris Winarno
persiapan dan installasi paket
z apt-get remove --purge slapd ldap-utils libnss-ldap
libpam-ldap nscd migrationtools phpldapadmin
openssl
z rm -r /var/db
z apt-get install slapd ldap-utils libnss-ldap libpam-
ldap nscd migrationtools phpldapadmin openssl
Configurasi slapd
z masukkan password admin untuk slapd (harus di
ingat passwordnya!!!!!)
configurasi libnss-ldap
z URI untuk libnss-ldap: ldapi:///
configurasi libnss-ldap
z base domain: eepis-its.edu --> dc=eepis-its,dc=edu
configurasi libnss-ldap
z LDAP v3
configurasi libnss-ldap
z LDAP account for root: cn=admin,dc=eepis-
its,dc=edu
configurasi libpam-ldap
z Password for libpam-ldap root (harus di ingat
passwordnya !!!)
configurasi libpam-ldap
z LDAP account for root (libpam-ldap):
cn=admin,dc=eepis-its,dc=edu
configurasi libnss-ldap
z Password root untuk LDAP (harus di ingat
passwordnya !!!!)
configurasi libpam-ldap
z Make local root database: Yes
configurasi libpam-ldap
z Does the LDAP database require login: No
configurasi slapd.conf
z Edit /etc/ldap/slapd.conf
z Uncomment rootnd
z tambahkan rootpw (password) dibawah rootdn
Migrasi
z cd /usr/share/migrationtools
z Edit migrate_common.ph
$DEFAULT_MAIL_DOMAIN = "eepis-its.edu";
$DEFAULT_BASE = "dc=eepis-its,dc=edu";
z ./migrate_base.pl > /tmp/base.ldif
z ./migrate_passwd.pl /etc/passwd /tmp/passwd.ldif
z ./migrate_group.pl /etc/group /tmp/group.ldif
z /etc/init.d/slapd restart
menambahkan database ldap
z buka file /tmp/base.ldif dan hapus 4 baris pertama
z ldapadd -x -W -D ‘cn=admin,dc=eepis-its,dc=edu’ < /tmp/base.ldif
z ldapadd -x -W -D ‘cn=admin,dc=eepis-its,dc=edu’ < /tmp/passwd.ldif
z ldapadd -x -W -D ‘cn=admin,dc=eepis-its,dc=edu’ < /tmp/group.ldif
z cp -p /usr/share/doc/libpam-ldap/examples/pam.d/* /etc/pam.d
z apt-get install libpam-cracklib
z ln -s /lib/security/pam_unix.so /lib/security/pam_pwdb.so
Catatan: bisa juga menggunakan fasilitas import pada phpldapadmin
konfigurasi ldap client
z echo > /etc/pam_ldap.conf
z vim /etc/pam_ldap.conf
base dc=eepis-its,dc=edu
uri ldap://127.0.0.1/
ldap_version 3
rootbinddn cn=admin,dc=eepis-its,dc=edu
port 389
pam_password crypt
z cp /etc/pam_ldap.conf /etc/libnss-ldap.conf
z /etc/init.d/slapd restart
z /etc/init.d/nscd restart
Testing
z su – username
Debugging
z /etc/init.d/slapd stop
z slapd -u openldap -g openldap -d 999
LDAP + openSSL
z mkdir /etc/ldap/ssl
z cd /etc/ldap/ssl
z openssl req -new -x509 -nodes -out ldap.pem -
keyout ldap.pem -days 3650
z chmod 640 /etc/ldap/ssl/ldap.pem
z chmod 750 /etc/ldap/ssl
z chown -R root:openldap /etc/ldap/ssl
LDAP + openSSL
z Tambahkan konfigurasi berikut bagian paling atas
dari /etc/ldap/slapd.conf

