OpenLDAP Overview and Setup

Overview

This lesson introduces OpenLDAP, an open-source directory service, and guides you through installation and initial configuration on a Linux system.

OpenLDAP is a free, open-source directory service based on the Lightweight Directory Access Protocol (LDAP).
OpenLDAP works similarly to Microsoft Active Directory by managing users, groups, and access control.
LDAP Data Interchange Format (LDIF) is used to represent and exchange directory entries.
OpenLDAP is cross-platform (Linux, macOS, Windows), but Active Directory is preferred on Windows.

Directory entries can be managed via command line tools or GUI tools like phpLDAPadmin.
Command line allows for creating, authenticating, adding, and removing users, groups, and computers.
phpLDAPadmin provides a web-based interface similar to the Active Directory GUI.

Install OpenLDAP and utilities on Linux with:
sudo apt-get install slapd ldap-utils
During installation, set an administrator password when prompted.
To reconfigure settings, run:
sudo dpkg-reconfigure slapd
Configuration steps include:
- Do not omit LDAP server configuration.
- Set the DNS domain name (e.g., example.com).
- Set the organization name (e.g., example).
- Re-enter the administrator password.
- Choose database backend (mdb).
- Opt not to remove the database when purging slapd.
- Move the old database if prompted.
- Disallow LDAP version 2 protocol.

OpenLDAP — Open-source implementation of the Lightweight Directory Access Protocol (LDAP).
LDAP — Protocol for accessing and maintaining distributed directory information.
LDIF — LDAP Data Interchange Format, used to represent LDAP directory entries.
slapd — Standalone LDAP daemon; the OpenLDAP server process.
phpLDAPadmin — Web-based GUI tool for managing OpenLDAP directories.

Ensure OpenLDAP is installed and configured by completing the guided setup steps.
Explore using command line tools or phpLDAPadmin to manage directory entries.
Prepare for hands-on exercises managing users and groups in OpenLDAP.