How to LDAP Implementation on Airmeet

From PheonixSolutions
Jump to navigation Jump to search

Install LDAP Server in Ubuntu 18.04 1

Add data to LDAP server: 1

Install LDAP Manager in Linux 3

Add User and groups in LDAP 4

Install and Configure LDAP client: 4

Install LDAP Server in Ubuntu 18.04

[edit]

Run the following commands to install LDAP Server. 

 apt-get update

 apt install slapd ldap-utils

During the installation, it will prompt to enter Administrator password. Please store this password and you may require this in future.

Run the below command to configure slapd. 

 dpkg-reconfigure slapd

For DNS name, enter the domain name. In our case, airmeet.com

Enter Organization Name and also enter the password which you created at the time of LDAP installation.

Select MDB database during the setup.

Add data to LDAP server:

[edit]

Create the file at any location. 

 vi ldap_data.ldif

 dn: ou=People,dc=airmeet,dc=com
 objectClass: organizationalUnit
 ou: People
 dn: ou=Groups,dc=airmeet,dc=com
 objectClass: organizationalUnit
 ou: Groups
 dn: cn=DEPARTMENT,ou=Groups,dc=airmeet,dc=com
 objectClass: posixGroup
 cn: SUBGROUP
 gidNumber: 5000
 dn: uid=USER,ou=People,dc=airmeet,dc=com
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 uid: dhanasekaran
 sn: NALLASAMY
 givenName: DHANASEKARAN
 cn: DHANASEKARAN
 displayName: DHANASEKARAN
 uidNumber: 10000
 gidNumber: 5000
 userPassword: USER
 gecos: FULLNAME

 loginShell: /bin/bash

homeDirectory: USERDIRECTORY

  • DEPARTMENT is a department or group you want to add.

  • SUBGROUP is a sub-group of the department.

  • USER is an actual user account on your system.

  • LASTNAME is the last name of the user.

  • FIRSTNAME is the first name of the user.

  • FULLNAME is the full name of the user.

  • DISPLAYNAME is the name you want displayed for the user.

  • USERDIRECTORY is the user's home directory on the Linux server.

Add this ldif to LDAP server by executing the below command

ldapadd -x -D cn=admin,dc=airmeet,dc=com -W -f ldap_data.ldif

root@ip-172-31-4-23:/etc/ldap# ldapadd -x -D cn=admin,dc=airmeet,dc=com -W -f ldap_data.ldif

Enter LDAP Password:

adding new entry "ou=People,dc=airmeet,dc=com"

adding new entry "ou=Groups,dc=airmeet,dc=com"

adding new entry "cn=DEVOPS,ou=Groups,dc=airmeet,dc=com"

adding new entry "uid=USER,ou=People,dc=airmeet,dc=com"

It will prompt for a password. Enter the password which we created previously.

ldapsearch -x -LLL -b dc=airmeet,dc=com 'uid=dhanasekaran cn gidNumber

root@ip-172-31-4-23:/etc/ldap# ldapsearch -x -LLL -b dc=airmeet,dc=com 'uid=dhanasekaran' cn gidNumber

dn: uid=USER,ou=People,dc=airmeet,dc=com

cn: DHANASEKARAN

gidNumber: 5000

Ref: https://www.techrepublic.com/article/how-to-install-openldap-on-ubuntu-18-04/

Install LDAP Manager in Linux

[edit]

Execute the following command to install LDAP manager in Linux 

 apt -y install apache2 php php-cgi libapache2-mod-php php-mbstring php-common php-pear

 a2enconf php7.2-cgi

 systemctl reload apache2

 apt -y install ldap-account-manager

Open the LDAP manager in the broser

http://<IP>/iam

Click on IAM Configuration

Select Edit Server Profiles

Under Server settings, enter the Server address as “ldap://ldap.airmeet.com:389”

In Tree Prefix, enter dc=airmeet,dc=com

Under Security settings, enter Login method “Fixed List”

List of valid user

cn=admin,dc=airmeet,dc=com

Switch “Account type” under Users

LDAP Suffix “ou=People,dc=airmeet,dc=com”

In Groups

LDAP Suffix “ou=Groups,dc=airmeet,dc=com

Click on Save Changes

Add User and groups in LDAP

[edit]

Login to the URL

http://IP/lam

Username: admin

Password:

Click Add User

Enter the information and Click on Save

Ref: https://computingforgeeks.com/how-to-install-and-configure-ldap-account-manager-on-ubuntu-18-04-ubuntu-16-04-lts/

Install and Configure LDAP client:

[edit]

Execute the below command in the client machine

apt install libnss-ldap libpam-ldap ldap-utils nscd

During the installation, it will ask for an LDAP server.

ldap://ldap.airmeet.com

Distinguished domain name as

dc=airmeet,dc=com

Select the LDAP version as 3

Enter the LDAP account as

cn=admin,dc=airmeet,dc=com

Enter the password

Update /etc/nsswitch.conf

passwd: compat systemd ldap

group: compat systemd ldap

Update /etc/pam.d/common-password config file

password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass

To create home directory 

 vi /etc/pam.d/common-session

 session optional pam_mkhomedir.so skel=/etc/skel umask=077

Execute the command 

 auth-client-config -t nss -p lac_ldap

Restart the service nscd 

 systemctl restart nscd

Execute the below command to fix the home directory issue in Ubuntu 18.04 

 pam-auth-update

Select “Create Home directory”

Ref:https://computingforgeeks.com/how-to-configure-ubuntu-18-04-ubuntu-16-04-lts-as-ldap-client/

Retrieved from "https://wiki.pheonixsolutions.com/index.php?title=How_to_LDAP_Implementation_on_Airmeet&oldid=2129"