TLSCACertificateFile /etc/ldap/ssl/ldap.pem
TLSCertificateFile /etc/ldap/ssl/ldap.pem
TLSCertificateKeyFile /etc/ldap/ssl/ldap.pem
TLSCipherSuite HIGH:+MEDIUM:!LOW
SSLVerifyClient none
LDAP + openSSL
z Edit file /etc/ldap/slapd.conf sehingga menjadi
access to attrs=userPassword,shadowLastChange
by tls_ssf=128 ssf=128 dn=”cn=admin,dc=example,dc=net” write
by tls_ssf=128 ssf=128 anonymous auth
by tls_ssf=128 ssf=128 self write
by * none

dan juga

access to *
by tls_ssf=128 ssf=128 dn=”cn=admin,dc=example,dc=net” write
by * read
Restart service slapd
Tugas
z Integrasikan LDAP dengan apache2

Quick Configuration of Openldap and Kerberos in Linux and Authenicating Linux to Active Directory
From Everand
Quick Configuration of Openldap and Kerberos in Linux and Authenicating Linux to Active Directory
Dr. Hidaia Mahmood Alassouli
No ratings yet
CD /etc/yum - Repos.d/ Wget Yum Install VLC
No ratings yet
CD /etc/yum - Repos.d/ Wget Yum Install VLC
3 pages
Reconfigure Slapd: Sudo Apt-Get Update Sudo Apt-Get Install Slapd Ldap-Utils
No ratings yet
Reconfigure Slapd: Sudo Apt-Get Update Sudo Apt-Get Install Slapd Ldap-Utils
3 pages
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hedaya Alasooly
No ratings yet
Authenticating Windows To OpenLDAP Server On Ubuntu 9
No ratings yet
Authenticating Windows To OpenLDAP Server On Ubuntu 9
17 pages
How To Install and Configure OpenLDAP and PhpLDAPadmin On An Ubuntu 14
No ratings yet
How To Install and Configure OpenLDAP and PhpLDAPadmin On An Ubuntu 14
8 pages
How To Install and Configure OpenLDAP and PhpLDAPadmin On An Ubuntu 14
No ratings yet
How To Install and Configure OpenLDAP and PhpLDAPadmin On An Ubuntu 14
12 pages
Setting Up of LDAP Server in Ubuntu 16.04
100% (1)
Setting Up of LDAP Server in Ubuntu 16.04
23 pages
Ldap Documentation 2021.8
No ratings yet
Ldap Documentation 2021.8
7 pages
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hidaia Mahmood Alassouli
No ratings yet
Ldap With Replication
No ratings yet
Ldap With Replication
12 pages
Ldap Abscisse
No ratings yet
Ldap Abscisse
3 pages
Step by Step OpenLDAP Server Configuration On CentOS 7
No ratings yet
Step by Step OpenLDAP Server Configuration On CentOS 7
5 pages
New Text Document
No ratings yet
New Text Document
3 pages
IT19115962 Lab-7 LDAP
No ratings yet
IT19115962 Lab-7 LDAP
7 pages
Open LDAP Server Linux
No ratings yet
Open LDAP Server Linux
4 pages
Lab OpenLDAP
No ratings yet
Lab OpenLDAP
5 pages
LDAPDescription
No ratings yet
LDAPDescription
16 pages
Bash Command Line Pro Tips
From Everand
Bash Command Line Pro Tips
Jason Cannon
4.5/5 (8)
Multi-Master Replication of OpenLDAP Server On CentOS 6.4
No ratings yet
Multi-Master Replication of OpenLDAP Server On CentOS 6.4
5 pages
LDAP Server Configuration RHEL7
No ratings yet
LDAP Server Configuration RHEL7
4 pages
Manual para Configurar Un Servidor Ldap
No ratings yet
Manual para Configurar Un Servidor Ldap
22 pages
OpenLdap Documentation1
No ratings yet
OpenLdap Documentation1
14 pages
Ldap Configuration With Tls
No ratings yet
Ldap Configuration With Tls
5 pages
Linux About Puppet Virtualization: /slapd.d/ Directory
No ratings yet
Linux About Puppet Virtualization: /slapd.d/ Directory
39 pages
LDAP
No ratings yet
LDAP
5 pages
Quick and Dirty Openldap Replication: A. Install Os and Ldap
No ratings yet
Quick and Dirty Openldap Replication: A. Install Os and Ldap
5 pages
Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services
From Everand
Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services
Matt Butcher
No ratings yet
KONFIGURASI Pada LINUX New
No ratings yet
KONFIGURASI Pada LINUX New
6 pages
Fisiere Modificate Ldap Client
No ratings yet
Fisiere Modificate Ldap Client
8 pages
Step-By-Step Openldap: On This Page
No ratings yet
Step-By-Step Openldap: On This Page
5 pages
Instalar Openldap en Ubuntu 20
No ratings yet
Instalar Openldap en Ubuntu 20
1 page
TP Ldap
No ratings yet
TP Ldap
3 pages
Basic OpenLdap Tutorial
No ratings yet
Basic OpenLdap Tutorial
5 pages
Nstalasi DNS Server: Debian: # Apt-Get Install Bind9
No ratings yet
Nstalasi DNS Server: Debian: # Apt-Get Install Bind9
6 pages
DRBD-Cookbook: How to create your own cluster solution, without SAN or NAS!
From Everand
DRBD-Cookbook: How to create your own cluster solution, without SAN or NAS!
Joerg Christian Seubert
No ratings yet
Ldap Authentication Config
No ratings yet
Ldap Authentication Config
10 pages
Konfigurasi Ubuntu 18.04
No ratings yet
Konfigurasi Ubuntu 18.04
4 pages
How To Set Up Open Ldap On Ubuntu 11
No ratings yet
How To Set Up Open Ldap On Ubuntu 11
4 pages
LDAP Configuration For RHEL 6 Server and Ubuntu 12.04 Client
No ratings yet
LDAP Configuration For RHEL 6 Server and Ubuntu 12.04 Client
4 pages
Step by Step Installation and Configuration Openldap Server
No ratings yet
Step by Step Installation and Configuration Openldap Server
4 pages
Konfigurasi Samba Sebagai PDC Dengan Client XP
No ratings yet
Konfigurasi Samba Sebagai PDC Dengan Client XP
10 pages
Linux Commands By Example
From Everand
Linux Commands By Example
Khaled Jamal
4.5/5 (3)
LDAP Centralize Login - Document
No ratings yet
LDAP Centralize Login - Document
7 pages
Build A Samba PDC With LDAP Backend - BSD Guides
No ratings yet
Build A Samba PDC With LDAP Backend - BSD Guides
11 pages
Ldapclient
No ratings yet
Ldapclient
5 pages
Open Ldap
No ratings yet
Open Ldap
6 pages
How to a Developers Guide to 4k: Developer edition, #3
From Everand
How to a Developers Guide to 4k: Developer edition, #3
Xinc Cyberwizard
No ratings yet
BSD Guides: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X
No ratings yet
BSD Guides: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X
9 pages
OpenLDAP Server Configuration On RHEL7
No ratings yet
OpenLDAP Server Configuration On RHEL7
6 pages
TP5.-CentOS OpenLDAP
No ratings yet
TP5.-CentOS OpenLDAP
7 pages
OpenLDAP Commands
No ratings yet
OpenLDAP Commands
11 pages
Chapter 26
No ratings yet
Chapter 26
34 pages
Install and Setup phpLDAPadmin On Ubuntu 20.04
No ratings yet
Install and Setup phpLDAPadmin On Ubuntu 20.04
1 page
The Mac Terminal Reference and Scripting Primer
From Everand
The Mac Terminal Reference and Scripting Primer
Jay Docherty
4.5/5 (3)
Agi Renaldi Xii-Tkj-A Laporan Adm. Server: SMKN 4 Padalarang
No ratings yet
Agi Renaldi Xii-Tkj-A Laporan Adm. Server: SMKN 4 Padalarang
10 pages
LKS2023
No ratings yet
LKS2023
5 pages
Openldap + Samba Domain Controller: Preface
No ratings yet
Openldap + Samba Domain Controller: Preface
12 pages
phpMyAdmin Starter
From Everand
phpMyAdmin Starter
Marc Delisle
No ratings yet
OpenLDAP Server
No ratings yet
OpenLDAP Server
12 pages

Oleh: Idris Winarno

Uploaded by

Oleh: Idris Winarno

Uploaded by

LDAP

You might also like